Fix gitea ssh
This commit is contained in:
parent
2d75a0350b
commit
76701010b3
SSH key fingerprint:
SHA256:ZMn464IW7rXrbHpTgo8zEwRNqsMmHVuVMDFHzK99smI
5 changed files with 51 additions and 13 deletions
|
|
@ -240,6 +240,8 @@ in
|
|||
zellij
|
||||
zstd
|
||||
neovim
|
||||
lazydocker
|
||||
lazygit
|
||||
];
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -66,6 +66,7 @@
|
|||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
fclones
|
||||
curl
|
||||
fish
|
||||
figlet
|
||||
|
|
@ -141,7 +142,7 @@
|
|||
fish.enable = true;
|
||||
gnupg.agent = {
|
||||
enable = true;
|
||||
enableSSHSupport = true;
|
||||
# enableSSHSupport = true; # breaks gitea foo
|
||||
pinentryPackage = lib.mkForce pkgs.pinentry-qt;
|
||||
};
|
||||
};
|
||||
|
|
|
|||
|
|
@ -44,17 +44,6 @@
|
|||
"enabled" = "yes";
|
||||
};
|
||||
};
|
||||
|
||||
configDir = {
|
||||
"stream.conf" = pkgs.writeText "stream.conf" ''
|
||||
[8fcb63b3-8361-4339-a010-fc459c2132b0]
|
||||
enabled = yes
|
||||
default history = 36000
|
||||
default memory mode = dbengine
|
||||
health enabled by default = auto
|
||||
allow from = 192.*
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
networking.firewall.allowedTCPPortRanges = [
|
||||
|
|
|
|||
|
|
@ -23,6 +23,9 @@
|
|||
cryptsetup
|
||||
];
|
||||
|
||||
users.groups.git = {
|
||||
gid = 974;
|
||||
};
|
||||
users.users = {
|
||||
root.openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHowJtKj3ohrYjyeWwQ8Lj6UMSPI390SwLRuVIlojcGM tristand@nixos-desk"
|
||||
|
|
@ -33,6 +36,15 @@
|
|||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKokTPK/Gm30kqFAd+u5AT0BL7bG/eNt6pmGf40U8j03 arch-h1"
|
||||
];
|
||||
|
||||
git = {
|
||||
uid = 974;
|
||||
group = "git";
|
||||
isSystemUser = true;
|
||||
homeMode = "700";
|
||||
createHome = true;
|
||||
home = "/home/git";
|
||||
shell = "/home/git/ssh-shell";
|
||||
};
|
||||
tristand = {
|
||||
isNormalUser = true;
|
||||
description = "tristand";
|
||||
|
|
@ -68,6 +80,22 @@
|
|||
|
||||
inherit pkgs config inputs system lib;
|
||||
};
|
||||
users.git = {
|
||||
home = {
|
||||
stateVersion = "23.11";
|
||||
username = "git";
|
||||
homeDirectory = "/home/git";
|
||||
file."ssh-shell" = {
|
||||
enable = true;
|
||||
executable = true;
|
||||
text = ''
|
||||
#!/bin/sh
|
||||
shift
|
||||
ssh -p 2222 -o StrictHostKeyChecking=no git@127.0.0.1 "SSH_ORIGINAL_COMMAND=\"$SSH_ORIGINAL_COMMAND\" $@"
|
||||
'';
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
nix.settings.system-features = [
|
||||
|
|
@ -106,7 +134,7 @@
|
|||
enable = true;
|
||||
ssh = {
|
||||
enable = true;
|
||||
port = 2222;
|
||||
port = 22;
|
||||
hostKeys = [
|
||||
/etc/nixos/ext/ssh/ssh_host_ed25519_key
|
||||
/etc/nixos/ext/ssh/ssh_host_rsa_key
|
||||
|
|
@ -136,6 +164,13 @@
|
|||
cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
};
|
||||
|
||||
services.netdata.config = {
|
||||
web = {
|
||||
"bind to" = "0.0.0.0";
|
||||
"allow connections from" = "172.*";
|
||||
};
|
||||
};
|
||||
|
||||
zramSwap.enable = true;
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -67,6 +67,17 @@
|
|||
|
||||
services.qemuGuest.enable = true;
|
||||
|
||||
services.netdata.configDir = {
|
||||
"stream.conf" = pkgs.writeText "stream.conf" ''
|
||||
[8fcb63b3-8361-4339-a010-fc459c2132b0]
|
||||
enabled = yes
|
||||
default history = 36000
|
||||
default memory mode = dbengine
|
||||
health enabled by default = auto
|
||||
allow from = 192.*
|
||||
'';
|
||||
};
|
||||
|
||||
# Define a user account. Don't forget to set a password with ‘passwd’.
|
||||
users.users.reopen5194 = {
|
||||
isNormalUser = true;
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue