James Andariese
10e8117cea
add garage tank mount open up the firewall on the k3s agents for now apply this to xerneas (yveltal doesn't have an hdd)
61 lines
1.3 KiB
Nix
61 lines
1.3 KiB
Nix
# Edit this configuration file to define what should be installed on
|
||
# your system. Help is available in the configuration.nix(5) man page
|
||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||
|
||
{ config, pkgs, lib, flake-inputs, ... }:
|
||
|
||
{
|
||
services.resolved.enable = false;
|
||
networking.networkmanager.enable = false;
|
||
|
||
networking.nameservers = [
|
||
"172.16.1.53"
|
||
"172.16.1.8"
|
||
];
|
||
|
||
networking.defaultGateway = "172.16.1.1";
|
||
|
||
virtualisation = {
|
||
kvmgt.enable = true;
|
||
containers = {
|
||
enable = true;
|
||
policy = {
|
||
default = [ { type = "insecureAcceptAnything"; } ];
|
||
transports = {
|
||
docker-daemon = {
|
||
"" = [ { type = "insecureAcceptAnything"; } ];
|
||
};
|
||
};
|
||
};
|
||
};
|
||
};
|
||
|
||
services.openssh.enable = true;
|
||
networking.firewall.enable = true;
|
||
|
||
environment.systemPackages = with pkgs; [
|
||
neovim
|
||
htop
|
||
parted
|
||
nfs-utils
|
||
xfsprogs
|
||
];
|
||
services.openiscsi = {
|
||
enable = true;
|
||
name = "${config.networking.hostName}-initiatorhost";
|
||
};
|
||
|
||
systemd.network.wait-online.enable = lib.mkDefault false;
|
||
networking.useDHCP = false;
|
||
#services.tcsd.enable = true;
|
||
|
||
security.sudo = {
|
||
enable = true;
|
||
extraRules = [
|
||
{ users = [ "%wheel" ];
|
||
commands = [ { command = "ALL"; options = [ "NOPASSWD" ]; } ];
|
||
}
|
||
];
|
||
};
|
||
}
|