ADD : backup server config

2022-05-25 12:50:35 +00:00 · 2022-05-25 12:50:35 +00:00 · 7d78e49841
parent 7055caa668
commit 7d78e49841
5 changed files with 95 additions and 0 deletions
--- a/hosts/backup/common.nix
+++ b/hosts/backup/common.nix
@ -0,0 +1,13 @@
+{ config, pkgs, ...}:
+{
+  environment.variables.EDITOR = "nvim";
+  environment.systemPackages = with pkgs; [
+    gitAndTools.gitFull
+    unzip
+    zip
+    tmux
+    lshw
+    bc
+    neovim
+  ];
+}
--- a/hosts/backup/configuration.nix
+++ b/hosts/backup/configuration.nix
@ -0,0 +1,18 @@
+{ ... }: {
+  imports = [
+    ./hardware-configuration.nix
+    ./rest-server.nix
+    ./users.nix
+    ./common.nix
+  ];
+
+  boot.cleanTmpDir = true;
+  zramSwap.enable = false;
+  networking.hostName = "back";
+  services.openssh.enable = true;
+  users.users.root.openssh.authorizedKeys.keys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKUA1RW6JwZasspAp8qmFRFnlV5WXjhLfStAAkM+KYLv lucazeau.alexandre@gmail.com" 
+  ];
+
+
+}
--- a/hosts/backup/hardware-configuration.nix
+++ b/hosts/backup/hardware-configuration.nix
@ -0,0 +1,8 @@
+{ modulesPath, ... }:
+{
+  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
+  boot.loader.grub.device = "/dev/sda";
+  boot.initrd.kernelModules = [ "nvme" ];
+  fileSystems."/" = { device = "/dev/sda3"; fsType = "ext4"; };
+  swapDevices = [ { device = "/dev/sda2"; } ];
+}
--- a/hosts/backup/rest-server.nix
+++ b/hosts/backup/rest-server.nix
@ -0,0 +1,15 @@
+
+{ lib, config, ... }:
+{
+  services.restic.server = {
+	enable = true;
+  	appendOnly = true;
+  	extraFlags = [ "--no-auth" ];
+  	dataDir = "/var/lib/backup";
+  	prometheus = true;
+	};
+  networking = {
+	firewall.enable = true;
+        firewall.allowedTCPPorts = [ 8000 ];
+	};
+}
--- a/hosts/backup/users.nix
+++ b/hosts/backup/users.nix
@ -0,0 +1,41 @@
+{ config, pkgs, ...}:
+{
+  users = { 
+    groups = {
+      alexandre = {};
+    };
+    users = {
+      alexandre = {
+        isNormalUser = true;
+	createHome = true;
+        home = "/home/alexandre";
+        description = "Alexandre LUCAZEAU";
+        extraGroups = [ "wheel" ];
+        group = "alexandre";
+        shell = pkgs.fish;
+	openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKUA1RW6JwZasspAp8qmFRFnlV5WXjhLfStAAkM+KYLv lucazeau.alexandre@gmail.com" ];
+      };
+    };
+  };
+  programs.git = {
+	enable = true;
+	config.user.email = "lucazeau.alexandre@gmail.com";
+	config.user.name = "Alexandre LUCAZEAU";
+	config.init.defaultBranch = "main";
+	config.core.sshCommand = "ssh -i ~/.ssh/id_ed25519-perso";
+  };
+  programs.fish.enable = true;
+  programs.fish.shellAliases = {
+	ll = "ls -l";
+	ls = "ls --color=tty";
+	vi = "nvim";
+	vim = "nvim";
+  };
+  security.sudo = {
+	enable = true;
+	execWheelOnly = true;
+	extraRules = [
+	{ users = [ "alexandre" ]; commands = [ { command = "ALL"; options = [ "NOPASSWD" ]; } ]; }
+	];
+  };
+}