diff options
Diffstat (limited to 'modules/pi')
| -rw-r--r-- | modules/pi/default.nix | 15 | ||||
| -rw-r--r-- | modules/pi/users.nix | 22 | ||||
| -rw-r--r-- | modules/pi/zram.nix | 9 |
3 files changed, 46 insertions, 0 deletions
diff --git a/modules/pi/default.nix b/modules/pi/default.nix new file mode 100644 index 0000000..410dbd9 --- /dev/null +++ b/modules/pi/default.nix @@ -0,0 +1,15 @@ +{ + lib, + secrets, + ... +}: +{ + imports = [ + ./users.nix + ./zram.nix + ]; + + time.timeZone = secrets.i18n.timezone; + services.openssh.settings.PermitRootLogin = "prohibit-password"; + networking.firewall.enable = lib.mkForce false; +} diff --git a/modules/pi/users.nix b/modules/pi/users.nix new file mode 100644 index 0000000..eb96893 --- /dev/null +++ b/modules/pi/users.nix @@ -0,0 +1,22 @@ +{ config, secrets, ... }: +{ + users = { + groups.${config.modules.primaryUser} = { }; + + users = + let + defaultOptions = { + initialHashedPassword = secrets.initial_hashed_password; + openssh.authorizedKeys.keys = [ secrets.kioku_openssh_public_key ]; + }; + in + { + root = defaultOptions; + + ${config.modules.primaryUser} = defaultOptions // { + group = config.modules.primaryUser; + isNormalUser = true; + }; + }; + }; +} diff --git a/modules/pi/zram.nix b/modules/pi/zram.nix new file mode 100644 index 0000000..d9df0a9 --- /dev/null +++ b/modules/pi/zram.nix @@ -0,0 +1,9 @@ +{ + zramSwap = { + enable = true; + priority = 100; + memoryMax = 268435456; + algorithm = "lz4"; + memoryPercent = 50; + }; +} |