hpc
/
nixcfg
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
NixOS configuration for HPC cluster https://docs.hpc.informatik.hs-fulda.de/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
54 Commits
1 Branch
0 Tags
352 KiB
Tree: 751039157e
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '751039157e'
${ noResults }
nixcfg/machines/node/users.nix

41 lines
811 B
Raw Normal View History

SSH host based auth
1 year ago
Inital import
1 year ago
SSH host based auth
1 year ago
Inital import
1 year ago
SSH host based auth
1 year ago
Inital import
1 year ago
SSH host based auth
1 year ago
Less FHS user env
1 year ago
LDAP login
1 year ago
SSH host based auth
1 year ago
nodes: allow ssh only for vip cluster users
4 months ago
SSH host based auth
1 year ago
update to 23.05 and other stuff
1 year ago
Inital import
1 year ago
  1. { lib, config, nodes, ... }:
  3. with lib;
  5. {
  6. fileSystems."home" = {
  7. mountPoint = "/home";
  8. device = "manager.${config.networking.domain}:/home";
  9. fsType = "nfs";
  10. options = [
  11. "nfsvers=4.2"
  12. "noauto"
  13. "x-systemd.automount"
  14. "x-systemd.idle-timeout=600"
  15. ];
  16. };
  18. services.openssh = {
  19. settings = {
  20. #LogLevel = "DEBUG3";
  21. };
  23. extraConfig = ''
  24. IgnoreRhosts no
  26. DenyGroups !vip,cluster
  28. Match Group vip
  29. HostbasedAuthentication yes
  30. HostbasedAcceptedAlgorithms ssh-ed25519*
  31. HostbasedUsesNameFromPacketOnly yes
  32. '';
  33. };
  35. environment.etc."ssh/shosts.equiv".text = concatStringsSep "\n" (concatMap
  36. (node: [
  37. node.config.networking.hostName
  38. node.config.networking.fqdn
  39. ])
  40. (attrValues nodes));
  41. }