This commit is contained in:
albert 2024-03-21 18:51:41 +09:00
parent 60b7f9525c
commit c32e803f2c
No known key found for this signature in database
GPG key ID: 64F6C4EB46C4543A
7 changed files with 29 additions and 30 deletions

View file

@ -32,7 +32,7 @@
# Helper function for generating container configs # Helper function for generating container configs
mkContainer = { mkContainer = {
container, hostname,
username ? "albert", username ? "albert",
desktop ? null, desktop ? null,
system ? "x86_64-linux", system ? "x86_64-linux",
@ -47,10 +47,10 @@
}: { }: {
autoStart = true; autoStart = true;
privateNetwork = false; privateNetwork = false;
specialArgs = { inherit pkgs pkgs-unstable container username desktop theme system repo unfree stateVersion; }; specialArgs = { inherit pkgs pkgs-unstable hostname username desktop theme system repo unfree stateVersion; };
config = { lib, config, pkgs, pkgs-unstable, container, username, desktop, theme, system, repo, stateVersion, ... }: { config = { lib, config, pkgs, pkgs-unstable, hostname, username, desktop, theme, system, repo, stateVersion, ... }: {
system.stateVersion = stateVersion; system.stateVersion = stateVersion;
imports = [ ../nixos/containers/${container} ]; imports = [ ../nixos/containers ];
}; };
}; };

View file

@ -1,13 +1,13 @@
{lib, pkgs, config, ...}: { {lib, ... }: {
# Enable networking with NetworkManager
# Enable networking with NetworkManager
networking = { networking = {
networkmanager = { networkmanager = {
enable = true; enable = true;
}; };
useDHCP = lib.mkDefault true; useDHCP = lib.mkDefault true;
enableIPv6 = lib.mkForce false; # enableIPv6 = lib.mkForce false;
firewall = { firewall = {
enable = true; enable = true;
allowedTCPPorts = [ ]; allowedTCPPorts = [ ];
@ -15,7 +15,8 @@
}; };
}; };
boot.kernel.sysctl = { # boot.kernel.sysctl = {
"net.ipv6.conf.all.disable_ipv6" = true; # "net.ipv6.conf.all.disable_ipv6" = true;
}; # };
} }

View file

@ -1,4 +1,4 @@
{ inputs, config, lib, pkgs, modulesPath, hostname, ... }: { { hostname, ... }: {
# Generic Tailscale configs are in /nixos/common/services/tailscale.nix # Generic Tailscale configs are in /nixos/common/services/tailscale.nix
# Set up the secrets file: # Set up the secrets file:
sops.secrets."tailscale_key" = { sops.secrets."tailscale_key" = {

View file

@ -0,0 +1,11 @@
{ hostname, username, ... }: {
import = [
./${hostname}
../users/${username}
../common/modules/nixos.nix
../common/modules/networking.nix
../common/services/tailscale-autoconnect.nix
];
networking.hostname = "${hostname}";
}

View file

@ -1,26 +1,13 @@
{ pkgs, username, stateVersion, desktop, ... }: { { hostname, username, desktop, ... }: {
imports = [ imports = [
# ../../common/desktops/${desktop} ../../common/desktops/${desktop}
../../users/${username}
../../common/modules/nixos.nix
../../common/modules/networking.nix
../../common/services/tailscale-autoconnect.nix
]; ];
networking.hostName = "${hostname}";
networking.firewall.allowedTCPPorts = [ 3389 ]; networking.firewall.allowedTCPPorts = [ 3389 ];
services.xserver = {
enable = true;
desktopManager = {
xterm.enable = false;
xfce.enable = true;
};
displayManager.defaultSession = "xfce";
};
services.xrdp = { services.xrdp = {
enable = true; enable = true;
openFirewall = true; openFirewall = true;
defaultWindowManager = "xfce4-session";
}; };
} }

View file

@ -3,6 +3,6 @@ let
libx = import ../../../lib {inherit self inputs outputs stateVersion hmStateVersion pkgs-unstable pkgs; }; libx = import ../../../lib {inherit self inputs outputs stateVersion hmStateVersion pkgs-unstable pkgs; };
in { in {
containers = { containers = {
rdesktop = libx.mkContainer { container = "rdesktop"; desktop = "xfce"; unfree = true;}; rdesktop = libx.mkContainer { hostname = "rdesktop"; desktop = "xfce"; unfree = true;};
}; };
} }

View file

@ -1,4 +1,4 @@
{ self, inputs, outputs, username, stateVersion, hmStateVersion, config, lib, pkgs, modulesPath, system, ... }: { { inputs, config, lib, pkgs, modulesPath, system, ... }: {
imports = [ imports = [
inputs.nixos-hardware.nixosModules.framework-13th-gen-intel inputs.nixos-hardware.nixosModules.framework-13th-gen-intel
(modulesPath + "/installer/scan/not-detected.nix") (modulesPath + "/installer/scan/not-detected.nix")