| Skyler Grey | 1e2187f | 2023-03-03 22:45:10 +0000 | [diff] [blame] | 1 | # Edit this configuration file to define what should be installed on |
| 2 | # your system. Help is available in the configuration.nix(5) man page |
| 3 | # and in the NixOS manual (accessible by running ‘nixos-help’). |
| 4 | |
| 5 | { config, pkgs, lib, ... }: |
| 6 | |
| 7 | { |
| 8 | # Use the GRUB 2 boot loader. |
| 9 | boot.loader.systemd-boot.enable = true; |
| 10 | # boot.loader.grub.efiSupport = true; |
| 11 | # boot.loader.grub.efiInstallAsRemovable = true; |
| 12 | # boot.loader.efi.efiSysMountPoint = "/boot/efi"; |
| 13 | # Define on which hard drive you want to install Grub. |
| 14 | # boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only |
| 15 | |
| 16 | # networking.hostName = "nixos"; # Define your hostname. |
| 17 | # Pick only one of the below networking options. |
| 18 | # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. |
| 19 | # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. |
| 20 | |
| 21 | # Set your time zone. |
| TheCodedProf | aa1aeac | 2023-10-25 14:26:19 -0400 | [diff] [blame] | 22 | time.timeZone = "Etc/UTC"; |
| Skyler Grey | 1e2187f | 2023-03-03 22:45:10 +0000 | [diff] [blame] | 23 | |
| 24 | # Configure network proxy if necessary |
| 25 | # networking.proxy.default = "http://user:password@proxy:port/"; |
| 26 | # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; |
| 27 | |
| 28 | # Select internationalisation properties. |
| 29 | # i18n.defaultLocale = "en_US.UTF-8"; |
| 30 | # console = { |
| 31 | # font = "Lat2-Terminus16"; |
| 32 | # keyMap = "us"; |
| 33 | # useXkbConfig = true; # use xkbOptions in tty. |
| 34 | # }; |
| 35 | |
| 36 | # Enable the X11 windowing system. |
| 37 | # services.xserver.enable = true; |
| 38 | |
| Skyler Grey | 1e2187f | 2023-03-03 22:45:10 +0000 | [diff] [blame] | 39 | # Configure keymap in X11 |
| 40 | # services.xserver.layout = "us"; |
| 41 | # services.xserver.xkbOptions = { |
| 42 | # "eurosign:e"; |
| 43 | # "caps:escape" # map caps to escape. |
| 44 | # }; |
| 45 | |
| 46 | # Enable CUPS to print documents. |
| 47 | # services.printing.enable = true; |
| 48 | |
| 49 | # Enable sound. |
| 50 | # sound.enable = true; |
| 51 | # hardware.pulseaudio.enable = true; |
| 52 | |
| 53 | # Enable touchpad support (enabled default in most desktopManager). |
| 54 | # services.xserver.libinput.enable = true; |
| 55 | |
| 56 | # Define a user account. Don't forget to set a password with ‘passwd’. |
| 57 | # users.users.alice = { |
| 58 | # isNormalUser = true; |
| 59 | # extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. |
| 60 | # packages = with pkgs; [ |
| 61 | # firefox |
| 62 | # thunderbird |
| 63 | # ]; |
| 64 | # }; |
| 65 | users.users.minion = { |
| 66 | isNormalUser = true; |
| 67 | extraGroups = [ "wheel" ]; |
| 68 | |
| 69 | openssh.authorizedKeys.keys = [ |
| Skyler Grey | 624e511 | 2023-08-20 21:51:01 +0000 | [diff] [blame] | 70 | "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIIteIdlZv52nUDxW2SUsoJ2NZi/w9j1NZwuHanQ/o/DuAAAAHnNzaDpjb2xsYWJvcmFfeXViaWtleV9yZXNpZGVudA== collabora_yubikey_resident" |
