AtaraxiaDev/nixos-config
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fix lxc

Browse Source
This commit is contained in:
Dmitriy Kholkin 2022-02-11 21:09:58 +03:00
parent 4e4588a743
commit 5a3a8fd6a2
4 changed files with 17 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
flake.nix
View File

@ -120,11 +120,11 @@
specialArgs = { inherit inputs; };
};
in (genAttrs hosts mkHost) // {
NixOS-CT = nixpkgs-stable.lib.nixosSystem {
NixOS-CT = (name: nixpkgs-stable.lib.nixosSystem {
system = builtins.readFile (./machines + "/${name}/system");
modules = [ (import (./machines + "/${name}")) { device = name; } ];
specialArgs = { inherit inputs; };
};
} NixOS-CT);
};
legacyPackages.x86_64-linux =

12
machines/NixOS-CT/default.nix
View File

@ -28,4 +28,16 @@
systemd.suppressedSystemUnits = [
"sys-kernel-debug.mount"
];
environment.noXlibs = lib.mkForce false;
networking = {
enableIPv6 = false;
defaultGateway = "192.168.0.1";
nameservers = [ "192.168.0.1" ];
interfaces.eth0.ipv4.addresses = [{
address = "192.168.0.12";
prefixLength = 24;
}];
};
}

2
profiles/network.nix
View File

@ -34,7 +34,7 @@ with config.deviceSpecific;
firewall = {
enable = true;
allowPing = true;
allowedTCPPorts = lib.mkIf isServer [ 22 80 443 8448 ];
allowedTCPPorts = lib.mkIf isServer [ 22 ];
};
usePredictableInterfaceNames = true;

4
profiles/security.nix
View File

@ -1,6 +1,6 @@
{ config, pkgs, lib, ... }:
with config.deviceSpecific; {
security.apparmor.enable = true;
security.apparmor.enable = !isContainer;
programs.firejail.enable = true;
users.mutableUsers = false;
users.users.alukard = {
@ -28,7 +28,7 @@ with config.deviceSpecific; {
"corectrl"
"video"
];
description = "Дмитрий Холкин";
description = "Dmitriy Kholkin";
uid = 1000;
hashedPassword = "$6$kDBGyd99tto$9LjQwixa7NYB9Kaey002MD94zHob1MmNbVz9kx3yX6Q4AmVgsFMGUyNuHozXprxyuXHIbOlTcf8nd4rK8MWfI/";
shell = pkgs.zsh;