2016-08-26 20:14:24 +02:00
|
|
|
|
# Edit this configuration file to define what should be installed on
|
|
|
|
|
# your system. Help is available in the configuration.nix(5) man page
|
|
|
|
|
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
|
|
|
|
|
|
|
|
|
{ config, pkgs, lib, ... }:
|
|
|
|
|
let
|
|
|
|
|
secrets = import <secrets>;
|
|
|
|
|
in
|
|
|
|
|
{
|
|
|
|
|
imports =
|
|
|
|
|
[ # Include the results of the hardware scan.
|
2017-02-02 17:22:03 +01:00
|
|
|
|
../physical/nuc.nix
|
2016-08-26 20:14:24 +02:00
|
|
|
|
../roles/common.nix
|
2017-01-26 14:45:11 +01:00
|
|
|
|
../roles/collectd.nix
|
2016-08-26 20:14:24 +02:00
|
|
|
|
../modules/tor-hidden-service.nix
|
|
|
|
|
../roles/graphical.nix
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
networking.hostName = secrets.hostnames.woodhouse;
|
|
|
|
|
|
|
|
|
|
# The NixOS release to be compatible with for stateful data such as databases.
|
2016-09-17 16:02:14 +02:00
|
|
|
|
system.stateVersion = "16.09";
|
2016-08-26 20:14:24 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
services.xserver = {
|
2016-09-17 16:02:14 +02:00
|
|
|
|
# displayManager.slim.autoLogin = true; # TODO: debug this
|
2016-08-26 20:14:24 +02:00
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
2017-02-02 16:31:19 +01:00
|
|
|
|
|
2016-08-26 20:14:24 +02:00
|
|
|
|
services.tor.hiddenServices = [
|
|
|
|
|
{ name = "ssh";
|
|
|
|
|
port = 22;
|
|
|
|
|
hostname = secrets.tor_hostnames."ssh.woodhouse";
|
|
|
|
|
private_key = "/run/keys/torkeys/ssh.woodhouse.key"; }
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
system.fsPackages = [ pkgs.sshfsFuse ];
|
|
|
|
|
fileSystems."/mnt/frumar" = {
|
|
|
|
|
# todo: "ServerAliveCountMax=3" "ServerAliveInterval=30"
|
|
|
|
|
|
|
|
|
|
device = "${pkgs.sshfsFuse}/bin/sshfs#yorick@" + secrets.hostnames.frumar + ":/data/yorick";
|
|
|
|
|
fsType = "fuse";
|
|
|
|
|
options = ["noauto" "x-systemd.automount" "_netdev" "users" "idmap=user"
|
|
|
|
|
"defaults" "allow_other" "transform_symlinks" "default_permissions"
|
|
|
|
|
"uid=1000"
|
|
|
|
|
"reconnect" "IdentityFile=/root/.ssh/id_sshfs"];
|
|
|
|
|
};
|
2017-04-28 18:09:47 +02:00
|
|
|
|
fileSystems."/mnt/oxygen" = {
|
|
|
|
|
device = "${pkgs.sshfsFuse}/bin/sshfs#yorick@oxygen.obfusk.ch:";
|
2016-08-26 20:14:24 +02:00
|
|
|
|
fsType = "fuse";
|
|
|
|
|
options = ["noauto" "x-systemd.automount" "_netdev" "users" "idmap=user"
|
|
|
|
|
"defaults" "allow_other" "transform_symlinks" "default_permissions"
|
|
|
|
|
"uid=1000"
|
|
|
|
|
"reconnect" "IdentityFile=/root/.ssh/id_sshfs" "port=15777"];
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
networking.firewall.allowedTCPPorts = [7 8080 9090 9777]; # kodi
|
|
|
|
|
|
|
|
|
|
}
|