albert/nix
albert/nix
1
0
Fork 0
Code Issues Pull requests Activity Actions

Configuring linode and xrdp

Browse source
This commit is contained in:
iFargle 2023-12-05 22:01:33 +09:00
parent 318820f3eb
commit 69bbbd5162
4 changed files with 17 additions and 46 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
nixos/hosts/framework-server/rdesktop.nix
View file

@ -9,7 +9,7 @@
enable = true; enable = true;
defaultWindowManager = "${pkgs.xfce.xfce4-session}/bin/startxfce4"; defaultWindowManager = "${pkgs.xfce.xfce4-session}/bin/startxfce4";
openFirewall = true; openFirewall = true;
# confDir = "/etc/xrdp/conf"; confDir = "/etc/xrdp/conf";
}; };
environment.systemPackages = [ environment.systemPackages = [

2
nixos/hosts/framework-server/wireguard.nix
View file

@ -21,7 +21,7 @@
privateKeyFile = "/run/secrets/wireguard_keys/framework-server"; privateKeyFile = "/run/secrets/wireguard_keys/framework-server";
# Testing # Testing
peers = [ peers = [
{ # osaka-vultr-01 { # osaka-linode-01
publicKey = "yPZ3EmmIqCkReXf1DRTxzVaKQ2k+ifGmYJHji5nnMmE="; publicKey = "yPZ3EmmIqCkReXf1DRTxzVaKQ2k+ifGmYJHji5nnMmE=";
presharedKeyFile = "/run/secrets/wireguard_keys/preshared_key"; presharedKeyFile = "/run/secrets/wireguard_keys/preshared_key";
persistentKeepalive = 5; persistentKeepalive = 5;

21
nixos/hosts/osaka-linode-01/default.nix
View file

@ -1,19 +1,28 @@
{ config, lib, pkgs, modulesPath, desktop, username, ... }: { { config, lib, pkgs, modulesPath, desktop, username, ... }: {
imports = [ imports = [
(modulesPath + "/profiles/qemu-guest.nix")
./firewall.nix ./firewall.nix
./wireguard.nix ./wireguard.nix
]; ];
boot.loader.grub = true;
boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_scsi" "ahci" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/disk/by-label/nixos";
fsType = "ext4";
};
swapDevices = [ { device = "/dev/disk/by-label/linode-swap"; } ];
# Distributed Builds # Distributed Builds
nix.distributedBuilds = true; nix.distributedBuilds = true;
nixpkgs.config.allowUnfree = false; nixpkgs.config.allowUnfree = false;
boot.initrd.availableKernelModules = [ "ata_piix" "ohci_pci" "virtio_pci" "virtio_blk" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "iptable_nat" "iptable_filter" "xt_nat" ];
boot.extraModulePackages = [ ];
virtualisation.hypervGuest.enable = true;
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
time.timeZone = "Asia/Tokyo"; time.timeZone = "Asia/Tokyo";

38
nixos/hosts/osaka-linode-01/disks.nix
View file

@ -1,38 +0,0 @@
{
boot.loader.grub.enableCryptodisk = true;
disko.devices.disk.vda = {
device = "/dev/vda";
type = "disk";
content = {
type = "gpt";
partitions = {
boot = {
size = "1M";
type = "EF02";
}; # partitions.boot
ESP = {
size = "500M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
}; # ESP
luks = {
size = "100%";
content = {
type = "luks";
name = "crypted";
extraOpenArgs = [ "--allow-discards" ];
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
}; # content
}; # content
}; # luks.partitions
}; # partitions
}; # content
}; # disko.devices.disk.vda
}