From 498ff3fa1752db846e43fc25407045c19f970f78 Mon Sep 17 00:00:00 2001 From: Daylin Morgan Date: Tue, 24 Jan 2023 17:22:12 -0600 Subject: [PATCH] WIP --- Makefile | 5 ++++- flake.lock | 6 +++--- hosts/jeran/README.md | 21 +++++++++++++++++++++ hosts/jeran/configuration.nix | 19 +++++++++++++------ 4 files changed, 41 insertions(+), 10 deletions(-) create mode 100644 hosts/jeran/README.md diff --git a/Makefile b/Makefile index 2c887f6..a0ad729 100644 --- a/Makefile +++ b/Makefile @@ -1,3 +1,6 @@ +boot: + sudo nixos-rebuild boot --flake . + ## switch | perform nixos rebuild switch: sudo nixos-rebuild switch --flake . @@ -6,7 +9,7 @@ switch: lint: nixpkgs-fmt . -.PHONY: lint switch +.PHONY: lint switch boot USAGE := {a.style('==>','bold')} {a.style('flakes ftw','header')} {a.style('<==','bold')}\n -include .task.mk diff --git a/flake.lock b/flake.lock index e45254f..9ce601b 100644 --- a/flake.lock +++ b/flake.lock @@ -2,11 +2,11 @@ "nodes": { "nixpkgs": { "locked": { - "lastModified": 1668132053, - "narHash": "sha256-eQ2/vjxbkEJmG1YJu58TK8S/AEB52MKrXPy5IhTH6nE=", + "lastModified": 1674584991, + "narHash": "sha256-2NqCy2ViyT/iOniL0UtrLi15z1TYfPYVj/iY4rWur3M=", "owner": "nixos", "repo": "nixpkgs", - "rev": "34f89bcce8711acb0e4de1203ed078b7976e08b2", + "rev": "eb95aa0392d4a6f0eb3ac66eb0329397eafde4fb", "type": "github" }, "original": { diff --git a/hosts/jeran/README.md b/hosts/jeran/README.md new file mode 100644 index 0000000..e15bc4f --- /dev/null +++ b/hosts/jeran/README.md @@ -0,0 +1,21 @@ +sudo -u git ssh-keygen -t rsa -b 4096 -C "Gitea Host Key" +sudo -u git cat /home/git/.ssh/id_rsa.pub | sudo -u git tee -a /home/git/.ssh/authorized_keys +sudo -u git chmod 600 /home/git/.ssh/authorized_keys + + +Should Look like this +``` +# SSH pubkey from git user +ssh-rsa + +# other keys from users +command="/usr/local/bin/gitea --config=/data/gitea/conf/app.ini serv key-1",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty +``` + + +Nixify this step.... +cat <<"EOF" | sudo tee /usr/local/bin/gitea +#!/bin/sh +ssh -p 2222 -o StrictHostKeyChecking=no git@127.0.0.1 "SSH_ORIGINAL_COMMAND=\"$SSH_ORIGINAL_COMMAND\" $0 $@" +EOF +sudo chmod +x /usr/local/bin/gitea diff --git a/hosts/jeran/configuration.nix b/hosts/jeran/configuration.nix index 429b30d..19dcee0 100644 --- a/hosts/jeran/configuration.nix +++ b/hosts/jeran/configuration.nix @@ -11,20 +11,27 @@ isNormalUser = true; extraGroups = [ "wheel" "docker" ]; useDefaultShell = true; - + }; + git = { + isNormalUser = true; }; }; - services.openssh.passwordAuthentication = true; + services.resolved.enable = true; system.stateVersion = "22.11"; nixpkgs.config.allowUnfree = true; - nix.package = pkgs.nixUnstable; - nix.extraOptions = '' - experimental-features = nix-command flakes - ''; boot.kernelPackages = pkgs.linuxPackages_latest; + services.cron = { + enable = true; + systemCronJobs = [ + # update repos + "0 * * * * make -C /home/daylin/git soft-repos" + # update container so home page is semi-accurate + "0 2 * * * make -C /home/daylin/git update-soft-serve" + ]; + }; networking.hostName = "jeran"; # Define your hostname. time.timeZone = "America/Chicago"; programs.zsh.enable = true;