69 lines
1.5 KiB
Nix
69 lines
1.5 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
let metausers = (import ../../meta).users;
|
|
in {
|
|
imports = [ ../../modules ./unfree.nix ./applications.nix ./overlays.nix ];
|
|
|
|
boot.loader.timeout = 2;
|
|
boot.tmpOnTmpfs = true;
|
|
|
|
console.keyMap = "de_CH-latin1";
|
|
i18n.defaultLocale = "en_US.UTF-8";
|
|
|
|
users.mutableUsers = false;
|
|
users.groups = metausers.groups;
|
|
users.users = metausers.users // {
|
|
root.openssh.authorizedKeys.keys = with lib;
|
|
concatLists (mapAttrsToList (name: user:
|
|
if elem "wheel" user.extraGroups then
|
|
user.openssh.authorizedKeys.keys
|
|
else
|
|
[ ]) metausers.users);
|
|
};
|
|
|
|
# Package management
|
|
nix = {
|
|
trustedUsers = [ "root" "@wheel" ];
|
|
gc = {
|
|
automatic = true;
|
|
dates = "weekly";
|
|
options = "--delete-older-than 30d";
|
|
};
|
|
package = pkgs.nixFlakes;
|
|
extraOptions = ''
|
|
experimental-features = nix-command flakes
|
|
'';
|
|
};
|
|
|
|
system.autoUpgrade.enable = true;
|
|
system.autoUpgrade.allowReboot = false;
|
|
|
|
# System Services
|
|
services.btrfs.autoScrub.enable = true;
|
|
services.fwupd.enable = true;
|
|
|
|
# Network services
|
|
networking.firewall = {
|
|
allowPing = true;
|
|
allowedTCPPorts = [ 22 ];
|
|
};
|
|
|
|
services.openssh = {
|
|
enable = true;
|
|
passwordAuthentication = false;
|
|
};
|
|
|
|
security.acme = {
|
|
acceptTerms = true;
|
|
email = "sysadmin@qo.is";
|
|
};
|
|
|
|
# Default Settings
|
|
environment.etc = {
|
|
gitconfig.source = ./etc/gitconfig;
|
|
vimrc.source = ./etc/vimrc;
|
|
};
|
|
|
|
programs.autojump.enable = true;
|
|
programs.vim.defaultEditor = true;
|
|
}
|