natto1784/dotfiles
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Satori: clear up services

Browse Source
This commit is contained in:
Amneesh Singh
2022-02-01 21:52:39 +05:30
parent fd7dfff321
commit b729daba56
3 changed files with 5 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
hosts/satori/networking.nix
View File

@@ -22,7 +22,7 @@
wireguard.interfaces.wg0 = { wireguard.interfaces.wg0 = {
ips = [ "10.55.0.3/32" ]; ips = [ "10.55.0.3/32" ];
listenPort = 17840; listenPort = 17840;
privateKeyFile = "/var/wg"; privateKeyFile = "/var/secrets/wg.key";
peers = [ peers = [
{ {
#Oracle VM1 #Oracle VM1

48
hosts/satori/services.nix
View File

@@ -2,43 +2,6 @@
{ {
services = { services = {
/* openvpn.servers = {
satori = {
config = ''
remote weirdnatto.in
dev tun
ifconfig 10.55.0.3 10.55.0.1
secret /var/secrets/openvpn.key
'';
};
};*/
vault-agent = {
enable = false;
settings = {
vault = {
address = "https://10.55.0.2:8800";
client_cert = "/var/certs/cert.pem";
client_key = "/var/certs/key.pem";
};
auto_auth = {
method = [
{
"cert" = {
name = "Satori";
};
}
];
};
template = [
{
source = pkgs.writeText "openvpn.tpl" ''
{{ with secret "kv/openvpn" }}{{ .Data.data.secret }}{{ end }}
'';
destination = "/var/secrets/openvpn.key";
}
];
};
};
tor.enable = true; tor.enable = true;
logmein-hamachi.enable = true; logmein-hamachi.enable = true;
openssh = { openssh = {
@@ -49,24 +12,19 @@
udev.extraRules = '' udev.extraRules = ''
ACTION=="add|change", KERNEL=="sda", ATTR{queue/rotational}=="0", ATTR{queue/scheduler}="bfq" ACTION=="add|change", KERNEL=="sda", ATTR{queue/rotational}=="0", ATTR{queue/scheduler}="bfq"
''; '';
mysql = {
enable = true;
package = pkgs.mysql;
};
}; };
systemd.services = { systemd.services = {
tor.wantedBy = lib.mkForce [ ]; tor.wantedBy = lib.mkForce [ ];
mysql.wantedBy = lib.mkForce [ ];
logmein-hamachi.wantedBy = lib.mkForce [ ]; logmein-hamachi.wantedBy = lib.mkForce [ ];
openssh.wantedBy = lib.mkForce [ ]; openssh.wantedBy = lib.mkForce [ ];
#printing.wantedBy = lib.mkForce []; #printing.wantedBy = lib.mkForce [];
#vault.wantedBy = lib.mkForce []; #vault.wantedBy = lib.mkForce [];
}; };
security.pki.certificateFiles = [ ../../cert.pem ]; security.pki.certificateFiles = [ ../../cert.pem ];
/* virtualisation.libvirtd = { virtualisation.libvirtd = {
enable = true; enable = true;
onBoot = "ignore"; onBoot = "ignore";
onShutdown = "shutdown"; onShutdown = "shutdown";
qemuRunAsRoot = false; qemu.runAsRoot = true;
};*/ };
} }

2
hosts/satori/stuff.nix
View File

@@ -31,13 +31,13 @@
}; };
fonts.fonts = with pkgs; [ fonts.fonts = with pkgs; [
fira-mono fira-mono
noto-fonts-cjk
lohit-fonts.devanagari lohit-fonts.devanagari
lohit-fonts.gurmukhi lohit-fonts.gurmukhi
nerdfonts nerdfonts
font-awesome font-awesome
monoid monoid
office-code-pro office-code-pro
noto-fonts-cjk
]; ];
users.users.natto = { users.users.natto = {
isNormalUser = true; isNormalUser = true;