diff options
Diffstat (limited to 'machines/109-199-104-83')
| -rw-r--r-- | machines/109-199-104-83/configuration.nix | 55 |
1 files changed, 8 insertions, 47 deletions
diff --git a/machines/109-199-104-83/configuration.nix b/machines/109-199-104-83/configuration.nix index 58215fe..32f9ffa 100644 --- a/machines/109-199-104-83/configuration.nix +++ b/machines/109-199-104-83/configuration.nix @@ -1,40 +1,22 @@ { + config, modulesPath, machine, ... }: { system.stateVersion = "25.11"; nix.settings.experimental-features = ["flakes" "nix-command"]; - imports = [(modulesPath + "/profiles/qemu-guest.nix")]; - fileSystems = { - "/" = { - device = "none"; - fsType = "tmpfs"; - options = ["defaults" "size=30%" "mode=755"]; - }; - "/mnt" = { - device = "/dev/sda1"; - fsType = "ext4"; - }; - "/boot" = { - device = "/mnt/boot"; - fsType = "none"; - options = ["bind"]; - }; - "/nix" = { - device = "/mnt/nix"; - fsType = "none"; - options = ["bind"]; - }; + fileSystems."/" = { + device = "/dev/sda1"; + fsType = "ext4"; }; boot.loader.grub.device = "/dev/sda"; boot.loader.timeout = 30; - boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"]; + boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "xen_blkfront"]; boot.initrd.kernelModules = ["nvme"]; boot.tmp.cleanOnBoot = true; zramSwap.enable = true; - networking = { useNetworkd = true; usePredictableInterfaceNames = true; @@ -56,29 +38,8 @@ dns = ["2620:fe::fe" "9.9.9.9"]; }; }; - - services.openssh = { - enable = true; - allowSFTP = false; - ports = [22 5522]; - settings = { - PermitRootLogin = "no"; - PasswordAuthentication = false; - KbdInteractiveAuthentication = true; - }; - }; - environment.persistence."/nix/persist" = { - enable = true; - hideMounts = true; - directories = [ - "/var/log" - "/var/lib/nixos" - "/var/lib/systemd/coredump" - "/etc/NetworkManager/system-connections" - ]; - files = [ - "/etc/machine-id" - ]; - }; + services.openssh.enable = true; + users.mutableUsers = false; + users.users.root.openssh.authorizedKeys.keys = [config.pub-keys.ssh.andromeda]; programs.noshell.enable = true; } |