mirror of
https://github.com/ivabus/nixos
synced 2024-11-22 16:35:06 +03:00
Migrate to chrony + add ntp-server role + minor fixes
Signed-off-by: Ivan Bushchik <ivabus@ivabus.dev>
This commit is contained in:
parent
df1d8f4f80
commit
00abc64e54
6 changed files with 19 additions and 3 deletions
|
@ -36,7 +36,7 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
services.timesyncd.enable = true;
|
services.chrony.enable = true;
|
||||||
networking.timeServers = [ "ntp1.vniiftri.ru" "0.ru.pool.ntp.org" "0.pool.ntp.org" ];
|
networking.timeServers = [ "ntp1.vniiftri.ru" "0.ru.pool.ntp.org" "0.pool.ntp.org" ];
|
||||||
|
|
||||||
# Useful tools
|
# Useful tools
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
{ config, pkgs, ... }:
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
secrets = import ../secrets.nix;
|
my = import ../.;
|
||||||
in rec {
|
in rec {
|
||||||
users.mutableUsers = false;
|
users.mutableUsers = false;
|
||||||
|
|
||||||
|
@ -30,7 +30,7 @@ in rec {
|
||||||
# Celerrime
|
# Celerrime
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCgZJjP2BRycxcR53sriaityzT24f+umMO8iz/xUvWRUJpgwA4WJyqgKwxuIhKYPUZ7e3H/vVPrt3ZqAaqoFM7OildtcXyRskwinuAxE6lhOEE69s1M3iqCXbrTM9YluMlrvf7yd4edInH0jdlCTwuZOY+yisrGU+nOpSSuJgcwlme2fv1pQtKgTQpqz1GflIaXm5415Do4okanNlfuAJXix7ic0PkaLN0gTtONqwJR1W3hkF8hnlHV49t8QvrJHgQptbVdDgd9f96+a6OL6y/6rixnEU23yuC29lWxSwrixwC0xY+/CjhMlDzXqvePG55vC4K5UQypKcvMOCLV/0z9s5m0ca5mvS9eqPDcUj2+9r7VFaL0IdZl4i7eG9JJSS4h/22Or7CdU9Dv0kiMYP3HLiihjS/lrQVEEYpEMr3DmhSnij5DeGZFmMRM2UN5ZqR7/QhkslhQg340ik6ZENjpxuQ9rQino5XRK52DoUiLHleKI/ibBHQ4LiREvX9muyM= ivabus@celerrime"
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCgZJjP2BRycxcR53sriaityzT24f+umMO8iz/xUvWRUJpgwA4WJyqgKwxuIhKYPUZ7e3H/vVPrt3ZqAaqoFM7OildtcXyRskwinuAxE6lhOEE69s1M3iqCXbrTM9YluMlrvf7yd4edInH0jdlCTwuZOY+yisrGU+nOpSSuJgcwlme2fv1pQtKgTQpqz1GflIaXm5415Do4okanNlfuAJXix7ic0PkaLN0gTtONqwJR1W3hkF8hnlHV49t8QvrJHgQptbVdDgd9f96+a6OL6y/6rixnEU23yuC29lWxSwrixwC0xY+/CjhMlDzXqvePG55vC4K5UQypKcvMOCLV/0z9s5m0ca5mvS9eqPDcUj2+9r7VFaL0IdZl4i7eG9JJSS4h/22Or7CdU9Dv0kiMYP3HLiihjS/lrQVEEYpEMr3DmhSnij5DeGZFmMRM2UN5ZqR7/QhkslhQg340ik6ZENjpxuQ9rQino5XRK52DoUiLHleKI/ibBHQ4LiREvX9muyM= ivabus@celerrime"
|
||||||
];
|
];
|
||||||
hashedPassword = secrets.hashed-password;
|
hashedPassword = my.secrets.hashed-password;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
rec {
|
rec {
|
||||||
common = import ./common;
|
common = import ./common;
|
||||||
roles = import ./roles;
|
roles = import ./roles;
|
||||||
|
secrets = import ./secrets.nix;
|
||||||
|
|
||||||
modules = { pkgs, ... }: {
|
modules = { pkgs, ... }: {
|
||||||
imports = [
|
imports = [
|
||||||
|
|
|
@ -20,6 +20,7 @@ in {
|
||||||
graphical.enable = false;
|
graphical.enable = false;
|
||||||
latex.enable = false;
|
latex.enable = false;
|
||||||
media-client.enable = false;
|
media-client.enable = false;
|
||||||
|
ntp-server.enable = true;
|
||||||
torrent.enable = false;
|
torrent.enable = false;
|
||||||
virtualisation.enable = false;
|
virtualisation.enable = false;
|
||||||
yggdrasil-client.enable = true;
|
yggdrasil-client.enable = true;
|
||||||
|
|
|
@ -6,6 +6,7 @@
|
||||||
./graphical.nix
|
./graphical.nix
|
||||||
./latex.nix
|
./latex.nix
|
||||||
./media-client.nix # TODO: media-server
|
./media-client.nix # TODO: media-server
|
||||||
|
./ntp-server.nix
|
||||||
./torrent.nix
|
./torrent.nix
|
||||||
./virtualisation.nix
|
./virtualisation.nix
|
||||||
./yggdrasil-client.nix
|
./yggdrasil-client.nix
|
||||||
|
|
13
roles/ntp-server.nix
Normal file
13
roles/ntp-server.nix
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
{ config, pkgs, lib, ... }:
|
||||||
|
|
||||||
|
let
|
||||||
|
cfg = config.my.roles.ntp-server;
|
||||||
|
in {
|
||||||
|
options.my.roles.ntp-server.enable = lib.mkEnableOption "Enable NTP server";
|
||||||
|
config = lib.mkIf (cfg.enable) {
|
||||||
|
services.chrony.extraConfig = ''
|
||||||
|
allow 192.168.0.0/16
|
||||||
|
'';
|
||||||
|
networking.firewall.allowedUDPPorts = [ 123 ];
|
||||||
|
};
|
||||||
|
}
|
Loading…
Reference in a new issue