};
networking.extraHosts = builtins.concatStringsSep "\n"
- (lib.mapAttrsToList (n: v: "${v.config.hostEnv.ips.main.ip4} ${n}") nodes);
+ (lib.mapAttrsToList (n: v: "${lib.head v.config.hostEnv.ips.main.ip4} ${n}") nodes);
users.extraUsers.root.openssh.authorizedKeys.keys = [ config.myEnv.sshd.rootKeys.nix_repository ];
secrets.deleteSecretsVars = true;
services.openssh.enable = true;
- services.duplyBackup.profiles.system = {
- rootDir = "/var/lib";
- excludeFile = lib.mkAfter ''
- + /var/lib/nixos
- + /var/lib/udev
- + /var/lib/udisks2
- + /var/lib/systemd
- + /var/lib/private/systemd
- - /var/lib
- '';
- };
nixpkgs.overlays = builtins.attrValues (import ../../overlays) ++ [
(self: super: {
postgresql = self.postgresql_pam;
mariadb = self.mariadb_pam;
}) # don’t put them as generic overlay because of home-manager
];
+ nixpkgs.config.permittedInsecurePackages = [
+ "nodejs-10.24.1"
+ ];
services.journald.extraConfig = ''
#Should be "warning" but disabled for now, it prevents anything from being stored
home = "/home/${x.name}";
createHome = true;
linger = true;
+ # Enable in latest unstable homeMode = "755";
} // x)) (config.hostEnv.users pkgs))
// {
root.packages = let
'';
in
[
- pkgs.telnet
+ pkgs.inetutils
pkgs.htop
pkgs.iftop
pkgs.bind.dnsutils
pkgs.whois
pkgs.ngrep
pkgs.tcpdump
- pkgs.tshark
+ pkgs.wireshark-cli
pkgs.tcpflow
# pkgs.mitmproxy # failing
pkgs.nmap