ivabus/nixos
1
0
Fork 0
mirror of https://github.com/ivabus/nixos synced 2024-11-10 02:25:18 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity

Migrate to chrony + add ntp-server role + minor fixes

Browse source 
Signed-off-by: Ivan Bushchik <ivabus@ivabus.dev>
This commit is contained in:
Ivan Bushchik 2023-09-02 22:14:13 +03:00
parent df1d8f4f80
commit 00abc64e54
No known key found for this signature in database
GPG key ID: 2F16FBF3262E090C
6 changed files with 19 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
common/networking.nix
View file

@ -36,7 +36,7 @@
}; };
}; };
services.timesyncd.enable = true; services.chrony.enable = true;
networking.timeServers = [ "ntp1.vniiftri.ru" "0.ru.pool.ntp.org" "0.pool.ntp.org" ]; networking.timeServers = [ "ntp1.vniiftri.ru" "0.ru.pool.ntp.org" "0.pool.ntp.org" ];
# Useful tools # Useful tools

4
common/user.nix
View file

@ -1,7 +1,7 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
let let
secrets = import ../secrets.nix; my = import ../.;
in rec { in rec {
users.mutableUsers = false; users.mutableUsers = false;
@ -30,7 +30,7 @@ in rec {
# Celerrime # Celerrime
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCgZJjP2BRycxcR53sriaityzT24f+umMO8iz/xUvWRUJpgwA4WJyqgKwxuIhKYPUZ7e3H/vVPrt3ZqAaqoFM7OildtcXyRskwinuAxE6lhOEE69s1M3iqCXbrTM9YluMlrvf7yd4edInH0jdlCTwuZOY+yisrGU+nOpSSuJgcwlme2fv1pQtKgTQpqz1GflIaXm5415Do4okanNlfuAJXix7ic0PkaLN0gTtONqwJR1W3hkF8hnlHV49t8QvrJHgQptbVdDgd9f96+a6OL6y/6rixnEU23yuC29lWxSwrixwC0xY+/CjhMlDzXqvePG55vC4K5UQypKcvMOCLV/0z9s5m0ca5mvS9eqPDcUj2+9r7VFaL0IdZl4i7eG9JJSS4h/22Or7CdU9Dv0kiMYP3HLiihjS/lrQVEEYpEMr3DmhSnij5DeGZFmMRM2UN5ZqR7/QhkslhQg340ik6ZENjpxuQ9rQino5XRK52DoUiLHleKI/ibBHQ4LiREvX9muyM= ivabus@celerrime" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCgZJjP2BRycxcR53sriaityzT24f+umMO8iz/xUvWRUJpgwA4WJyqgKwxuIhKYPUZ7e3H/vVPrt3ZqAaqoFM7OildtcXyRskwinuAxE6lhOEE69s1M3iqCXbrTM9YluMlrvf7yd4edInH0jdlCTwuZOY+yisrGU+nOpSSuJgcwlme2fv1pQtKgTQpqz1GflIaXm5415Do4okanNlfuAJXix7ic0PkaLN0gTtONqwJR1W3hkF8hnlHV49t8QvrJHgQptbVdDgd9f96+a6OL6y/6rixnEU23yuC29lWxSwrixwC0xY+/CjhMlDzXqvePG55vC4K5UQypKcvMOCLV/0z9s5m0ca5mvS9eqPDcUj2+9r7VFaL0IdZl4i7eG9JJSS4h/22Or7CdU9Dv0kiMYP3HLiihjS/lrQVEEYpEMr3DmhSnij5DeGZFmMRM2UN5ZqR7/QhkslhQg340ik6ZENjpxuQ9rQino5XRK52DoUiLHleKI/ibBHQ4LiREvX9muyM= ivabus@celerrime"
]; ];
hashedPassword = secrets.hashed-password; hashedPassword = my.secrets.hashed-password;
}; };

1
default.nix
View file

@ -1,6 +1,7 @@
rec { rec {
common = import ./common; common = import ./common;
roles = import ./roles; roles = import ./roles;
secrets = import ./secrets.nix;
modules = { pkgs, ... }: { modules = { pkgs, ... }: {
imports = [ imports = [

1
machines/rubusidaeus/default.nix
View file

@ -20,6 +20,7 @@ in {
graphical.enable = false; graphical.enable = false;
latex.enable = false; latex.enable = false;
media-client.enable = false; media-client.enable = false;
ntp-server.enable = true;
torrent.enable = false; torrent.enable = false;
virtualisation.enable = false; virtualisation.enable = false;
yggdrasil-client.enable = true; yggdrasil-client.enable = true;

1
roles/default.nix
View file

@ -6,6 +6,7 @@
./graphical.nix ./graphical.nix
./latex.nix ./latex.nix
./media-client.nix # TODO: media-server ./media-client.nix # TODO: media-server
./ntp-server.nix
./torrent.nix ./torrent.nix
./virtualisation.nix ./virtualisation.nix
./yggdrasil-client.nix ./yggdrasil-client.nix

13
roles/ntp-server.nix Normal file
View file

@ -0,0 +1,13 @@
{ config, pkgs, lib, ... }:
let
cfg = config.my.roles.ntp-server;
in {
options.my.roles.ntp-server.enable = lib.mkEnableOption "Enable NTP server";
config = lib.mkIf (cfg.enable) {
services.chrony.extraConfig = ''
allow 192.168.0.0/16
'';
networking.firewall.allowedUDPPorts = [ 123 ];
};
}