{ config, lib, pkgs, ... }: let custom-generator = "generate-config.sh"; r6dLib = import ./nixos-template-base/lib.nix; hostname = "nixos-livecd.grudu.net"; dockerGitea = pkgs.dockerTools.pullImage { imageName = "gitea/gitea"; imageTag = "latest"; sha256 = "0hxi9hcgrm7qp4bq9lvc0i2b84ry2m2c2dq98ajyp6j6hzn7f9pz"; }; dockerJenkins = pkgs.dockerTools.pullImage { imageName = "jenkins"; imageTag = "latest"; sha256 = "1i70alhks87wl5s4yqs66f6rc5cgazna0pr8q3vn8qv99r7vwa86"; }; dockerSonar = pkgs.dockerTools.pullImage { imageName = "sonarqube"; imageTag = "latest"; sha256 = "1ls3jg04flwxhf3c7jpm798zmwa9i4644jri2vymdzkwd0z63shp"; }; in { imports = [ /nix/var/nix/profiles/per-user/root/channels/nixos/nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix nixos-template-base/base.nix ]; # Custom name isoImage.isoName = pkgs.lib.mkForce "${config.isoImage.isoBaseName}-grudu.net-${config.system.nixosLabel}-${pkgs.stdenv.system}.iso"; # Avoid having the terminal flooded by kernel audit messages boot.kernelParams = [ "audit=0" ]; # Files to copy to the liveCD isoImage.contents = [ { source = ./generate-config.sh; target = "/custom/${custom-generator}"; } ]; environment.shellAliases = { nixos-generate-custom-config = "/iso/custom/${custom-generator}";}; environment.systemPackages = with pkgs; [ # nécessaire pour bootraper git gpm sudo wget vim # Complément atop # monitoring gitstats glxinfo gource haskellPackages.bench # outil pour générer des benchmarks haskellPackages.pandoc-filter-graphviz #dockerGitea #dockerJenkins #dockerSonar # Smokeping bind ]; networking.hostName = "${hostname}"; services = { openssh.enable = true; virtualbox.guest.enable = true; xserver.enable = true; }; r6d.machines = r6dLib.applyProfilesToDirectory {} { "${hostname}" = { configurationFlags = { dns_resolveur = true; edition-photo = true; jetbrains-licensed = true; }; configurationOptions = {}; profiles = { isDubronetwork = true; isDubronetworkWorkstation = true; isDesktopEnvironment = true; isPrunetwork = true; isPrunetworkWorkstation = true; isWorkstation = true; }; }; }; users.extraUsers = { livecd = { password = "livecd"; isNormalUser = true; extraGroups = [ "audio" "docker" "vbox" "vboxusers" "wheel" ]; }; root = { initialPassword="root"; }; }; # Paquets avec setuid root security.wrappers = { # outil de diagnostic réseau fping.source = "${pkgs.fping}/bin/fping"; }; networking.extraHosts = '' 192.168.10.1 servdevbrest dev1 192.168.10.2 dev2 192.168.10.3 dev3 192.168.10.4 dev4 ''; programs.man.enable = true; services.smokeping = { enable = true; imgUrl = "http://localhost:8081/cache/"; # défini dans nginx probeConfig = '' + FPing binary = ${config.security.wrapperDir}/fping + FPing6 binary = ${config.security.wrapperDir}/fping6 +DNS #binary = ${pkgs.bind}/bin/dig binary = /run/current-system/sw/bin/dig forks = 5 offset = 50% step = 300 timeout = 15 ''; targetConfig = '' probe = FPing menu = Top title = Suivi de la latence reseau remark = Monitoring de la latence reseau. \ Here you will learn all about the latency of our network. + Local probe = FPing menu = Local title = Local Network ++ LocalMachine menu = Local Machine title = This host host = localhost ++ Servdevbrest probe = FPing menu = servdevbrest title = Servdevbrest host = 192.168.10.1 ++ Servdevbrest2 probe = FPing menu = servdevbrest2 title = Servdevbrest2 host = 192.168.10.2 ++ Servdevbrest3 probe = FPing menu = servdevbrest3 title = Servdevbrest3 host = 192.168.10.3 ++ Servdevbrest4 probe = FPing menu = servdevbrest4 title = Servdevbrest4 host = 192.168.10.4 ++ MultiHost menu = Multihost title = Ensemble de mesures de latence host = /Local/Servdevbrest /Local/Servdevbrest2 /Local/Servdevbrest3 /Local/Servdevbrest4 ''; }; # Ports ouverts networking.firewall.enable=false; # Pas besoin de mot de passe pour sudo security.sudo.enable=lib.mkForce true; security.sudo.wheelNeedsPassword=false; }