diff options
| author | Mel <mel@rnrd.eu> | 2025-09-24 18:50:23 +0200 |
|---|---|---|
| committer | Mel <mel@rnrd.eu> | 2025-09-24 18:50:23 +0200 |
| commit | a58d7cec519ef4a5d8148ee8ab7d97053a1ccdb0 (patch) | |
| tree | c6d12e02927cf101426605aef32f0666f34e9f3b /roles/development-server.nix | |
| parent | 117d6afa0054123e71b2eb06c9d91482a2988fdc (diff) | |
| download | minerals-a58d7cec519ef4a5d8148ee8ab7d97053a1ccdb0.tar.zst minerals-a58d7cec519ef4a5d8148ee8ab7d97053a1ccdb0.zip | |
Define roles for the two 'mineral' types
Signed-off-by: Mel <mel@rnrd.eu>
Diffstat (limited to 'roles/development-server.nix')
| -rw-r--r-- | roles/development-server.nix | 89 |
1 files changed, 5 insertions, 84 deletions
diff --git a/roles/development-server.nix b/roles/development-server.nix index b0e80e5..1ccd779 100644 --- a/roles/development-server.nix +++ b/roles/development-server.nix @@ -1,54 +1,26 @@ { - me, - pkgs, - auxiliaryPkgs, - unstablePkgs, ... }: { imports = [ - ./nix.nix - ./user.nix - ./locale.nix - ./vim.nix - ./tmux.nix - ./nix-ld.nix + ../modules/common.nix ]; - services.envfs.enable = true; - virtualisation = { - libvirtd.enable = true; docker = { enable = true; - daemon.settings.dns = [ "1.1.1.1" "1.0.0.1" ]; - }; - }; - - # fish enables this by default, - # it makes every nixos rebuild very slow. - documentation.man.generateCaches = false; - documentation = { - info.enable = true; - doc.enable = true; - dev.enable = true; - nixos = { - enable = true; - includeAllModules = true; + daemon.settings.dns = [ + "1.1.1.1" + "1.0.0.1" + ]; }; }; - networking.hostName = me.name; - services.resolved.enable = true; - users.users.mel.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINTG/DHTkuQgwLakSBuXx3XBe+WjUmDlSgLBGzldx/ZD mel@moissanite" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDlqytVSNMFAfbB+rdiNktv3WYViVBMeK7zUO2Pjfii+ mel@corsac" ]; services = { - acpid.enable = true; - tailscale.enable = true; - openssh = { enable = true; ports = [ 62322 ]; # listen on random port @@ -69,56 +41,5 @@ # ban those who found the real port fail2ban.enable = true; - - # sometimes needed for gnupg - pcscd.enable = true; }; - - programs = { - fish.enable = true; - git.enable = true; - - gnupg.agent = { - enable = true; - enableSSHSupport = true; - pinentryPackage = pkgs.pinentry-curses; - }; - }; - - environment.systemPackages = (with pkgs; [ - file unzip jq dig htop wget screen dive - gnupg pinentry-curses age agenix minisign openssl cryptsetup pamtester - inetutils pciutils usbutils lshw lsof inxi iw pmutils acpi acpid - minicom miniserve netcat-gnu socat tcpdump nmap iftop iperf mtr arp-scan ethtool - mitmproxy - yt-dlp ffmpeg_7-full imagemagick - senpai - qemu_full virtiofsd - - openvpn openvpn3 update-resolv-conf - - ripgrep hyperfine parallel just fzf bat delta eza fd tokei didyoumean - universal-ctags compiledb graphviz - python3 uv ruff - nodejs_22 deno yarn - rustc rustup cargo rustfmt - go gopls delve go-task gotags golangci-lint - meson cmake gnumake ninja gdb gcc clang clang-tools - hare haredoc - jdk maven gradle - nil nixfmt-rfc-style - nixpkgs-review nixpkgs-fmt nixpkgs-lint-community - postgresql - helix alacritty - - ubootTools dtc cloud-utils - borgbackup - - man-pages man-pages-posix - ]) ++ (with unstablePkgs; [ - claude-code gemini-cli - ]) ++ (with auxiliaryPkgs; [ - ]); - - environment.etc.openvpn.source = "${pkgs.update-resolv-conf}/libexec/openvpn"; } |