blob: a20ce6072e39833255f8d9a3b4999f3764119ca4 [file] [log] [blame]
Skyler Grey1e2187f2023-03-03 22:45:10 +00001# Edit this configuration file to define what should be installed on
2# your system. Help is available in the configuration.nix(5) man page
3# and in the NixOS manual (accessible by running ‘nixos-help’).
4
5{ config, pkgs, lib, ... }:
6
7{
8 # Use the GRUB 2 boot loader.
9 boot.loader.systemd-boot.enable = true;
10 # boot.loader.grub.efiSupport = true;
11 # boot.loader.grub.efiInstallAsRemovable = true;
12 # boot.loader.efi.efiSysMountPoint = "/boot/efi";
13 # Define on which hard drive you want to install Grub.
14 # boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only
15
16 # networking.hostName = "nixos"; # Define your hostname.
17 # Pick only one of the below networking options.
18 # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
19 # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
20
21 # Set your time zone.
22 time.timeZone = "America/New_York";
23
24 # Configure network proxy if necessary
25 # networking.proxy.default = "http://user:password@proxy:port/";
26 # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
27
28 # Select internationalisation properties.
29 # i18n.defaultLocale = "en_US.UTF-8";
30 # console = {
31 # font = "Lat2-Terminus16";
32 # keyMap = "us";
33 # useXkbConfig = true; # use xkbOptions in tty.
34 # };
35
36 # Enable the X11 windowing system.
37 # services.xserver.enable = true;
38
Skyler Grey1e2187f2023-03-03 22:45:10 +000039 # Configure keymap in X11
40 # services.xserver.layout = "us";
41 # services.xserver.xkbOptions = {
42 # "eurosign:e";
43 # "caps:escape" # map caps to escape.
44 # };
45
46 # Enable CUPS to print documents.
47 # services.printing.enable = true;
48
49 # Enable sound.
50 # sound.enable = true;
51 # hardware.pulseaudio.enable = true;
52
53 # Enable touchpad support (enabled default in most desktopManager).
54 # services.xserver.libinput.enable = true;
55
56 # Define a user account. Don't forget to set a password with ‘passwd’.
57 # users.users.alice = {
58 # isNormalUser = true;
59 # extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
60 # packages = with pkgs; [
61 # firefox
62 # thunderbird
63 # ];
64 # };
65 users.users.minion = {
66 isNormalUser = true;
67 extraGroups = [ "wheel" ];
68
69 openssh.authorizedKeys.keys = [
Skyler Grey624e5112023-08-20 21:51:01 +000070 "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIIteIdlZv52nUDxW2SUsoJ2NZi/w9j1NZwuHanQ/o/DuAAAAHnNzaDpjb2xsYWJvcmFfeXViaWtleV9yZXNpZGVudA== collabora_yubikey_resident"
71 "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIJRzQbQjXFpHKtt8lpNKmoNx57+EJ/z3wnKOn3/LjM6cAAAAFXNzaDppeXViaWtleV9yZXNpZGVudA== iyubikey_resident"
72 "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIOhzJ0p9bFRSURUjV05rrt5jCbxPXke7juNbEC9ZJXS/AAAAGXNzaDp0aW55X3l1YmlrZXlfcmVzaWRlbnQ= tiny_yubikey_resident"
Skyler Grey1e2187f2023-03-03 22:45:10 +000073 ];
74 };
75 users.users.coded = {
76 isNormalUser = true;
77 extraGroups = [ "wheel" ];
78 shell = pkgs.zsh;
79
80 openssh.authorizedKeys.keys = [
81 "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCZGErwcw5YUlJS9tAfIYOSqkiuDRZZRTJjMlrDaAiNwTjqUML/Lrcau/1KA6a0+sXCM8DhQ1e0qhh2Qxmh/kxZWO6XMVK2EB7ELPNojqFI16T8Bbhq2t7yVAqbPUhXLQ4xKGvWMCPWOCo/dY72P9yu7kkMV0kTW3nq25+8nvqIvvuQOlOUx1uyR7qEfO706O86wjVTIuwfZKyzMDIC909vyg0xS+SfFlD7MkBuGzevQnOAV3U6tyafg6XW4PaJuDLyGXwpKz6asY08F7gRL/7/GhlMB09nfFfT4sZggmqPdGAtxwsFuwHPjNSlktHz5nlHtpS0LjefR9mWiGIhw5Hw1z33lxP0rfmiEU9J7kFcXv9B8QAWFwWfNEZfeqB7h7DJruo+QRStGeDz4SwRG3GR+DB4iNJLt7n0ALkVFJpOpskeo8TV4+Fwok+hYs2GsvdEmh9Cj7dC/9CyRhJeam9iLIi/iVGZhXEE3tIiqEktZPjiK7JwQyr97zhGJ7Rj4oE= samue@SamuelDesktop"
