81 lines
1.5 KiB
Nix
81 lines
1.5 KiB
Nix
{
|
|
inputs,
|
|
pkgs,
|
|
lib,
|
|
...
|
|
}: {
|
|
system.stateVersion = "22.11";
|
|
|
|
# Networking
|
|
networking = {
|
|
networkmanager.enable = true;
|
|
|
|
firewall = {
|
|
enable = true;
|
|
allowPing = true;
|
|
};
|
|
};
|
|
|
|
services.openssh = {
|
|
enable = lib.mkDefault true;
|
|
settings = {PasswordAuthentication = lib.mkDefault true;};
|
|
settings.X11Forwarding = true;
|
|
};
|
|
|
|
time.hardwareClockInLocalTime = true;
|
|
|
|
# User management
|
|
programs.zsh.enable = true;
|
|
users.users = {
|
|
root = {
|
|
openssh.authorizedKeys.keys = ["sshKey_placeholder"];
|
|
shell = pkgs.zsh;
|
|
};
|
|
jas = {
|
|
description = "Jeffrey Serio";
|
|
isNormalUser = true;
|
|
shell = pkgs.zsh;
|
|
};
|
|
};
|
|
|
|
security.sudo = {
|
|
enable = lib.mkDefault true;
|
|
extraRules = [
|
|
{
|
|
users = ["jas"];
|
|
commands = [
|
|
{
|
|
command = "ALL";
|
|
options = ["SETENV" "NOPASSWD"];
|
|
}
|
|
];
|
|
}
|
|
];
|
|
};
|
|
|
|
imports = [
|
|
"${inputs.nixpkgs}/nixos/modules/installer/scan/not-detected.nix"
|
|
];
|
|
|
|
# ZFS root
|
|
boot.zfs.forceImportRoot = lib.mkDefault false;
|
|
|
|
# Nix daemon config
|
|
nix = {
|
|
settings = {
|
|
auto-optimise-store = true;
|
|
experimental-features = ["nix-command" "flakes"];
|
|
trusted-users = ["root" "jas"];
|
|
keep-outputs = true;
|
|
keep-derivations = true;
|
|
};
|
|
gc = {
|
|
automatic = true;
|
|
dates = "weekly";
|
|
options = "--delete-older-than 7d";
|
|
};
|
|
};
|
|
|
|
environment.shells = [pkgs.bashInteractive pkgs.zsh];
|
|
}
|