| 71 | "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIJRzQbQjXFpHKtt8lpNKmoNx57+EJ/z3wnKOn3/LjM6cAAAAFXNzaDppeXViaWtleV9yZXNpZGVudA== iyubikey_resident" |
| 72 | "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIOhzJ0p9bFRSURUjV05rrt5jCbxPXke7juNbEC9ZJXS/AAAAGXNzaDp0aW55X3l1YmlrZXlfcmVzaWRlbnQ= tiny_yubikey_resident" |
| Skyler Grey | 1e2187f | 2023-03-03 22:45:10 +0000 | [diff] [blame] | 73 | ]; |
| 74 | }; |
| 75 | users.users.coded = { |
| 76 | isNormalUser = true; |
| 77 | extraGroups = [ "wheel" ]; |
| 78 | shell = pkgs.zsh; |
| 79 | |
| 80 | openssh.authorizedKeys.keys = [ |
| 81 | "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCZGErwcw5YUlJS9tAfIYOSqkiuDRZZRTJjMlrDaAiNwTjqUML/Lrcau/1KA6a0+sXCM8DhQ1e0qhh2Qxmh/kxZWO6XMVK2EB7ELPNojqFI16T8Bbhq2t7yVAqbPUhXLQ4xKGvWMCPWOCo/dY72P9yu7kkMV0kTW3nq25+8nvqIvvuQOlOUx1uyR7qEfO706O86wjVTIuwfZKyzMDIC909vyg0xS+SfFlD7MkBuGzevQnOAV3U6tyafg6XW4PaJuDLyGXwpKz6asY08F7gRL/7/GhlMB09nfFfT4sZggmqPdGAtxwsFuwHPjNSlktHz5nlHtpS0LjefR9mWiGIhw5Hw1z33lxP0rfmiEU9J7kFcXv9B8QAWFwWfNEZfeqB7h7DJruo+QRStGeDz4SwRG3GR+DB4iNJLt7n0ALkVFJpOpskeo8TV4+Fwok+hYs2GsvdEmh9Cj7dC/9CyRhJeam9iLIi/iVGZhXEE3tIiqEktZPjiK7JwQyr97zhGJ7Rj4oE= samue@SamuelDesktop" |
| Skyler Grey | c3f94d6 | 2023-10-09 06:57:09 +0000 | [diff] [blame] | 82 | "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIH+TJRuMpDPgh6Wp2h+E+O/WoyEAVyWo6SN8oxm2JZNVAAAABHNzaDo= samue@SamuelDesktop" |
| Skyler Grey | 44635e2 | 2023-10-25 21:01:42 +0000 | [diff] [blame^] | 83 | "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAILrwKN4dJQ0BiLmjsA/66QHhu06+JyokWtHkLcjhWU79AAAABHNzaDo= coded-sk-resident-1" |
| Skyler Grey | 1e2187f | 2023-03-03 22:45:10 +0000 | [diff] [blame] | 84 | ]; |
| 85 | }; |
| Skyler Grey | 54d3f8f | 2023-10-24 18:50:10 +0000 | [diff] [blame] | 86 | users.users.pineafan = { |
| Skyler Grey | 62ade0b | 2023-03-04 11:58:20 +0000 | [diff] [blame] | 87 | isNormalUser = true; |
| 88 | extraGroups = [ "wheel" ]; |
| 89 | shell = pkgs.zsh; |
| 90 | |
| 91 | openssh.authorizedKeys.keys = [ |
| Skyler Grey | 335bd90 | 2023-03-05 12:34:12 +0000 | [diff] [blame] | 92 | "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIFXa8ow7H8XpTrwYI+oSgLFfb6YNZanwv/QCKvEKiERSAAAABHNzaDo= pineapplefan@Pineapplefan" |
| Skyler Grey | 1d6ed72 | 2023-03-08 00:14:12 +0000 | [diff] [blame] | 93 | "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAJNFMUYiEepGrIAbUM+Hlw/OuGWc8CNQsYlJ7519RVmeu+/vqEQbhchySTelibD19YqsZ7ICfYxAeQzOqHdXfs=" |
| Skyler Grey | 62ade0b | 2023-03-04 11:58:20 +0000 | [diff] [blame] | 94 | ]; |
| 95 | }; |
| Skyler Grey | 1e2187f | 2023-03-03 22:45:10 +0000 | [diff] [blame] | 96 | users.users.nucleus = { |
| 97 | isSystemUser = true; |
| 98 | createHome = true; |
| Skyler Grey | 4f3e606 | 2023-03-04 01:29:29 +0000 | [diff] [blame] | 99 | home = "/services/nucleus"; |
| Skyler Grey | 1e2187f | 2023-03-03 22:45:10 +0000 | [diff] [blame] | 100 | group = "clicks"; |