Skyler Greyc3f94d62023-10-09 06:57:09 +000082 "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIH+TJRuMpDPgh6Wp2h+E+O/WoyEAVyWo6SN8oxm2JZNVAAAABHNzaDo= samue@SamuelDesktop"
Skyler Grey1e2187f2023-03-03 22:45:10 +000083 ];
84 };
Skyler Grey62ade0b2023-03-04 11:58:20 +000085 users.users.pinea = {
86 isNormalUser = true;
87 extraGroups = [ "wheel" ];
88 shell = pkgs.zsh;
89
90 openssh.authorizedKeys.keys = [
Skyler Grey335bd902023-03-05 12:34:12 +000091 "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIFXa8ow7H8XpTrwYI+oSgLFfb6YNZanwv/QCKvEKiERSAAAABHNzaDo= pineapplefan@Pineapplefan"
Skyler Grey1d6ed722023-03-08 00:14:12 +000092 "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAJNFMUYiEepGrIAbUM+Hlw/OuGWc8CNQsYlJ7519RVmeu+/vqEQbhchySTelibD19YqsZ7ICfYxAeQzOqHdXfs="
Skyler Grey62ade0b2023-03-04 11:58:20 +000093 ];
94 };
Skyler Grey1e2187f2023-03-03 22:45:10 +000095 users.users.nucleus = {
96 isSystemUser = true;
97 createHome = true;
Skyler Grey4f3e6062023-03-04 01:29:29 +000098 home = "/services/nucleus";
Skyler Grey1e2187f2023-03-03 22:45:10 +000099 group = "clicks";
100 shell = pkgs.bashInteractive;
101 };
Skyler Grey4f3e6062023-03-04 01:29:29 +0000102 users.users.websites = {
103 isSystemUser = true;
104 createHome = true;
105 home = "/services/websites";
106 group = "clicks";
107 shell = pkgs.bashInteractive;
108 };
109 users.groups.clicks = { };
Skyler Grey1e2187f2023-03-03 22:45:10 +0000110
111 programs.zsh.enable = true;
112 # List packages installed in system profile. To search, run:
113 # $ nix search wget
114 environment.systemPackages = with pkgs; [
115 vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
116 wget
117 ];
118
119 # Some programs need SUID wrappers, can be configured further or are
120 # started in user sessions.
121 # programs.mtr.enable = true;
122 # programs.gnupg.agent = {
123 # enable = true;
124 # enableSSHSupport = true;
125 # };
126
Skyler Greyb84a74c2023-03-08 00:50:03 +0000127 nix.settings.trusted-users = [ "minion" ]; # please do not add all wheel, only
128 # add users when there is a specific need
129
Skyler Grey1e2187f2023-03-03 22:45:10 +0000130 nix.settings.experimental-features = [ "nix-command" "flakes" ];
131
Skyler Grey1e2187f2023-03-03 22:45:10 +0000132 # Open ports in the firewall.
Skyler Greyfe1740c2023-10-21 01:24:18 +0000133 networking.firewall.allowedTCPPorts =
134 [ 80 443 25 465 587 110 995 143 993 29418 ];
Skyler Grey1e2187f2023-03-03 22:45:10 +0000135 # networking.firewall.allowedUDPPorts = [ ... ];
136 # Or disable the firewall altogether.
Skyler Greye11ffdd2023-05-01 21:31:57 +0000137 networking.firewall.enable = true;
Skyler Grey1e2187f2023-03-03 22:45:10 +0000138 networking.hostName = "Clicks";
139 # Copy the NixOS configuration file and link it from the resulting system
140 # (/run/current-system/configuration.nix). This is useful in case you
141 # accidentally delete configuration.nix.
Skyler Greyfe1740c2023-10-21 01:24:18 +0000142 # system.copySystemConfiguration = true;
Skyler Grey1e2187f2023-03-03 22:45:10 +0000143
144 # This value determines the NixOS release from which the default
145 # settings for stateful data, like file locations and database versions
146 # on your system were taken. It‘s perfectly fine and recommended to leave
147 # this value at the release version of the first install of this system.
148 # Before changing this value read the documentation for this option
149 # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
150 system.stateVersion = "22.11"; # Did you read the comment?
151
152}