2024-10-13 15:16:39 -05:00
|
|
|
{
|
|
|
|
config,
|
|
|
|
pkgs,
|
|
|
|
...
|
|
|
|
}: {
|
|
|
|
imports = [
|
|
|
|
./hardware.nix
|
|
|
|
./disk-config.nix
|
|
|
|
./mounts.nix
|
|
|
|
./secrets.nix
|
2024-10-15 16:02:42 -05:00
|
|
|
./nebula.nix
|
2024-11-03 21:38:19 -06:00
|
|
|
./k3s.nix
|
2024-10-13 15:16:39 -05:00
|
|
|
];
|
|
|
|
|
|
|
|
networking.hostName = "eidola"; # Define your hostname.
|
|
|
|
time.timeZone = "America/New_York"; # Set your time zone.
|
|
|
|
|
|
|
|
# Allow unfree packages (firmware)
|
|
|
|
nixpkgs.config.allowUnfree = true;
|
|
|
|
|
|
|
|
# Basic networking
|
|
|
|
networking.firewall.enable = true;
|
|
|
|
|
|
|
|
# Locales
|
|
|
|
i18n.defaultLocale = "en_US.UTF-8";
|
|
|
|
console = {
|
|
|
|
keyMap = "us";
|
|
|
|
};
|
|
|
|
|
|
|
|
# Users - eidola & root
|
|
|
|
users.users = {
|
|
|
|
root.hashedPasswordFile = config.sops.secrets."root-pw".path;
|
|
|
|
|
|
|
|
eidola = {
|
|
|
|
isNormalUser = true;
|
2024-11-03 20:30:30 -06:00
|
|
|
extraGroups = ["wheel"];
|
2024-10-13 15:16:39 -05:00
|
|
|
hashedPasswordFile = config.sops.secrets."user-pw".path;
|
|
|
|
openssh.authorizedKeys.keys = import ../../keys/ssh.nix;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
# Packages
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
|
|
rsync
|
|
|
|
git
|
|
|
|
vim
|
|
|
|
fastfetch
|
2024-11-02 00:50:53 -05:00
|
|
|
btop
|
2024-10-13 15:16:39 -05:00
|
|
|
];
|
|
|
|
environment.variables.EDITOR = "vim";
|
|
|
|
|
|
|
|
# Enable ssh server
|
|
|
|
services.openssh = {
|
|
|
|
enable = true;
|
|
|
|
settings.PasswordAuthentication = false;
|
|
|
|
settings.KbdInteractiveAuthentication = false;
|
2024-10-16 21:38:44 -05:00
|
|
|
|
|
|
|
listenAddresses = [
|
|
|
|
{
|
|
|
|
addr = "10.13.1.1";
|
|
|
|
port = 22;
|
|
|
|
}
|
|
|
|
];
|
2024-10-13 15:16:39 -05:00
|
|
|
};
|
|
|
|
|
|
|
|
# My modules
|
|
|
|
gen.system.hardening.disableSack = true;
|
|
|
|
gen.system.bootloader.luksSsh = {
|
|
|
|
enable = true;
|
|
|
|
port = 48722;
|
|
|
|
hostKeys = ["/persist/etc/secrets/initrd/ssh_host_ed25519_key"];
|
|
|
|
};
|
2024-11-03 20:30:30 -06:00
|
|
|
boot.initrd.network.udhcpc.enable = true;
|
2024-10-13 15:16:39 -05:00
|
|
|
|
|
|
|
system.stateVersion = "24.05";
|
|
|
|
}
|