| 101 | shell = pkgs.bashInteractive; |
| 102 | }; |
| Skyler Grey | 4f3e606 | 2023-03-04 01:29:29 +0000 | [diff] [blame] | 103 | users.users.websites = { |
| 104 | isSystemUser = true; |
| 105 | createHome = true; |
| 106 | home = "/services/websites"; |
| 107 | group = "clicks"; |
| 108 | shell = pkgs.bashInteractive; |
| 109 | }; |
| 110 | users.groups.clicks = { }; |
| Skyler Grey | 1e2187f | 2023-03-03 22:45:10 +0000 | [diff] [blame] | 111 | |
| 112 | programs.zsh.enable = true; |
| 113 | # List packages installed in system profile. To search, run: |
| 114 | # $ nix search wget |
| 115 | environment.systemPackages = with pkgs; [ |
| 116 | vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. |
| 117 | wget |
| 118 | ]; |
| 119 | |
| 120 | # Some programs need SUID wrappers, can be configured further or are |
| 121 | # started in user sessions. |
| 122 | # programs.mtr.enable = true; |
| 123 | # programs.gnupg.agent = { |
| 124 | # enable = true; |
| 125 | # enableSSHSupport = true; |
| 126 | # }; |
| 127 | |
| Skyler Grey | b84a74c | 2023-03-08 00:50:03 +0000 | [diff] [blame] | 128 | nix.settings.trusted-users = [ "minion" ]; # please do not add all wheel, only |
| 129 | # add users when there is a specific need |
| 130 | |
| Skyler Grey | 1e2187f | 2023-03-03 22:45:10 +0000 | [diff] [blame] | 131 | nix.settings.experimental-features = [ "nix-command" "flakes" ]; |
| 132 | |
| Skyler Grey | 1e2187f | 2023-03-03 22:45:10 +0000 | [diff] [blame] | 133 | # Open ports in the firewall. |
| Skyler Grey | fe1740c | 2023-10-21 01:24:18 +0000 | [diff] [blame] | 134 | networking.firewall.allowedTCPPorts = |
| 135 | [ 80 443 25 465 587 110 995 143 993 29418 ]; |
| Skyler Grey | 1e2187f | 2023-03-03 22:45:10 +0000 | [diff] [blame] | 136 | # networking.firewall.allowedUDPPorts = [ ... ]; |
| 137 | # Or disable the firewall altogether. |
| Skyler Grey | e11ffdd | 2023-05-01 21:31:57 +0000 | [diff] [blame] | 138 | networking.firewall.enable = true; |
| Skyler Grey | 1e2187f | 2023-03-03 22:45:10 +0000 | [diff] [blame] | 139 | networking.hostName = "Clicks"; |
| 140 | # Copy the NixOS configuration file and link it from the resulting system |
| 141 | # (/run/current-system/configuration.nix). This is useful in case you |
| 142 | # accidentally delete configuration.nix. |
| Skyler Grey | fe1740c | 2023-10-21 01:24:18 +0000 | [diff] [blame] | 143 | # system.copySystemConfiguration = true; |
| Skyler Grey | 1e2187f | 2023-03-03 22:45:10 +0000 | [diff] [blame] | 144 | |
| 145 | # This value determines the NixOS release from which the default |
| 146 | # settings for stateful data, like file locations and database versions |
| 147 | # on your system were taken. It‘s perfectly fine and recommended to leave |
| 148 | # this value at the release version of the first install of this system. |
| 149 | # Before changing this value read the documentation for this option |
| 150 | # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). |
| 151 | system.stateVersion = "22.11"; # Did you read the comment? |
| 152 | |
| 153 | } |