Additional updates to bastion

2025-06-17 23:23:02 -05:00 · 2025-06-17 23:23:02 -05:00 · 5059b384c0
parent fbbd6682d8
commit 5059b384c0
4 changed files with 25 additions and 18 deletions
--- a/features/headless.nix
+++ b/features/headless.nix
@ -1,3 +1,2 @@
 { config, lib, pkgs, callPackage, ... }: {
-  services.uptimed.enable = true;
 }
--- a/flake.lock
+++ b/flake.lock
@ -141,11 +141,11 @@
      "locked": {
        "lastModified": 1,
        "narHash": "sha256-pYpD+mKj2FS//91FsFc7YfemYBNLrFwXev9v3Q4JUEo=",
-        "path": "/nix/store/f82hk4y5iqxfszj9wf748rrlv63dvx64-source/modules/mlaga97-home-manager",
+        "path": "/nix/store/xmvprspr9148wdrh4s2gf5bg3r1sqny9-source/modules/mlaga97-home-manager",
        "type": "path"
      },
      "original": {
-        "path": "/nix/store/f82hk4y5iqxfszj9wf748rrlv63dvx64-source/modules/mlaga97-home-manager",
+        "path": "/nix/store/xmvprspr9148wdrh4s2gf5bg3r1sqny9-source/modules/mlaga97-home-manager",
        "type": "path"
      }
    },
--- a/systems/bastion/bastion-actual.nix
+++ b/systems/bastion/bastion-actual.nix
@ -67,13 +67,13 @@
    };

    "90-tinc" = {
-      matchConfig.Name = "tinc.mlaga97spa";
+      matchConfig.Name = "tinc.dotspace";
      address = [ "10.86.84.105/32" ];
      routes = [ { Destination = "10.86.84.0/24"; } ];
    };
  };

-  services.tinc.networks.mlaga97space = {
+  services.tinc.networks.dotspace = {
    name = "bastion";
    ed25519PrivateKeyFile = "/root/tinc/mlaga97space_ed25519_key.priv";

--- a/systems/bastion/bastion_base.nix
+++ b/systems/bastion/bastion_base.nix
@ -1,27 +1,35 @@
 { pkgs, ... }: {
  imports = [
-    # Base Config
+    # Core Features
    ../../features/base.nix
-    ../../features/headless.nix
+    ../../features/tui-apps.nix
+    ../../features/openssh-server.nix

-    # Features
+    # Core Tweaks
+    ../../tweaks/zram.nix
+    ../../tweaks/enable_flakes.nix
+    ../../tweaks/disable_nixos_user.nix
+    ../../tweaks/systemd-resolved_nonsense.nix
+
+    # Dotspace
+    ../../secrets/dotspace.nix
+    ../../secrets/dotspace_shares.nix
+    ../../features/stronghold-binary-cache.nix
+
+    # Users
+    ../../users/lauren_lagarde/lauren_lagarde.nix
+    ../../users/ashley_funkhouser/ashley_funkhouser.nix
+
+    # Bastion Features
+    ../../features/hardware/yubikey.nix
    ../../features/networking/networkd-br0.nix
    ../../features/virtualization/dockge.nix
    ../../features/virtualization/docker.nix
    ../../features/virtualization/libvirt-host.nix

-    # Tweaks
+    # Bastion Tweaks
    ../../tweaks/zfs.nix
-    ../../tweaks/zram.nix
    ../../tweaks/disable_firewall.nix
-    ../../tweaks/systemd-resolved_nonsense.nix
-
-    # Dotspace
-    ../../secrets/dotspace.nix
-
-    # Users
-    ../../users/lauren_lagarde/lauren_lagarde.nix
-    ../../users/ashley_funkhouser/ashley_funkhouser.nix
  ];

  ##############################################################################