From a7e171392f9ca073e1cb33f4c8d049262f25981e Mon Sep 17 00:00:00 2001 From: Miguel Date: Wed, 10 Nov 2021 14:50:33 +0100 Subject: various --- nix/nixops/comet/configuration.nix | 34 ++++++++++++++++------------------ 1 file changed, 16 insertions(+), 18 deletions(-) (limited to 'nix/nixops/comet') diff --git a/nix/nixops/comet/configuration.nix b/nix/nixops/comet/configuration.nix index 9f5a255..78ceaa6 100644 --- a/nix/nixops/comet/configuration.nix +++ b/nix/nixops/comet/configuration.nix @@ -1,6 +1,4 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). +# Consult "man 5 configuration.nix" & "nixos-help" { config, pkgs, ... }: @@ -9,19 +7,14 @@ in { # HARDWARE SCAN RESULTS - imports = - [ - ./hardware-configuration.nix - ]; - + imports = [ ./hardware-configuration.nix ]; # SYS PACKAGES - environment.systemPackages = with pkgs; [mc highlight adminer icinga2 monitoring-plugins tmux]; - + environment.systemPackages = with pkgs; [mc highlight adminer icinga2 monitoring-plugins tmux htop]; - # compare with nginx etc and publish this shit (along instructions how to run with mariadb+icingaweb2 admin + # compare with nginx etc and consider publishing this shit (along instructions how to run with mariadb+icingaweb2 admin..) environment.etc = with pkgs; - let defaultIcinga2Const= builtins.readFile "${icinga2}/etc/icinga2/constants.conf"; + let defaultIcinga2Const = builtins.readFile "${icinga2}/etc/icinga2/constants.conf"; in { "icinga2/features-available".source="${icinga2}/etc/icinga2/features-available"; @@ -58,14 +51,14 @@ in wantedBy=[ "multi-user.target" ]; }; - # AUTOMATIC uPGRADES - system.autoUpgrade.enable = true; - system.autoUpgrade.allowReboot = true; + # AUTOMATIC UPGRADES + # system.autoUpgrade.enable = true; + # system.autoUpgrade.allowReboot = true; # USERS / GROUPS / SSH services.openssh = { enable = true; - permitRootLogin = "yes"; + permitRootLogin = "prohibit-password"; passwordAuthentication = false; }; @@ -149,7 +142,7 @@ in root = "/var/www/comet.softwarefools.com"; }; - # ICINGA + # ICINGAWEB2 services.icingaweb2.enable = true; services.icingaweb2.modules.monitoring.enable = false; services.icingaweb2.virtualHost = "icinga.softwarefools.com"; @@ -190,11 +183,11 @@ in # Use the GRUB 2 boot loader. boot.loader.grub.enable = true; boot.loader.grub.version = 2; + boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only # boot.loader.grub.efiSupport = true; # boot.loader.grub.efiInstallAsRemovable = true; # boot.loader.efi.efiSysMountPoint = "/boot/efi"; # Define on which hard drive you want to install Grub. - boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only networking.hostName = "comet"; # Define your hostname. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. @@ -204,6 +197,11 @@ in # replicates the default behaviour. networking.useDHCP = false; networking.interfaces.ens3.useDHCP = true; + networking.interfaces.ens3.ipv6.addresses = [ { "address" = "2a01:4f8:121:4322::5"; + "prefixLength" = 64; + } + ]; + networking.defaultGateway6 = { address = "fe80::1"; interface = "ens3"; }; # Configure network proxy if necessary # networking.proxy.default = "http://user:password@proxy:port/"; -- cgit v1.2.3