diff --git a/home-mods/shell/default.nix b/home-mods/shell/default.nix index ed5f17d..98eb008 100644 --- a/home-mods/shell/default.nix +++ b/home-mods/shell/default.nix @@ -240,6 +240,8 @@ in zellij zstd neovim + lazydocker + lazygit ]; }; } diff --git a/os-mods/common/default.nix b/os-mods/common/default.nix index f8f5504..9ad368e 100644 --- a/os-mods/common/default.nix +++ b/os-mods/common/default.nix @@ -66,6 +66,7 @@ }; environment.systemPackages = with pkgs; [ + fclones curl fish figlet @@ -141,7 +142,7 @@ fish.enable = true; gnupg.agent = { enable = true; - enableSSHSupport = true; + # enableSSHSupport = true; # breaks gitea foo pinentryPackage = lib.mkForce pkgs.pinentry-qt; }; }; diff --git a/os-mods/netdata/default.nix b/os-mods/netdata/default.nix index def6513..9c08135 100644 --- a/os-mods/netdata/default.nix +++ b/os-mods/netdata/default.nix @@ -44,17 +44,6 @@ "enabled" = "yes"; }; }; - - configDir = { - "stream.conf" = pkgs.writeText "stream.conf" '' - [8fcb63b3-8361-4339-a010-fc459c2132b0] - enabled = yes - default history = 36000 - default memory mode = dbengine - health enabled by default = auto - allow from = 192.* - ''; - }; }; networking.firewall.allowedTCPPortRanges = [ diff --git a/systems/nixos-he4/default.nix b/systems/nixos-he4/default.nix index 7985e19..171f9fd 100644 --- a/systems/nixos-he4/default.nix +++ b/systems/nixos-he4/default.nix @@ -23,6 +23,9 @@ cryptsetup ]; + users.groups.git = { + gid = 974; + }; users.users = { root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHowJtKj3ohrYjyeWwQ8Lj6UMSPI390SwLRuVIlojcGM tristand@nixos-desk" @@ -33,6 +36,15 @@ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKokTPK/Gm30kqFAd+u5AT0BL7bG/eNt6pmGf40U8j03 arch-h1" ]; + git = { + uid = 974; + group = "git"; + isSystemUser = true; + homeMode = "700"; + createHome = true; + home = "/home/git"; + shell = "/home/git/ssh-shell"; + }; tristand = { isNormalUser = true; description = "tristand"; @@ -68,6 +80,22 @@ inherit pkgs config inputs system lib; }; + users.git = { + home = { + stateVersion = "23.11"; + username = "git"; + homeDirectory = "/home/git"; + file."ssh-shell" = { + enable = true; + executable = true; + text = '' + #!/bin/sh + shift + ssh -p 2222 -o StrictHostKeyChecking=no git@127.0.0.1 "SSH_ORIGINAL_COMMAND=\"$SSH_ORIGINAL_COMMAND\" $@" + ''; + }; + }; + }; }; nix.settings.system-features = [ @@ -106,7 +134,7 @@ enable = true; ssh = { enable = true; - port = 2222; + port = 22; hostKeys = [ /etc/nixos/ext/ssh/ssh_host_ed25519_key /etc/nixos/ext/ssh/ssh_host_rsa_key @@ -136,6 +164,13 @@ cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; }; + services.netdata.config = { + web = { + "bind to" = "0.0.0.0"; + "allow connections from" = "172.*"; + }; + }; + zramSwap.enable = true; }; } diff --git a/systems/nixos-karl-kvm-guest/default.nix b/systems/nixos-karl-kvm-guest/default.nix index 9c269f9..2abb182 100644 --- a/systems/nixos-karl-kvm-guest/default.nix +++ b/systems/nixos-karl-kvm-guest/default.nix @@ -67,6 +67,17 @@ services.qemuGuest.enable = true; + services.netdata.configDir = { + "stream.conf" = pkgs.writeText "stream.conf" '' + [8fcb63b3-8361-4339-a010-fc459c2132b0] + enabled = yes + default history = 36000 + default memory mode = dbengine + health enabled by default = auto + allow from = 192.* + ''; + }; + # Define a user account. Don't forget to set a password with ‘passwd’. users.users.reopen5194 = { isNormalUser = true;