From 32f0b4e7c60318b782387f8cbb164d9326fc6182 Mon Sep 17 00:00:00 2001 From: reidlab Date: Tue, 4 Jun 2024 18:05:44 -0700 Subject: [PATCH 1/2] doas! --- hosts/nixos-server-reid/default.nix | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/hosts/nixos-server-reid/default.nix b/hosts/nixos-server-reid/default.nix index 6c90b9c..33996e9 100755 --- a/hosts/nixos-server-reid/default.nix +++ b/hosts/nixos-server-reid/default.nix @@ -44,7 +44,13 @@ in { mosh.enable = true; }; - security.useDoas = false; + security.useDoas = true; + }; + + security.doas = { + extraRules = [ + { users = [ "reidlab" ]; noPass = true; persist = false; keepEnv = true; } + ]; }; # enable network manager - probably not the best on a single server but Oh Well From 49c456f50685db6fe32979d363c7900b6f9331cb Mon Sep 17 00:00:00 2001 From: reidlab Date: Tue, 4 Jun 2024 18:28:14 -0700 Subject: [PATCH 2/2] vscode ssh server --- default.nix | 1 + flake.lock | 69 ++++++++++++++++++++++++++++- flake.nix | 2 + hosts/nixos-server-reid/default.nix | 2 + 4 files changed, 73 insertions(+), 1 deletion(-) diff --git a/default.nix b/default.nix index 05276e3..b783f69 100755 --- a/default.nix +++ b/default.nix @@ -8,6 +8,7 @@ in { imports = [ inputs.home-manager.nixosModules.home-manager + inputs.vscode-server.nixosModules.default ] ++ (mapModulesRec' (toString ./modules) import); diff --git a/flake.lock b/flake.lock index f566bec..8aa8b6a 100755 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,23 @@ { "nodes": { + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1681202837, + "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "cfacdce06f30d2b68473a46042957675eebb3401", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -36,10 +54,59 @@ "type": "github" } }, + "nixpkgs_2": { + "locked": { + "lastModified": 1682134069, + "narHash": "sha256-TnI/ZXSmRxQDt2sjRYK/8j8iha4B4zP2cnQCZZ3vp7k=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "fd901ef4bf93499374c5af385b2943f5801c0833", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, "root": { "inputs": { "home-manager": "home-manager", - "nixpkgs": "nixpkgs" + "nixpkgs": "nixpkgs", + "vscode-server": "vscode-server" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "vscode-server": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs_2" + }, + "locked": { + "lastModified": 1713958148, + "narHash": "sha256-8PDNi/dgoI2kyM7uSiU4eoLBqUKoA+3TXuz+VWmuCOc=", + "owner": "nix-community", + "repo": "nixos-vscode-server", + "rev": "fc900c16efc6a5ed972fb6be87df018bcf3035bc", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixos-vscode-server", + "type": "github" } } }, diff --git a/flake.nix b/flake.nix index 3527f24..fc85dec 100755 --- a/flake.nix +++ b/flake.nix @@ -6,6 +6,8 @@ home-manager.url = "github:nix-community/home-manager"; home-manager.inputs.nixpkgs.follows = "nixpkgs"; + + vscode-server.url = "github:nix-community/nixos-vscode-server"; }; outputs = inputs @ { self, nixpkgs, ... }: diff --git a/hosts/nixos-server-reid/default.nix b/hosts/nixos-server-reid/default.nix index 33996e9..30cc25a 100755 --- a/hosts/nixos-server-reid/default.nix +++ b/hosts/nixos-server-reid/default.nix @@ -8,6 +8,8 @@ in { ./webapps/default.nix ]; + services.vscode-server.enable = true; + normalUsers = { reidlab = { conf = {