SebastianStork/nixos-config
1
0
Fork 0
mirror of https://github.com/SebastianStork/nixos-config.git synced 2026-03-22 23:29:08 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Compare commits

base: SebastianStork:a2827a95f2d3aa828787605277d633b272f088b5
Branches Tags
SebastianStork:main
SebastianStork:dependabot/github_actions/cachix/cachix-action-17
SebastianStork:deploy
SebastianStork:deployed/srv-core
SebastianStork:deployed/vps-ns
SebastianStork:deployed/vps-www
SebastianStork:testing-srv-core
..
compare: SebastianStork:ef4ecd7fb550283cb574e7e77c79cdb5f83677ad
Branches Tags
SebastianStork:dependabot/github_actions/cachix/cachix-action-17
SebastianStork:deploy
SebastianStork:deployed/srv-core
SebastianStork:deployed/vps-ns
SebastianStork:deployed/vps-www
SebastianStork:main
SebastianStork:testing-srv-core

3 commits
a2827a95f2 ... ef4ecd7fb5

Author SHA1 Message Date
SebastianStork
ef4ecd7fb5
sops: Do eta-reduction 2026-01-23 11:45:27 +01:00
SebastianStork
4ab442f61b
lib: Remove unused functions 2026-01-23 11:39:21 +01:00
SebastianStork
3a669dd8fd
sshd: Make sure to only ever listen on overlay address 2026-01-23 11:26:59 +01:00
3 changed files with 4 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

4
flake-parts/sops.nix
View file

@ -27,7 +27,7 @@
|> lib.attrValues |> lib.attrValues
|> lib.map (host: host.config.custom.sops) |> lib.map (host: host.config.custom.sops)
|> lib.filter (sops: sops.enable) |> lib.filter (sops: sops.enable)
|> lib.map (sops: mkCreationRule sops); |> lib.map mkCreationRule;
userCreationRules = userCreationRules =
self.nixosConfigurations self.nixosConfigurations
@ -35,7 +35,7 @@
|> lib.filter (host: host.config |> lib.hasAttr "home-manager") |> lib.filter (host: host.config |> lib.hasAttr "home-manager")
|> lib.map (host: host.config.home-manager.users.seb.custom.sops) |> lib.map (host: host.config.home-manager.users.seb.custom.sops)
|> lib.filter (sops: sops.enable) |> lib.filter (sops: sops.enable)
|> lib.map (sops: mkCreationRule sops); |> lib.map mkCreationRule;
jsonConfig = { creation_rules = hostCreationRules ++ userCreationRules; } |> lib.strings.toJSON; jsonConfig = { creation_rules = hostCreationRules ++ userCreationRules; } |> lib.strings.toJSON;
in in

4
lib/default.nix
View file

@ -5,10 +5,6 @@
{ {
isPrivateDomain = domain: domain |> lib.hasSuffix ".splitleaf.de"; isPrivateDomain = domain: domain |> lib.hasSuffix ".splitleaf.de";
subdomainOf = domain: domain |> lib.splitString "." |> lib.head;
rootDomainOf = domain: domain |> lib.splitString "." |> lib.tail |> lib.concatStringsSep ".";
listNixFilesRecursively = listNixFilesRecursively =
dir: dir |> lib.filesystem.listFilesRecursive |> lib.filter (lib.hasSuffix ".nix"); dir: dir |> lib.filesystem.listFilesRecursive |> lib.filter (lib.hasSuffix ".nix");

4
modules/system/services/sshd.nix
View file

@ -16,7 +16,7 @@ in
openssh = { openssh = {
enable = true; enable = true;
openFirewall = false; openFirewall = false;
ports = [ ]; ports = lib.mkForce [ ];
listenAddresses = lib.singleton { listenAddresses = lib.singleton {
addr = netCfg.overlay.address; addr = netCfg.overlay.address;
port = 22; port = 22;
@ -46,7 +46,7 @@ in
users.users.seb.openssh.authorizedKeys.keyFiles = users.users.seb.openssh.authorizedKeys.keyFiles =
self.nixosConfigurations self.nixosConfigurations
|> lib.attrValues |> lib.attrValues
|> lib.filter (host: host.config.custom.networking.hostName != netCfg.hostName) |> lib.filter (host: host.config.networking.hostName != netCfg.hostName)
|> lib.filter (host: host.config |> lib.hasAttr "home-manager") |> lib.filter (host: host.config |> lib.hasAttr "home-manager")
|> lib.map (host: host.config.home-manager.users.seb.custom.programs.ssh) |> lib.map (host: host.config.home-manager.users.seb.custom.programs.ssh)
|> lib.filter (ssh: ssh.enable) |> lib.filter (ssh: ssh.enable)