From 46baaa4ecca0b7a753bd2aef952c7bd2dfec1245 Mon Sep 17 00:00:00 2001 From: s-prechtl Date: Mon, 31 Mar 2025 13:59:36 +0200 Subject: [PATCH] feat: ssh + karasumaru --- hosts/hitsugibune/configuration.nix | 3 +- hosts/karasumaru/configuration.nix | 40 +++++++++++++++++++++ hosts/karasumaru/hardware-configuration.nix | 38 ++++++++++++++++++++ 3 files changed, 80 insertions(+), 1 deletion(-) create mode 100644 hosts/karasumaru/configuration.nix create mode 100644 hosts/karasumaru/hardware-configuration.nix diff --git a/hosts/hitsugibune/configuration.nix b/hosts/hitsugibune/configuration.nix index 503559a..01b0150 100644 --- a/hosts/hitsugibune/configuration.nix +++ b/hosts/hitsugibune/configuration.nix @@ -28,8 +28,9 @@ in { services.openssh = { enable = true; + # Disables SSH login via password, public key authentication is enabled settings = { - PasswordAuthentication = true; + PasswordAuthentication = false; PermitRootLogin = "prohibit-password"; }; }; diff --git a/hosts/karasumaru/configuration.nix b/hosts/karasumaru/configuration.nix new file mode 100644 index 0000000..8fd83b8 --- /dev/null +++ b/hosts/karasumaru/configuration.nix @@ -0,0 +1,40 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page, on +# https://search.nixos.org/options and in the NixOS manual (`nixos-help`). + +{ config, lib, pkgs, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + ]; + + # Use the extlinux boot loader. (NixOS wants to enable GRUB by default) + boot.loader.grub.enable = false; + # Enables the generation of /boot/extlinux/extlinux.conf + boot.loader.generic-extlinux-compatible.enable = true; + + networking.hostName = "karasumaru"; + + time.timeZone = "Europe/Vienna"; + + + environment.systemPackages = with pkgs; [ + vim + wget + git + ]; + + services.openssh = { + enable = true; + settings = { + PasswordAuthentication = false; + PermitRootLogin = "prohibit-password"; + }; + }; + + system.stateVersion = "24.11"; + +} + diff --git a/hosts/karasumaru/hardware-configuration.nix b/hosts/karasumaru/hardware-configuration.nix new file mode 100644 index 0000000..cdeab07 --- /dev/null +++ b/hosts/karasumaru/hardware-configuration.nix @@ -0,0 +1,38 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888"; + fsType = "ext4"; + }; + + fileSystems."/mnt" = + { device = "/dev/disk/by-uuid/2178-694E"; + fsType = "vfat"; + options = [ "fmask=0022" "dmask=0022" ]; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enu1u1u1.useDHCP = lib.mkDefault true; + # networking.interfaces.wlan0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux"; +}