2022-11-04 19:35:57 +01:00
|
|
|
|
{ custom }: { pkgs, ... }:
|
2021-11-23 22:17:41 +01:00
|
|
|
|
{
|
|
|
|
|
imports = [
|
2022-11-04 19:35:57 +01:00
|
|
|
|
"${custom.inputs.self}/modules/cli"
|
2021-11-23 22:17:41 +01:00
|
|
|
|
];
|
|
|
|
|
|
2021-11-27 16:53:22 +01:00
|
|
|
|
# The rough location
|
|
|
|
|
location = {
|
|
|
|
|
latitude = 46.948;
|
|
|
|
|
longitude = 7.447;
|
|
|
|
|
};
|
|
|
|
|
|
2021-11-23 22:17:41 +01:00
|
|
|
|
# Set your time zone.
|
|
|
|
|
time.timeZone = "Europe/Zurich";
|
2022-11-12 16:30:41 +01:00
|
|
|
|
services.timesyncd.enable = true;
|
2021-11-23 22:17:41 +01:00
|
|
|
|
|
2022-12-02 20:10:08 +01:00
|
|
|
|
services.nscd.enableNsncd = true;
|
2021-11-23 22:17:41 +01:00
|
|
|
|
networking = {
|
2022-03-27 16:14:54 +02:00
|
|
|
|
domain = "2li.local";
|
2022-01-16 17:44:05 +01:00
|
|
|
|
enableIPv6 = false;
|
2022-09-17 19:25:57 +02:00
|
|
|
|
firewall = {
|
|
|
|
|
allowPing = true;
|
|
|
|
|
allowedTCPPorts = [ 22 ];
|
|
|
|
|
};
|
2022-11-12 16:30:41 +01:00
|
|
|
|
timeServers = [
|
|
|
|
|
"10.7.89.1"
|
|
|
|
|
"ch.pool.ntp.org"
|
|
|
|
|
];
|
|
|
|
|
|
2021-11-23 22:17:41 +01:00
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
hardware = {
|
|
|
|
|
enableRedistributableFirmware = true;
|
|
|
|
|
};
|
|
|
|
|
|
2021-11-24 20:39:18 +01:00
|
|
|
|
programs.mosh.enable = true;
|
2022-12-07 22:01:16 +01:00
|
|
|
|
programs.ssh.startAgent = true;
|
2022-08-15 14:55:47 +02:00
|
|
|
|
services.openssh = {
|
|
|
|
|
enable = true;
|
|
|
|
|
permitRootLogin = "no";
|
|
|
|
|
passwordAuthentication = false;
|
|
|
|
|
kbdInteractiveAuthentication = false;
|
|
|
|
|
extraConfig = ''
|
|
|
|
|
AllowTcpForwarding yes
|
|
|
|
|
X11Forwarding no
|
|
|
|
|
AllowAgentForwarding no
|
|
|
|
|
AllowStreamLocalForwarding no
|
|
|
|
|
AuthenticationMethods publickey
|
|
|
|
|
'';
|
2021-11-23 22:17:41 +01:00
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
# Select internationalisation properties.
|
2023-03-07 20:51:58 +01:00
|
|
|
|
i18n = {
|
|
|
|
|
defaultLocale = "en_US.UTF-8";
|
|
|
|
|
extraLocaleSettings = {
|
|
|
|
|
LC_NUMERIC = "de_CH.UTF-8";
|
|
|
|
|
LC_TIME = "de_CH.UTF-8";
|
|
|
|
|
LC_MONETARY = "de_CH.UTF-8";
|
|
|
|
|
LC_PAPER = "de_CH.UTF-8";
|
|
|
|
|
LC_TELEPHONE = "de_CH.UTF-8";
|
|
|
|
|
LC_MEASUREMENT = "de_CH.UTF-8";
|
|
|
|
|
};
|
|
|
|
|
};
|
2021-11-23 22:17:41 +01:00
|
|
|
|
console = {
|
|
|
|
|
font = "Lat2-Terminus16";
|
|
|
|
|
keyMap = "us";
|
|
|
|
|
};
|
|
|
|
|
|
2022-01-12 22:08:22 +01:00
|
|
|
|
# Disable the root user
|
|
|
|
|
users.users.root.hashedPassword = "!";
