diff --git a/darwin/kuro/configuration.nix b/darwin/kuro/configuration.nix index c49fb60b..2b2c8ee4 100644 --- a/darwin/kuro/configuration.nix +++ b/darwin/kuro/configuration.nix @@ -1,6 +1,7 @@ { config, pkgs, + device, ... }: { imports = [./services ./homebrew.nix ./programs]; @@ -12,7 +13,7 @@ # ids.gids.nixbld = 30000; experimental-features = "nix-command flakes auto-allocate-uids"; max-jobs = 8; - trusted-users = ["root" "fs0c131y"]; + trusted-users = ["root" device.user]; substituters = [ "https://nix-community.cachix.org" # "https://sh.darksailor.dev" @@ -58,7 +59,7 @@ # services.nix-daemon.enable = true; system.stateVersion = 5; - system.primaryUser = "fs0c131y"; + system.primaryUser = device.user; system.keyboard.enableKeyMapping = true; system.keyboard.remapCapsLockToControl = true; diff --git a/deploy.nix b/deploy.nix index 3fdd0357..a37b7ccf 100644 --- a/deploy.nix +++ b/deploy.nix @@ -31,7 +31,7 @@ tako = { hostname = "tako.darksailor.dev"; profiles.system = { - sshUser = "root"; + sshUser = "servius"; path = inputs.deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.tako; user = "root"; }; diff --git a/nixos/mirai/configuration.nix b/nixos/mirai/configuration.nix index 5147215c..91efd983 100644 --- a/nixos/mirai/configuration.nix +++ b/nixos/mirai/configuration.nix @@ -42,7 +42,7 @@ cores = 8; auto-optimise-store = true; extra-experimental-features = "nix-command flakes auto-allocate-uids"; - trusted-users = ["root" "fs0c131y" "remotebuilder"]; + trusted-users = ["root" device.user "remotebuilder"]; trusted-substituters = [ "https://nix-community.cachix.org" "https://nixos-raspberrypi.cachix.org" @@ -69,7 +69,7 @@ distributedBuilds = true; }; - users.users.fs0c131y = { + users.users.${device.user} = { isNormalUser = true; extraGroups = ["wheel" "docker" "media"]; openssh.authorizedKeys.keyFiles = [ diff --git a/nixos/ryu/configuration.nix b/nixos/ryu/configuration.nix index 8f563d26..18f49821 100644 --- a/nixos/ryu/configuration.nix +++ b/nixos/ryu/configuration.nix @@ -43,7 +43,7 @@ cores = 24; auto-optimise-store = true; extra-experimental-features = "nix-command flakes auto-allocate-uids"; - trusted-users = ["root" "servius"]; + trusted-users = ["root" device.user]; trusted-substituters = [ "https://nix-community.cachix.org" "https://nixos-raspberrypi.cachix.org" @@ -70,6 +70,7 @@ package = pkgs.nixVersions.nix_2_31; # deploy-rs doesn't work with nix >= 2.32 buildMachines = [ ../../builders/tako.nix + ../../builders/mirai.nix ../../builders/shiro.nix # ../../builders/tsuba.nix ]; diff --git a/nixos/tako/configuration.nix b/nixos/tako/configuration.nix index a570b49f..0d66bfd8 100644 --- a/nixos/tako/configuration.nix +++ b/nixos/tako/configuration.nix @@ -42,7 +42,7 @@ cores = 8; auto-optimise-store = true; extra-experimental-features = "nix-command flakes auto-allocate-uids"; - trusted-users = ["root" "fs0c131y" "remotebuilder"]; + trusted-users = ["root" device.user "remotebuilder"]; trusted-substituters = [ "https://nix-community.cachix.org" "https://nixos-raspberrypi.cachix.org" diff --git a/nixos/tako/services/default.nix b/nixos/tako/services/default.nix index 16cd46d7..20154df3 100644 --- a/nixos/tako/services/default.nix +++ b/nixos/tako/services/default.nix @@ -1,6 +1,5 @@ {...}: { imports = [ - # ./authelia.nix # ./caddy.nix # ./excalidraw.nix # ./fail2ban.nix @@ -9,7 +8,6 @@ # ./gitea.nix # ./homepage.nix # # ./llama.nix - # ./lldap.nix # # ./monitoring.nix # # ./nextcloud.nix # # ./paperless.nix @@ -19,7 +17,9 @@ # ./headscale.nix # ./shitpost.nix ./atuin.nix - ./immich.nix + # ./immich.nix + # ./lldap.nix + # ./authelia.nix ./openssh.nix ./tailscale.nix ]; diff --git a/nixos/tako/services/openssh.nix b/nixos/tako/services/openssh.nix index ea7f76e3..80f73359 100644 --- a/nixos/tako/services/openssh.nix +++ b/nixos/tako/services/openssh.nix @@ -1,7 +1,7 @@ {...}: { services.openssh = { enable = true; - passwordAuthentication = false; - permitRootLogin = "prohibit-password"; + settings.PasswordAuthentication = false; + settings.PermitRootLogin = "prohibit-password"; }; }