WIP: new host fa-t14-2025

2025-06-03 08:37:13 +02:00
parent 277a650098
commit 2c36272339
4 changed files with 208 additions and 0 deletions
--- a/hosts/fa-t14-2025/configuration.nix
+++ b/hosts/fa-t14-2025/configuration.nix
@@ -0,0 +1,59 @@
+{ config, pkgs, lib, ... }:
+
+{
+  imports =
+    [
+      ../../base.nix
+      ./hardware-configuration.nix
+
+      ./desktop.nix
+  ];
+
+  networking = {
+    networkmanager.enable = true;
+    # interfaces.eno1 = {
+    #   useDHCP = true;
+    #   tempAddress = "disabled";
+    # };
+
+    tempAddresses = "disabled";
+    hostName = "fa-t14-2025";
+    nameservers = [ "1.1.1.1" "1.0.0.1" ];
+    domain = "mktv.local";
+    hostId = "f458d6aa";
+
+    search = [
+      "mktv.no"
+      "mktv.local"
+    ];
+
+    # firewall.extraCommands = ''
+    #   # IT VPN
+    #   iptables -I nixos-fw -p tcp -m tcp --dport 22 --source 129.241.117.0/24 -j nixos-fw-accept
+    #   ip6tables -I nixos-fw -p tcp -m tcp --dport 22 --source 2001:700:301:12::/63 -j nixos-fw-accept
+    # '';
+
+    # firewall.extraStopCommands = ''
+    #   iptables -F nixos-fw
+    #   ip6tables -F nixos-fw
+    # '';
+  };
+
+  console.keyMap = "no";
+
+  nixpkgs.config = {
+    allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
+      "copilot.vim"
+    ];
+  };
+
+  services.openssh.openFirewall = false;
+
+  users.users.felixalb = {
+    uid = 1000;
+    openssh.authorizedKeys.keys = [ ];
+    extraGroups = [ "networkmanager" ];
+  };
+
+  system.stateVersion = "25.05";
+}