add break user

author: Kjetil Ørbekk <kj@orbekk.com> 2019-10-26 15:29:35 -0400
committer: Kjetil Ørbekk <kj@orbekk.com> 2019-10-26 15:29:35 -0400
commit: d45919c425043b8f149c6bca62dc859b785c7270 (patch)
tree: f7fdd81e8bd92117f042911bd537314cfb2643f8 /machines
parent: 69f6f4d8db75c99a7aaa879247dd001f1e31e552 (diff)
1 files changed, 19 insertions, 0 deletions
diff --git a/machines/dragon.nix b/machines/dragon.nix
index 2e1b81e..d3a1c19 100644
--- a/machines/dragon.nix
+++ b/machines/dragon.nix
@@ -1,4 +1,7 @@
 { config, lib, pkgs, ... }:
+let
+  duid = "00:01:00:01:21:a2:4e:a8:d0:bf:9c:45:a6:ec";
+in
 {
   imports = [
     ../config/acme-sh.nix
@@ -19,6 +22,10 @@
   ];
 
   environment.systemPackages = with pkgs; [ ipmitool ];
+  # environment.etc."dhcpcd.duid".text = duid;
+  systemd.services.dhcpcd.preStart = ''
+    cp ${pkgs.writeText "duid" "${duid}"} /var/db/dhcpcd/duid
+  '';
 
   programs.mosh.enable = true;
 
@@ -101,6 +108,7 @@
 
     firewall.allowPing = true;
     firewall.checkReversePath = "loose";
+    firewall.logRefusedConnections = false;
 
     bridges = {
       br0 = {
@@ -111,6 +119,7 @@
     dhcpcd.extraConfig = ''
     duid
     ipv6ra_noautoconf
+    debug
     '';
 
     # interfaces.br0.ip6 = [
@@ -154,5 +163,15 @@
     };
   };
 
+  users.users.breakds = {
+    uid = 1101;
+    shell = pkgs.bashInteractive;
+    home = "/home/breakds";
+    createHome = false;
+    isNormalUser = true;
+    description = "Break Yang";
+    openssh.authorizedKeys.keyFiles = [ ../data/break_rsa.pub ];
+  };
+
   system.stateVersion = lib.mkForce "17.09";
 }
author	Kjetil Ørbekk <kj@orbekk.com>	2019-10-26 15:29:35 -0400
committer	Kjetil Ørbekk <kj@orbekk.com>	2019-10-26 15:29:35 -0400
commit	d45919c425043b8f149c6bca62dc859b785c7270 (patch)
tree	f7fdd81e8bd92117f042911bd537314cfb2643f8 /machines
parent	69f6f4d8db75c99a7aaa879247dd001f1e31e552 (diff)