neox
/
configurations-guix
1
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

add support for offloading from other computers

This commit is contained in:
Adrien Bourmault 2024-12-15 18:41:59 +01:00
parent c84e138bec
commit 391080d74f
No known key found for this signature in database
GPG Key ID: 57BC26A3687116F6
6 changed files with 40 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
.gitignore vendored
View File

@ -7,7 +7,6 @@ dbus-1
environment environment
fstab fstab
group group
guix/
hostname hostname
hosts hosts
issue issue
@ -44,3 +43,9 @@ sysconfig/
syslog.conf syslog.conf
timezone timezone
udev udev
*.sec
ssh/ssh_host_*_key
ssh/authorized_keys.d/
guix/acl*
bluetooth
shadow*

25
config.scm
View File

@ -347,6 +347,11 @@ fi"))
;; La liste des comptes utilisateurs (« root » est implicite). ;; La liste des comptes utilisateurs (« root » est implicite).
(users (users
(cons* (cons*
(user-account
(name "offload")
(comment "guix offload account")
(group "users")
(system? #t))
(user-account (user-account
(name "neox") (name "neox")
(comment "neox") (comment "neox")
@ -601,9 +606,12 @@ fi"))
;; Service OpenSSH ;; Service OpenSSH
(service openssh-service-type (service openssh-service-type
(openssh-configuration (openssh-configuration
(x11-forwarding? #t) (authorized-keys
(password-authentication? #f) `(("neox" ,(local-file "/etc/ssh/ssh_neox_ed25519_key.pub"))
(permit-root-login 'prohibit-password))) ("offload" ,(local-file "/etc/ssh/ssh_n-t400s_ed25519_key.pub"))))
(x11-forwarding? #t)
(password-authentication? #f)
(permit-root-login 'prohibit-password)))
;; Service Tor ;; Service Tor
(service tor-service-type) (service tor-service-type)
@ -652,6 +660,17 @@ fi"))
(handle-lid-switch 'ignore) (handle-lid-switch 'ignore)
(handle-lid-switch-external-power 'ignore))) (handle-lid-switch-external-power 'ignore)))
;; Configuration du service Guix
(guix-service-type config => (guix-configuration
(inherit config)
(authorize-key? #t)
(authorized-keys
(append
(list
(local-file "/etc/guix/n-t400s.pub"))
%default-authorized-guix-keys))
(extra-options '("--gc-keep-derivations=yes" "--gc-keep-output=yes"))))
;; Configuration du service network-manager pour prendre en charge ;; Configuration du service network-manager pour prendre en charge
;; OpenVPN ;; OpenVPN
(network-manager-service-type config => (network-manager-configuration (network-manager-service-type config => (network-manager-configuration

4
guix/n-t400s.pub Normal file
View File

@ -0,0 +1,4 @@
(public-key
(ecc
(curve Ed25519)
(q #7F8EB1AE40F138A9DF5F61C57CC4E33F4F1E42244CE71D855806CDE06113A245#)))

6
guix/signing-key.pub Normal file
View File

@ -0,0 +1,6 @@
(public-key
(ecc
(curve Ed25519)
(q #8E46170F0B43CC3C0AD67F162CB1707246D18F322C3EA040898FBB15F2A18963#)
)
)

1
ssh/ssh_n-t400s_ed25519_key.pub Normal file
View File

@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPhNNT9tFGTTGQ9e+L5u1gJiPpiivE04r8iQ4zapXpSU root@(none)

1
ssh/ssh_neox_ed25519_key.pub Normal file
View File

@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDZQd7U/DRPK5/qk35dzeG5dpnS/0FesbRrgZTSMHEsv openpgp:0x18D3885F