diff --git a/hosts/yodaNas/configuration.nix b/hosts/yodaNas/configuration.nix new file mode 100644 index 0000000..5e0ebdf --- /dev/null +++ b/hosts/yodaNas/configuration.nix @@ -0,0 +1,69 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running `nixos-help`). + +{ config, pkgs, ... }: +let + # Import Home Manager with niv. + home-manager = (import ../../nix/sources.nix).home-manager; + #home-manager-source = import (import ../../nix/sources.nix).home-manager {}; +in +{ + # Paths to other modules. + # Compose this module out of smaller ones. + # https://nixos.wiki/wiki/NixOS_modules + imports = + [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + # Home Manager. + (import "${home-manager}/nixos") + #home-manager-source.nixos + ../../modules/home-manager.nix + # NUR. + ../../modules/nur.nix + # Device specific. + ../../modules/yodaNas.nix + + ../../modules/base.nix + #../../modules/base-gnome.nix + #../../modules/programs.nix + #../../modules/autostart.nix + #../../modules/wallpaper.nix + #../../modules/fwupd-gnome.nix + #../../modules/print-and-scan.nix + ../../modules/fde-ssh-unlock.nix + #../../modules/nextcloud-integration.nix + + #../../modules/gnome-config.nix + #../../modules/gnome-extensions.nix + #../../modules/gnome-fractional-scaling.nix + #../../modules/git.nix + ../../modules/zsh.nix + #../../modules/nitrokey-gpg-smartcard.nix + #../../modules/ssh-client.nix + ../../modules/ssh-server.nix + #../../modules/firefox.nix + #../../modules/thunderbird.nix + #../../modules/digikam-rawtherapee.nix + #../../modules/android.nix + #../../modules/podman.nix + ../../modules/docker.nix + #../../modules/docker-pushrm.nix + #../../modules/lid-switch-handling.nix + ../../modules/sendmail-mta.nix + ../../modules/journalwatch.nix + #../../modules/waydroid.nix + #../../modules/ntfs.nix + #../../modules/veracrypt.nix + ]; + + networking.hostName = "yodaNas"; + + boot.kernelParams = []; + + # Allow unfree packages. + nixpkgs.config.allowUnfree = false; + + boot.kernelPackages = pkgs.linuxPackages; +} diff --git a/hosts/yodaTab/configuration.nix b/hosts/yodaTab/configuration.nix index 3b7be59..a795367 100644 --- a/hosts/yodaTab/configuration.nix +++ b/hosts/yodaTab/configuration.nix @@ -57,8 +57,6 @@ in ]; networking.hostName = "yodaTab"; - services.openssh.ports = [ 22 ]; - boot.initrd.network.ssh.port = 22; boot.kernelParams = []; diff --git a/hosts/yodaTux/configuration.nix b/hosts/yodaTux/configuration.nix index cd44f1b..820f0f8 100644 --- a/hosts/yodaTux/configuration.nix +++ b/hosts/yodaTux/configuration.nix @@ -57,8 +57,6 @@ in ]; networking.hostName = "yodaTux"; - services.openssh.ports = [ 22 ]; - boot.initrd.network.ssh.port = 22; # Systemd Journal entry: # S Sat Sep 23 16:11:52 2023 p4 kernel: TSC found unstable after boot, most likely due to broken BIOS. Use 'tsc=unstable'. diff --git a/hosts/yodaYoga/configuration.nix b/hosts/yodaYoga/configuration.nix index ada54c6..151b194 100644 --- a/hosts/yodaYoga/configuration.nix +++ b/hosts/yodaYoga/configuration.nix @@ -59,8 +59,6 @@ in ]; networking.hostName = "yodaYoga"; - services.openssh.ports = [ 2224 ]; - boot.initrd.network.ssh.port = 2225; boot.kernelParams = []; diff --git a/modules/fde-ssh-unlock.nix b/modules/fde-ssh-unlock.nix index 636f258..393bd49 100644 --- a/modules/fde-ssh-unlock.nix +++ b/modules/fde-ssh-unlock.nix @@ -11,7 +11,15 @@ boot.initrd.network.enable = true; boot.initrd.network.ssh = { enable = true; - #port = 22; + port = ( + if (config.networking.hostname == "yodaTux") || (config.networking.hostname == "yodaTab") + then 22 + else if (config.networking.hostname == "yodaYoga") + then 2225 + else if (config.networking.hostname == "yodaNas") + then 2223 + else throw "Please add initrd ssh port here" + ); shell = "/bin/cryptsetup-askpass"; authorizedKeys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCpgihAg8Qzu5q+AGXHLR7p+rrS1yB0KlZb/Y/EwZT15EhEtsUMqBMRiY0TdjKQU0broyygZnymccLmCXvihEgk3zk/hP8VEDmN5wmE2tRBPR4lSjo8E1R8N79G+gaFkwi93QYh57MsGfa9k4tvGrJy0yaD7GrPqtQf+IIuvV14WJQAqnikTdbFqRjk5JGearYLU7jSKa+9NmR7JQ9NExoyIPgmQ/pd0Xc2qt8k5UGfz3HM9MAmIVQ30whK6m1iYZ8nxEidHrfreQx8NOa7ujo4zQnV1NYvRUjObr/qyIhPU6DYLT2mVRNupQFKx6LI38O4U13heugUFqJ3zvog3aDsriFiv8jzJAJvWXx7Q3TqKhqiG9VTkwBw1NDbCAOXKiEdMfiCYbdCfpNgdepU75bMloJcSQQVUqoH2tQhSbwKLuRFgOnyaHpvWbieXBRcUnfG8gg4p4jqiwx5laweEeOIOD/i7G1Mjx7Dj2ctnT/ILat/xsf+Y0W4eJr3bc5L9ghgw6wsKbNSqwjFUCFcHcARK3gvSH+hO2/BpgMVoyvZjO5PNuUqfsZ7bIIs5cDdyB/ly3irKuaRz1+3x1x4gPgSiOcji7HxPwogzhPsyfoRLHNt9tJ5X4nF2Iz1M5RTJpbZCi6yEj+9Q85FVjD76BEWuZe18kRrwhuLf/XgKdF9tQ== openpgp:0xA8B75370" @@ -26,8 +34,13 @@ # Or check the "Network" part of: # inxi -F # - #boot.initrd.availableKernelModules = [ "r8169" ]; # TODO: This value is valid for yodaTux only - boot.initrd.availableKernelModules = [ "e1000e" ]; # TODO: This value is valid for yodaYoga only + boot.initrd.availableKernelModules = ( + if (config.networking.hostname == "yodaTux") + then [ "r8169" ] + else if (config.networking.hostname == "yodaYoga") + then [ "e1000e" ] + else throw "Please add kernel module of networ card here" + ); # # dmesg -> enp0s20f0u1u2: renamed from eth0 (yodaTux) # dmesg -> enp0s31f6: renamed from eth0 (yodaYoga) diff --git a/modules/ssh-server.nix b/modules/ssh-server.nix index 51258a4..d59a8d4 100644 --- a/modules/ssh-server.nix +++ b/modules/ssh-server.nix @@ -4,7 +4,15 @@ # Enable SSH server. services.openssh = { enable = true; - #ports = [ 22 ]; + ports = ( + if (config.networking.hostname == "yodaTux") || (config.networking.hostname == "yodaTab") + then [22] + else if (config.networking.hostname == "yodaYoga") + then [2224] + else if (config.networking.hostname == "yodaNas") + then [2222] + else throw "Please add ssh port here" + ); # Use authorized keys only. settings.PasswordAuthentication = false; settings.PermitRootLogin = "prohibit-password";