{ pkgs, ... }: { imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix ./modules/authentik ./modules/networks ./modules/adguard ./modules/backup ./modules/cache ./modules/logseq ./modules/matrix ./modules/mautrix-telegram ./modules/monitoring ./modules/torrent ./modules/vaultwarden ./modules/caddy ./modules/indexing ]; nix.settings.system-features = [ "gccarch-tigerlake" ]; nixpkgs.config.permittedInsecurePackages = [ "aspnetcore-runtime-wrapped-6.0.36" "aspnetcore-runtime-6.0.36" "dotnet-sdk-wrapped-6.0.428" "dotnet-sdk-6.0.428" "jitsi-meet-1.0.8043" "olm-3.2.16" ]; boot = { loader.systemd-boot.enable = true; loader.efi.canTouchEfiVariables = true; tmp.useTmpfs = true; kernelPackages = pkgs.linuxPackages_latest; }; services.btrfs.autoScrub.enable = true; environment.persistence."/nix/persist/system" = { directories = [ "/etc/ssh" "/root/.borgmatic" "/root/.local/share/zsh" "/root/.config/borg/security" ]; files = [ "/etc/machine-id" ]; }; age.identityPaths = [ "/nix/persist/system/etc/ssh/ssh_host_ed25519_key" ]; time.timeZone = "Europe/Berlin"; i18n.defaultLocale = "en_US.UTF-8"; console = { keyMap = "dvorak"; }; environment.systemPackages = with pkgs; [ vim htop-vim helix lsof btdu tcpdump mtr ]; programs.git = { enable = true; config = { user.name = "Rouven Seifert"; user.email = "rouven@rfive.de"; }; }; # Enable the OpenSSH daemon. services.openssh.enable = true; services.journald.gateway.enable = true; programs.mosh.enable = true; users.users.root.initialHashedPassword = "$y$j9T$hYM7FT2hn3O7OWBn9uz8e0$XquxONcPSke6YjdRGwOzGxC0/92hgP7PIB0y0K.Qdr/"; users.users.root.openssh.authorizedKeys.keyFiles = [ ../../keys/ssh/rouven-thinkpad ../../keys/ssh/root-thinkpad ../../keys/ssh/rouven-pixel ../../keys/ssh/root-falkenstein ]; system.stateVersion = "22.11"; }