petersweb-infra/nixos/hetzner.nix

64 lines
1.3 KiB
Nix
Raw Normal View History

2024-11-15 22:00:01 -09:00
{modulesPath, ...}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
(modulesPath + "/profiles/qemu-guest.nix")
];
# Fixes iotop
boot.kernel.sysctl = {"kernel.task_delayacct" = 1;};
boot.loader.grub = {
2026-05-04 09:54:02 -08:00
enable = true;
device = "/dev/sda";
efiSupport = false;
};
fileSystems."/" = {
device = "/dev/disk/by-uuid/aaf104ce-4851-40d9-aeea-bebb5684f8c4";
fsType = "ext4";
2024-11-15 22:00:01 -09:00
};
2026-05-04 22:48:19 -08:00
networking.useDHCP = false;
systemd.network = {
enable = true;
networks."10-enp1s0" = {
matchConfig.Name = "enp1s0";
networkConfig.DHCP = "ipv4";
dhcpV4Config = {
UseGateway = false;
UseRoutes = false;
};
routes = [
{routeConfig = {Gateway = "172.31.1.1"; GatewayOnLink = true;};}
];
};
};
2024-11-15 22:00:01 -09:00
services.openssh = {
enable = true;
2025-11-15 15:13:33 -09:00
settings.PasswordAuthentication = true;
2025-11-15 14:50:42 -09:00
settings.PermitRootLogin = "yes";
2025-11-15 15:41:04 -09:00
settings.AllowUsers = [ "root" ];
2024-11-15 22:00:01 -09:00
extraConfig = ''
PrintLastLog no
'';
hostKeys = [
{
bits = 4096;
path = "/etc/ssh/ssh_host_rsa_key";
type = "rsa";
}
{
path = "/etc/ssh/ssh_host_ed25519_key";
type = "ed25519";
}
# For secrets
{
path = "/root/.ssh/id_rsa_nix";
type = "ed25519";
}
];
};
}