Simplify: Git hooks via nix flake check (no systemd, no activation, deleted module)
This commit is contained in:
@@ -38,8 +38,7 @@ in
|
||||
../../modules/ssh/hardened-openssh.nix
|
||||
(import ../../modules/secrets { inherit lib inputs config; })
|
||||
../../modules/docker
|
||||
# ../../modules/syncthing
|
||||
../../modules/git-hooks
|
||||
../../modules/syncthing
|
||||
];
|
||||
|
||||
home-manager.users.${username} = import ../../home/hosts/andromache {
|
||||
@@ -56,6 +55,73 @@ in
|
||||
ssh.username = username;
|
||||
ssh.authorizedHosts = [ "astyanax" ];
|
||||
|
||||
ssh.authorizedHosts = [ "astyanax" ];
|
||||
|
||||
secrets.username = username;
|
||||
docker.user = username;
|
||||
|
||||
nix.settings.secret-key-files = [ config.sops.secrets.nix_signing_key_andromache.path ];
|
||||
|
||||
disko.devices = {
|
||||
disk.data = {
|
||||
type = "disk";
|
||||
device = "/dev/nvme0n1";
|
||||
content = {
|
||||
type = "gpt";
|
||||
partitions = {
|
||||
data = {
|
||||
size = "100%";
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "ext4";
|
||||
mountpoint = "/data";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
hardware = {
|
||||
cpu.intel.updateMicrocode = true;
|
||||
graphics.enable = true;
|
||||
nvidia = {
|
||||
modesetting.enable = true;
|
||||
powerManagement.enable = true;
|
||||
powerManagement.finegrained = false;
|
||||
open = true;
|
||||
nvidiaSettings = true;
|
||||
package = config.boot.kernelPackages.nvidiaPackages.stable;
|
||||
};
|
||||
};
|
||||
|
||||
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
|
||||
|
||||
environment.systemPackages = [
|
||||
inputs.colmena.packages.${pkgs.system}.colmena
|
||||
];
|
||||
|
||||
services = {
|
||||
xserver = {
|
||||
videoDrivers = [ "nvidia" ];
|
||||
};
|
||||
|
||||
openssh = {
|
||||
enable = true;
|
||||
harden = true;
|
||||
};
|
||||
|
||||
locate = {
|
||||
enable = true;
|
||||
package = pkgs.plocate;
|
||||
};
|
||||
};
|
||||
|
||||
networking.hostName = hostName;
|
||||
|
||||
ssh.username = username;
|
||||
ssh.authorizedHosts = [ "astyanax" ];
|
||||
|
||||
secrets.username = username;
|
||||
docker.user = username;
|
||||
|
||||
|
||||
@@ -40,8 +40,7 @@ in
|
||||
# ../../modules/vpn/wireguard.nix
|
||||
(import ../../modules/secrets { inherit lib inputs config; })
|
||||
../../modules/docker
|
||||
# ../../modules/syncthing
|
||||
../../modules/git-hooks
|
||||
../../modules/syncthing
|
||||
];
|
||||
|
||||
home-manager.users.${username} = import ../../home/hosts/astyanax {
|
||||
|
||||
@@ -11,12 +11,14 @@ in
|
||||
imports = [
|
||||
./hard.nix
|
||||
../../modules/ssh/hardened-openssh.nix
|
||||
../../modules/git-hooks
|
||||
];
|
||||
|
||||
services.git-hooks = {
|
||||
enable = true;
|
||||
};
|
||||
ssh.username = username;
|
||||
ssh.publicHostname = "eetion";
|
||||
ssh.authorizedHosts = [
|
||||
"andromache"
|
||||
"astyanax"
|
||||
];
|
||||
|
||||
ssh.username = username;
|
||||
ssh.publicHostname = "eetion";
|
||||
|
||||
@@ -20,13 +20,8 @@ in
|
||||
./hard.nix
|
||||
../../modules/ssh/hardened-openssh.nix
|
||||
../../modules/docker
|
||||
../../modules/git-hooks
|
||||
];
|
||||
|
||||
services.git-hooks = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
networking.hostName = hostName;
|
||||
ssh.username = username;
|
||||
ssh.publicHostname = "server.hektormisplon.xyz";
|
||||
|
||||
@@ -29,13 +29,8 @@ in
|
||||
(import ../../modules/secrets {
|
||||
inherit lib inputs config;
|
||||
})
|
||||
../../modules/git-hooks
|
||||
];
|
||||
|
||||
services.git-hooks = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
home-manager.users.${username} = import ../../home/hosts/vm {
|
||||
inherit inputs config pkgs;
|
||||
};
|
||||
|
||||
Reference in New Issue
Block a user