40 lines
1.9 KiB
Nix
40 lines
1.9 KiB
Nix
{ ... }:
|
|
{
|
|
imports = [
|
|
<nixpkgs/nixos/modules/profiles/qemu-guest.nix>
|
|
];
|
|
|
|
boot.loader.grub.device = "/dev/sda";
|
|
boot.cleanTmpDir = true;
|
|
|
|
fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; label = "root"; };
|
|
|
|
networking.firewall.allowPing = true;
|
|
networking.hostName = (builtins.readFile (builtins.fetchurl "http://169.254.169.254/hetzner/v1/metadata/hostname"));
|
|
|
|
services.openssh.enable = true;
|
|
services.cloud-init.enable = true;
|
|
|
|
security.sudo.wheelNeedsPassword = false;
|
|
|
|
# The created service `nixos-rebuild.service` can be used to trigger an unattended configuration change
|
|
# See https://nixos.org/manual/nixos/stable/#sec-changing-config
|
|
#
|
|
# `systemctl start nixos-rebuild` := `nixos-rebuild switch`
|
|
systemd.services.nixos-rebuild = {
|
|
serviceConfig.Type = "oneshot";
|
|
script = ''
|
|
/run/current-system/sw/bin/nixos-rebuild switch -I nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos/nixpkgs -I nixos-config=/etc/nixos/configuration.nix
|
|
'';
|
|
};
|
|
|
|
users.extraUsers.operator = {
|
|
isNormalUser = true;
|
|
uid = 1000;
|
|
extraGroups = [ "wheel" ];
|
|
openssh.authorizedKeys.keys = [
|
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCAOgDVmgLQ1tEiE7kXoLu14wLW0LoYbNPsKae0DlMeWJe6JcR8HkQnSZm3aFEt30SmaFDtXcw3fyur0wByrIh0cFMUsdiO4e4B+Gke/vTc4/51rfjjzsA/1zipWnD5Yf0lO6KqE6Vm2uTejJ7NIRume3c2nlLCZ/Ajt0GqYwIuMOOGZSA5o/pNKiH88GyW9C+kI0kIOwswMHHQ5bFmpWttTy8JNI0iC4FzcQrAFIMUPTsM2kphJyqTPMGoztzRX64HSfmdr43MfLEWtIWvUXcYiazXFCTfXrStUS/z1GN2kOGvmr6fcC4MX3zhJF9WETRjM0VTFHJbERAQOmw3P87oAK759l0eHGiS7bbmX2hNLz6LLOCmPpaih5TaFp3NjMnVlEd1bGzZC4mgmFqxMUtx8Uqyd3zr3Wlp+u4zHaNiNhZo0USsIzagcdmeGIuXT1deyjnpbJVesixTMcttm6rlhVd4/McO972bP+4qtPSVZcGZd6d01TgK16fXp1WybuO6SpaLUIYcnimM+/zeanJkfgtA419xkZqEHvBf80/RTqmX/NTree8vHBVFSxla2Ru4RDBpGnbDKUYpRFeP9SMSkpGtdjZK45U7ffikK+UdXr24Nl6NFeFFs/PW5gOibfPzTJwpLqeu4E8xXXyakRSHW8aa+BtuV8WKFB4e/4dSQ=="
|
|
];
|
|
};
|
|
}
|