|
2021-11-23 22:17:41 +01:00
|
|
|
|
# Define a user account. Don't forget to set a password with ‘passwd’.
|
2022-02-21 11:36:12 +01:00
|
|
|
|
users.users.${custom.username} = {
|
2021-11-23 22:17:41 +01:00
|
|
|
|
isNormalUser = true;
|
|
|
|
|
initialPassword = "password";
|
|
|
|
|
extraGroups = [
|
|
|
|
|
"wheel"
|
|
|
|
|
"networkmanager"
|
|
|
|
|
];
|
2022-01-10 21:57:50 +01:00
|
|
|
|
openssh.authorizedKeys.keys = [
|
|
|
|
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCR+JXNHSAEQamn2QiaKV0vejCPy6OmzOePXoaQF6CEknXyvBO4j7+qpgZ5RAhe7ups8xZrEpBKdtxRMf7OdQQEXg1PLlfWZSJTC8EGu1TbMltbwwHizgsK/15LkDhJ0Gk/GFz9O9GvGqjizik8Kvvqz8XWY0tEtYs5Riq8bB5D5Ctwl10iultqnIQkdaX0bNa/2X57XKeutWdbqhuSC/C7awC1aVDIdfy1BNT3weHhQhFVAeAlH7Fy4rx3gYPclICfzu27lulLeXKJj9F+NdeY84zEy7E8IkE7eqdo1zfdJJpXSIh3FqekWen5njzWJsXqZCa2Ynk1poK/Rv/ti+ySE+4XicyXp0VJM8fDz6iUI0S/pjumHwzpoN9CeNe5PDK3Y7iQzSlO9REvkj/+v7r2s6XKslk9B7hTKunvH5JgHlIeYymzXb4r2LggNrP/1KUgNk1Ztu+s1c5onXYfBNul1iQOFU3+kgTk8Oh/UFK3FA0dYeWrOLA02TdH2S7U6yE= andreas@gwyn"
|
|
|
|
|
|
|
|
|
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDxBun0BYQaz/WjiP+g5+Hs9/JZnWAuLTpTVYgx/9shJwKS5Zu9K3I115DYOro/lpu0AMeeJca5We2AICcxYcM0lIZvsJqfOnFOHFjgmHxHc6IuzrUPM7msoLneF5lxfJ8ko2/LcFq8EtGlzjkllRpFpp2FtxDviD1lr4mJda4cOuQES4ujH3HP5Shpwa96oqnDENWCL+XPFe+Ur+88tuKTQ2MIX5Iqhs2sMIwsMI1o8HjBi4sMd+kd7qb232XcwWTlP3iIWvq/0D3OxZ6J6uSNyC4UCl781lupLOKrC6ml58RUrYP8nrF0a53+i0hgLuDiCWhj0vkY7W9nJW1no425 andreas@python"
|
2022-02-21 11:39:17 +01:00
|
|
|
|
|
2023-02-02 00:12:09 +01:00
|
|
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPo4TJ6Fx4xWFWOi/L6WJs3luyJamISry2xvAh1hGZTM andreas@ipad"
|
2022-01-10 21:57:50 +01:00
|
|
|
|
];
|
2021-11-23 22:17:41 +01:00
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
# allow non-free packages
|
|
|
|
|
nixpkgs.config.allowUnfree = true;
|
|
|
|
|
|
2021-11-30 20:25:33 +01:00
|
|
|
|
nix = {
|
2022-11-04 19:35:57 +01:00
|
|
|
|
nixPath = [ "nixpkgs=${custom.inputs.nixpkgs}" ];
|
2022-02-16 22:19:13 +01:00
|
|
|
|
registry = {
|
2022-11-04 19:35:57 +01:00
|
|
|
|
nixpkgs.flake = custom.inputs.nixpkgs;
|
|
|
|
|
nix-config.flake = custom.inputs.self;
|
2022-02-15 20:54:21 +01:00
|
|
|
|
};
|
|
|
|
|
|
2022-12-01 22:43:09 +01:00
|
|
|
|
package = pkgs.nix;
|
|
|
|
|
settings = {
|
|
|
|
|
warn-dirty = false;
|
|
|
|
|
auto-optimise-store = true;
|
|
|
|
|
experimental-features = [ "nix-command" "flakes" ];
|
|
|
|
|
trusted-users = [ "root" "@wheel" ];
|
2022-12-06 22:15:56 +01:00
|
|
|
|
min-free = 1000000000;
|
|
|
|
|
max-free = 10000000000;
|
|
|
|
|
connect-timeout = 5;
|
|
|
|
|
fallback = true;
|
2022-12-01 22:43:09 +01:00
|
|
|
|
};
|
2021-11-30 20:25:33 +01:00
|
|
|
|
# enable garbage collection
|
|
|
|
|
gc = {
|
|
|
|
|
automatic = true;
|
2021-12-08 08:31:37 +01:00
|
|
|
|
dates = "daily";
|
2022-06-08 10:39:25 +02:00
|
|
|
|
options = "--delete-older-than 30d";
|
2021-11-30 20:25:33 +01:00
|
|
|
|
};
|
2021-11-23 22:17:41 +01:00
|
|
|
|
};
|
2021-11-30 20:25:33 +01:00
|
|
|
|
|
2021-11-23 22:17:41 +01:00
|
|
|
|
environment.variables = {
|
|
|
|
|
EDITOR = "vim";
|
|
|
|
|
HIGHLIGHT_STYLE = "solarized-light";
|
2022-12-09 13:10:06 +01:00
|
|
|
|
HISTTIMEFORMAT = "%F %T ";
|
2022-08-07 15:52:38 +02:00
|
|
|
|
NIXPKGS_ALLOW_UNFREE = "1";
|
2021-11-23 22:17:41 +01:00
|
|
|
|
};
|
|
|
|
|
|
2022-01-16 17:20:10 +01:00
|
|
|
|
security.sudo = {
|
|
|
|
|
extraRules = [
|
|
|
|
|
{
|
2022-12-13 21:15:18 +01:00
|
|
|
|
users = [ "%wheel" ];
|
2022-01-16 17:20:10 +01:00
|
|
|
|
commands = [
|
|
|
|
|
{
|
2022-12-13 21:15:18 +01:00
|
|
|
|
command = "ALL";
|
|
|
|
|
options = [ "SETENV" "NOPASSWD" ];
|
2022-03-04 18:28:49 +01:00
|
|
|
|
}
|
2022-01-16 17:20:10 +01:00
|
|
|
|
];
|
|
|
|
|
}
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
|
2021-11-23 22:17:41 +01:00
|
|
|
|
# This value determines the NixOS release from which the default
|
|
|
|
|
# settings for stateful data, like file locations and database versions
|
|
|
|
|
# on your system were taken. It‘s perfectly fine and recommended to leave
|
|
|
|
|
# this value at the release version of the first install of this system.
|
|
|
|
|
# Before changing this value read the documentation for this option
|
|
|
|
|
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
2022-02-23 10:43:04 +01:00
|
|
|
|
system.stateVersion = custom.version;
|
2021-11-23 22:17:41 +01:00
|
|
|
|
}
|
|
|
|
|
|