nixos-config/hosts/nuc/default.nix

87 lines
1.9 KiB
Nix
Raw Normal View History

2024-05-03 18:23:21 +02:00
{ pkgs, ... }:
2023-01-23 17:30:09 +01:00
{
imports =
[
# Include the results of the hardware scan.
./hardware-configuration.nix
2024-05-20 12:19:05 +02:00
./modules/authentik
2023-01-23 23:35:44 +01:00
./modules/networks
2024-03-11 12:40:04 +01:00
./modules/adguard
./modules/backup
2024-05-20 12:19:05 +02:00
# ./modules/keycloak
2024-05-03 18:23:21 +02:00
./modules/jellyfin
2024-01-04 00:13:46 +01:00
./modules/cache
2023-10-17 10:39:14 +02:00
./modules/matrix
2024-02-29 15:37:22 +01:00
./modules/mautrix-telegram
2023-10-15 16:30:40 +02:00
./modules/seafile
./modules/torrent
2023-01-25 14:24:10 +01:00
./modules/vaultwarden
2023-01-24 12:05:09 +01:00
./modules/nginx
2024-05-17 16:18:39 +02:00
./modules/indexing
2023-01-23 17:30:09 +01:00
];
2024-01-04 00:17:40 +01:00
nix.settings.system-features = [ "gccarch-tigerlake" ];
2023-01-23 17:30:09 +01:00
boot = {
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true;
2023-04-16 13:43:30 +02:00
tmp.useTmpfs = true;
2023-12-27 22:22:42 +01:00
kernelPackages = pkgs.linuxPackages_latest;
2023-01-23 17:30:09 +01:00
};
2023-02-17 21:35:12 +01:00
services.btrfs.autoScrub.enable = true;
2023-05-30 20:36:52 +02:00
environment.persistence."/nix/persist/system" = {
directories = [
"/etc/ssh"
2023-08-06 22:24:01 +02:00
"/root/.borgmatic"
2023-06-08 10:16:06 +02:00
"/root/.local/share/zsh"
2023-07-30 19:41:51 +02:00
"/root/.config/borg/security"
2023-05-30 20:36:52 +02:00
];
files = [
"/etc/machine-id"
];
};
2023-11-16 14:40:40 +01:00
age.identityPaths = [ "/nix/persist/system/etc/ssh/ssh_host_ed25519_key" ];
2023-01-23 17:30:09 +01:00
time.timeZone = "Europe/Berlin";
i18n.defaultLocale = "en_US.UTF-8";
console = {
keyMap = "dvorak";
};
environment.systemPackages = with pkgs; [
vim
2023-01-28 22:28:56 +01:00
htop-vim
helix
2023-05-28 13:15:29 +02:00
lsof
2023-06-19 10:37:17 +02:00
btdu
2024-05-13 11:59:14 +02:00
tcpdump
mtr
2023-01-23 17:30:09 +01:00
];
programs.git = {
enable = true;
config = {
user.name = "Rouven Seifert";
user.email = "rouven@rfive.de";
};
};
# Enable the OpenSSH daemon.
services.openssh.enable = true;
2024-01-22 01:08:20 +01:00
services.journald.gateway.enable = true;
2023-11-16 01:27:01 +01:00
programs.mosh.enable = true;
2023-06-03 21:42:12 +02:00
2023-04-17 11:16:50 +02:00
2023-05-30 20:46:59 +02:00
users.users.root.initialHashedPassword = "$y$j9T$hYM7FT2hn3O7OWBn9uz8e0$XquxONcPSke6YjdRGwOzGxC0/92hgP7PIB0y0K.Qdr/";
2023-01-23 17:30:09 +01:00
users.users.root.openssh.authorizedKeys.keyFiles = [
../../keys/ssh/rouven-thinkpad
../../keys/ssh/root-thinkpad
2023-01-23 17:30:09 +01:00
../../keys/ssh/rouven-pixel
2023-07-30 19:41:51 +02:00
../../keys/ssh/root-falkenstein
2023-01-23 17:30:09 +01:00
];
2023-04-06 22:31:45 +02:00
system.stateVersion = "22.11";
2023-01-23 17:30:09 +01:00
}