2023-01-20 20:21:16 +01:00
|
|
|
{ config, lib, pkgs, inputs, values, ... }:
|
|
|
|
|
|
|
|
|
|
{
|
|
|
|
|
boot.loader.systemd-boot.enable = true;
|
|
|
|
|
boot.loader.efi.canTouchEfiVariables = true;
|
|
|
|
|
|
|
|
|
|
networking = {
|
|
|
|
|
domain = "home.feal.no";
|
2023-10-05 23:46:22 +02:00
|
|
|
nameservers = [ "192.168.10.3" "192.168.11.100" "1.1.1.1" ];
|
2023-09-15 00:21:07 +02:00
|
|
|
useDHCP = lib.mkDefault false;
|
2023-01-20 20:21:16 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
time.timeZone = "Europe/Oslo";
|
|
|
|
|
i18n.defaultLocale = "en_US.UTF-8";
|
|
|
|
|
|
|
|
|
|
console = {
|
|
|
|
|
font = "Lat2-Terminus16";
|
2023-09-15 00:21:07 +02:00
|
|
|
keyMap = lib.mkDefault "no";
|
2023-01-20 20:21:16 +01:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
nix = {
|
|
|
|
|
gc = {
|
|
|
|
|
automatic = true;
|
|
|
|
|
options = "--delete-older-than 2d";
|
|
|
|
|
};
|
|
|
|
|
|
2023-09-13 23:21:28 +02:00
|
|
|
settings = {
|
|
|
|
|
experimental-features = ["nix-command" "flakes"];
|
|
|
|
|
trusted-users = [ "felixalb" ];
|
|
|
|
|
builders-use-substitutes = true;
|
|
|
|
|
};
|
2023-01-20 20:21:16 +01:00
|
|
|
|
|
|
|
|
registry= {
|
|
|
|
|
nixpkgs.flake = inputs.nixpkgs;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
nixPath = [ "nixpkgs=${inputs.nixpkgs}" ];
|
|
|
|
|
};
|
|
|
|
|
|
2023-06-07 21:10:31 +02:00
|
|
|
programs.zsh.enable = true;
|
|
|
|
|
|
2023-04-16 16:49:08 +02:00
|
|
|
environment.systemPackages = with pkgs; [
|
2023-09-13 23:21:28 +02:00
|
|
|
bat
|
2023-04-16 16:49:08 +02:00
|
|
|
bottom
|
2023-09-13 23:21:28 +02:00
|
|
|
git
|
|
|
|
|
gnugrep
|
|
|
|
|
gnutar
|
2023-04-16 16:49:08 +02:00
|
|
|
ripgrep
|
2023-09-13 23:21:28 +02:00
|
|
|
rsync
|
|
|
|
|
tree
|
2023-12-07 10:22:35 +01:00
|
|
|
unstable.eza
|
2023-09-13 23:21:28 +02:00
|
|
|
wget
|
2023-04-16 16:49:08 +02:00
|
|
|
];
|
|
|
|
|
|
2023-01-20 20:21:16 +01:00
|
|
|
services.openssh = {
|
|
|
|
|
enable = true;
|
2023-06-07 21:10:31 +02:00
|
|
|
settings = {
|
|
|
|
|
PermitRootLogin = "no";
|
|
|
|
|
PasswordAuthentication = false;
|
|
|
|
|
KbdInteractiveAuthentication = false;
|
|
|
|
|
};
|
|
|
|
|
|
2023-05-03 17:49:50 +02:00
|
|
|
extraConfig = ''
|
|
|
|
|
AllowTcpForwarding yes
|
|
|
|
|
X11Forwarding no
|
|
|
|
|
AllowAgentForwarding yes
|
|
|
|
|
AuthenticationMethods publickey
|
|
|
|
|
'';
|
2023-01-20 20:21:16 +01:00
|
|
|
};
|
|
|
|
|
|
2023-10-05 23:44:58 +02:00
|
|
|
networking.firewall.allowedTCPPorts = [ 22 ];
|
|
|
|
|
|
2023-01-20 20:21:16 +01:00
|
|
|
users.users.felixalb = {
|
|
|
|
|
isNormalUser = true;
|
|
|
|
|
extraGroups = [ "wheel" ];
|
2023-04-16 16:49:08 +02:00
|
|
|
uid = 1000;
|
2023-01-20 20:21:16 +01:00
|
|
|
openssh.authorizedKeys.keys = [
|
|
|
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDKzPICGew7uN0cmvRmbwkwTCodTBUgEhkoftQnZuO4Q felixalbrigtsen@gmail.com"
|
2023-07-25 19:15:19 +02:00
|
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBTXSL0w7OUcz1LzEt1T3I3K5RgyNV+MYz0x/1RbpDHQ felixalb@worf"
|
2023-09-15 17:04:17 +02:00
|
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFiPHhj0YbklJnJNcxD0IlzPxLTGfv095H5zyS/1Wb64 felixalb@edison.home.feal.no"
|
2023-11-16 14:37:23 +01:00
|
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH5M7hYl3saBNMAo6sczgfUvASEJWFHuERB7xvf4gxst nix-builder-worf"
|
2023-01-20 20:21:16 +01:00
|
|
|
];
|
2023-09-15 00:21:07 +02:00
|
|
|
shell = pkgs.zsh;
|
2023-01-20 20:21:16 +01:00
|
|
|
};
|
2023-04-26 23:40:18 +02:00
|
|
|
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
2023-01-20 20:21:16 +01:00
|
|
|
}
|
