34 lines
808 B
Nix
34 lines
808 B
Nix
|
{pkgs, ...}: {
|
||
|
imports = [
|
||
|
./hardening.nix
|
||
|
./limits.nix
|
||
|
./networking.nix
|
||
|
./boot
|
||
|
];
|
||
|
|
||
|
# Ensure root login is available on every machine (if ssh is enabled)
|
||
|
users.users.root.openssh.authorizedKeys.keys = import ../../keys/ssh.nix;
|
||
|
|
||
|
# Speed up the build a little bit, these aren't really needed
|
||
|
documentation = {
|
||
|
enable = false;
|
||
|
info.enable = false;
|
||
|
man.enable = false;
|
||
|
doc.enable = false;
|
||
|
nixos.enable = false;
|
||
|
};
|
||
|
|
||
|
# Immutable users
|
||
|
users.mutableUsers = false;
|
||
|
|
||
|
### Nix settings ###
|
||
|
nix = {
|
||
|
# Make sure flakes are enabled
|
||
|
settings.experimental-features = ["nix-command" "flakes"];
|
||
|
|
||
|
# Use our nixpkgs on legacy Nix tools.
|
||
|
# This way I don't have to `nix-channel --update` to use `nix-shell`
|
||
|
nixPath = ["nixpath=${pkgs.path}"];
|
||
|
};
|
||
|
}
|