Compare commits

..

3 commits

Author SHA1 Message Date
root
0154d6a00d upgrade to 24.05 2024-05-31 23:39:19 +02:00
root
b6851441d4 users 2024-05-31 23:13:35 +02:00
root
ffd261ab2d pastila: wip letsencrypt setup 2024-05-31 13:41:26 +02:00
7 changed files with 53 additions and 20 deletions

View file

@ -29,7 +29,7 @@
htop htop
tmux tmux
bmon bmon
nixfmt nixfmt-classic
ncdu ncdu
git git
tig tig

View file

@ -2,16 +2,16 @@
"nodes": { "nodes": {
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1716633019, "lastModified": 1717144377,
"narHash": "sha256-xim1b5/HZYbWaZKyI7cn9TJCM6ewNVZnesRr00mXeS4=", "narHash": "sha256-F/TKWETwB5RaR8owkPPi+SPJh83AQsm6KrQAlJ8v/uA=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "9d29cd266cebf80234c98dd0b87256b6be0af44e", "rev": "805a384895c696f802a9bf5bf4720f37385df547",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "NixOS",
"ref": "nixos-23.11", "ref": "nixos-24.05",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }

View file

@ -1,5 +1,5 @@
{ {
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11"; inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05";
outputs = { self, nixpkgs, ... }@attrs: { outputs = { self, nixpkgs, ... }@attrs: {
nixosConfigurations."oven" = nixpkgs.lib.nixosSystem { nixosConfigurations."oven" = nixpkgs.lib.nixosSystem {

View file

@ -1,13 +0,0 @@
{ config, lib, pkgs, ... }:
{
users.users.armael = {
isNormalUser = true;
extraGroups = [ ];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBvPrmxY7H6t4ah7d0e7/Jt9RkrPHI1MREukOSSwaqlp armael@teabox"
];
};
}

View file

@ -9,8 +9,9 @@ in
../common/configuration.nix ../common/configuration.nix
./hardware-configuration.nix ./hardware-configuration.nix
./backups.nix ./backups.nix
./armael.nix ./users.nix
./gitolite.nix ./gitolite.nix
./letsencrypt.nix
]; ];
# Use the GRUB 2 boot loader. # Use the GRUB 2 boot loader.
@ -56,6 +57,7 @@ in
weechat weechat
transmission transmission
tremc tremc
poezio
]; ];
# This option defines the first version of NixOS you have installed on this particular machine, # This option defines the first version of NixOS you have installed on this particular machine,

25
pastila/letsencrypt.nix Normal file
View file

@ -0,0 +1,25 @@
{ config, lib, pkgs, ... }:
{
security.acme = {
acceptTerms = true;
defaults.email = "armael@deuxfleurs.fr";
defaults.dnsProvider = "gandiv5";
defaults.credentialFiles = {
"GANDIV5_PERSONAL_ACCESS_TOKEN_FILE" = "/etc/secrets/acme/gandi_access_token";
"GANDIV5_API_KEY_FILE" = "/etc/secrets/acme/gandi_api_key";
};
# certs."isomorphis.me" = {};
# certs."mail" = {
# domain = "smtp.isomorphis.me";
# extraDomainNames = [
# "imap.isomorphis.me"
# "smtp.tremeg.net"
# "imap.tremeg.net"
# "smtp.gueneau.me"
# "imap.gueneau.me"
# ];
# };
certs."pastila.isomorphis.me" = {};
};
}

19
pastila/users.nix Normal file
View file

@ -0,0 +1,19 @@
{ config, lib, pkgs, ... }:
{
users.users."armael" = {
isNormalUser = true;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBvPrmxY7H6t4ah7d0e7/Jt9RkrPHI1MREukOSSwaqlp armael@teabox"
];
};
users.users."brouette" = {
isNormalUser = true;
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDamkuh7rHjg0CIb4dCgOBQU/52bGfugOaDHuhu9gOkDFKjtsWCdlMFXBYvEsV0bst3gh0ULhXC5C3TEosvrGxw0VX2VoQOF3DXSVpgwWTTgBpQKtV+uOfv1Wl12cpKPLhS90uAFSD1h88yOZtGD7P/TBAy9PMCOLBrcXXwh8/CfqpetY2Q7navh95E+AxMarJ7p6evYjcq+shsvsWBbo9pKJMnOXUc/nMnD/je0HxSlmHPssye1v0zRHFCFpxQ9ulYwn4MRkTK0+aQxcNQFP/l1CqBIhTxTDaNsWDLAxUW7ZLxJbF6ljXT1ZLWz3XeYm/+vGe/iJFSk7j/TtTlMpM3TviViKz5OeqhsqRvTftTycEW5+kmry8hL4gV4BylOc+kgSXAo7jUiWS3o/1OLbpkImI+nzwXd3ToUQ6H4M21kC4PG+yg9xjNbRuCihiaGDuG1/9QU1oLVWkFk/RlhcbYkz/uZ1f35Es+cPkU3dand6msMplMeGpDK2jX6L6fnzk= jledent@GLaDOS"
];
};
}