Blame - default/configuration.nix - Infra/NixFiles

blob: 9276dcb17c9514fd2b01beda425db44aa70c7b65 [file] [log] [blame]

Skyler Grey	1e2187f	2023-03-03 22:45:10 +0000	[diff] [blame]	1	# Edit this configuration file to define what should be installed on
				2	# your system. Help is available in the configuration.nix(5) man page
				3	# and in the NixOS manual (accessible by running ‘nixos-help’).
				4
				5	{ config, pkgs, lib, ... }:
				6
				7	{
				8	# Use the GRUB 2 boot loader.
				9	boot.loader.systemd-boot.enable = true;
				10	# boot.loader.grub.efiSupport = true;
				11	# boot.loader.grub.efiInstallAsRemovable = true;
				12	# boot.loader.efi.efiSysMountPoint = "/boot/efi";
				13	# Define on which hard drive you want to install Grub.
				14	# boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only
				15
				16	# networking.hostName = "nixos"; # Define your hostname.
				17	# Pick only one of the below networking options.
				18	# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
				19	# networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
				20
				21	# Set your time zone.
				22	time.timeZone = "America/New_York";
				23
				24	# Configure network proxy if necessary
				25	# networking.proxy.default = "http://user:password@proxy:port/";
				26	# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
				27
				28	# Select internationalisation properties.
				29	# i18n.defaultLocale = "en_US.UTF-8";
				30	# console = {
				31	# font = "Lat2-Terminus16";
				32	# keyMap = "us";
				33	# useXkbConfig = true; # use xkbOptions in tty.
				34	# };
				35
				36	# Enable the X11 windowing system.
				37	# services.xserver.enable = true;
				38
				39
				40
				41
				42	# Configure keymap in X11
				43	# services.xserver.layout = "us";
				44	# services.xserver.xkbOptions = {
				45	# "eurosign:e";
				46	# "caps:escape" # map caps to escape.
				47	# };
				48
				49	# Enable CUPS to print documents.
				50	# services.printing.enable = true;
				51
				52	# Enable sound.
				53	# sound.enable = true;
				54	# hardware.pulseaudio.enable = true;
				55
				56	# Enable touchpad support (enabled default in most desktopManager).
				57	# services.xserver.libinput.enable = true;
				58
				59	# Define a user account. Don't forget to set a password with ‘passwd’.
				60	# users.users.alice = {
				61	# isNormalUser = true;
				62	# extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
				63	# packages = with pkgs; [
				64	# firefox
				65	# thunderbird
				66	# ];
				67	# };
				68	users.users.minion = {
				69	isNormalUser = true;
				70	extraGroups = [ "wheel" ];
				71
				72	openssh.authorizedKeys.keys = [
Skyler Grey	624e511	2023-08-20 21:51:01 +0000	[diff] [blame^]	73	"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIIteIdlZv52nUDxW2SUsoJ2NZi/w9j1NZwuHanQ/o/DuAAAAHnNzaDpjb2xsYWJvcmFfeXViaWtleV9yZXNpZGVudA== collabora_yubikey_resident"
				74	"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIJRzQbQjXFpHKtt8lpNKmoNx57+EJ/z3wnKOn3/LjM6cAAAAFXNzaDppeXViaWtleV9yZXNpZGVudA== iyubikey_resident"
				75	"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIOhzJ0p9bFRSURUjV05rrt5jCbxPXke7juNbEC9ZJXS/AAAAGXNzaDp0aW55X3l1YmlrZXlfcmVzaWRlbnQ= tiny_yubikey_resident"
Skyler Grey	1e2187f	2023-03-03 22:45:10 +0000	[diff] [blame]	76	];
				77	};
				78	users.users.coded = {
				79	isNormalUser = true;
				80	extraGroups = [ "wheel" ];
				81	shell = pkgs.zsh;
				82
				83	openssh.authorizedKeys.keys = [
				84	"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCZGErwcw5YUlJS9tAfIYOSqkiuDRZZRTJjMlrDaAiNwTjqUML/Lrcau/1KA6a0+sXCM8DhQ1e0qhh2Qxmh/kxZWO6XMVK2EB7ELPNojqFI16T8Bbhq2t7yVAqbPUhXLQ4xKGvWMCPWOCo/dY72P9yu7kkMV0kTW3nq25+8nvqIvvuQOlOUx1uyR7qEfO706O86wjVTIuwfZKyzMDIC909vyg0xS+SfFlD7MkBuGzevQnOAV3U6tyafg6XW4PaJuDLyGXwpKz6asY08F7gRL/7/GhlMB09nfFfT4sZggmqPdGAtxwsFuwHPjNSlktHz5nlHtpS0LjefR9mWiGIhw5Hw1z33lxP0rfmiEU9J7kFcXv9B8QAWFwWfNEZfeqB7h7DJruo+QRStGeDz4SwRG3GR+DB4iNJLt7n0ALkVFJpOpskeo8TV4+Fwok+hYs2GsvdEmh9Cj7dC/9CyRhJeam9iLIi/iVGZhXEE3tIiqEktZPjiK7JwQyr97zhGJ7Rj4oE= samue@SamuelDesktop"
				85	];
				86	};
Skyler Grey	62ade0b	2023-03-04 11:58:20 +0000	[diff] [blame]	87	users.users.pinea = {
				88	isNormalUser = true;
				89	extraGroups = [ "wheel" ];
				90	shell = pkgs.zsh;
				91
				92	openssh.authorizedKeys.keys = [
Skyler Grey	335bd90	2023-03-05 12:34:12 +0000	[diff] [blame]	93	"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIFXa8ow7H8XpTrwYI+oSgLFfb6YNZanwv/QCKvEKiERSAAAABHNzaDo= pineapplefan@Pineapplefan"
Skyler Grey	1d6ed72	2023-03-08 00:14:12 +0000	[diff] [blame]	94	"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAJNFMUYiEepGrIAbUM+Hlw/OuGWc8CNQsYlJ7519RVmeu+/vqEQbhchySTelibD19YqsZ7ICfYxAeQzOqHdXfs="
Skyler Grey	62ade0b	2023-03-04 11:58:20 +0000	[diff] [blame]	95	];
				96	};
Skyler Grey	1e2187f	2023-03-03 22:45:10 +0000	[diff] [blame]	97	users.users.nucleus = {
				98	isSystemUser = true;
				99	createHome = true;
Skyler Grey	4f3e606	2023-03-04 01:29:29 +0000	[diff] [blame]	100	home = "/services/nucleus";
Skyler Grey	1e2187f	2023-03-03 22:45:10 +0000	[diff] [blame]	101	group = "clicks";
				102	shell = pkgs.bashInteractive;
				103	};
Skyler Grey	4f3e606	2023-03-04 01:29:29 +0000	[diff] [blame]	104	users.users.websites = {
				105	isSystemUser = true;
				106	createHome = true;
				107	home = "/services/websites";
				108	group = "clicks";
				109	shell = pkgs.bashInteractive;
				110	};
				111	users.groups.clicks = { };
Skyler Grey	1e2187f	2023-03-03 22:45:10 +0000	[diff] [blame]	112
				113	programs.zsh.enable = true;
				114	# List packages installed in system profile. To search, run:
				115	# $ nix search wget
				116	environment.systemPackages = with pkgs; [
				117	vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
				118	wget
				119	];
				120
				121	# Some programs need SUID wrappers, can be configured further or are
				122	# started in user sessions.
				123	# programs.mtr.enable = true;
				124	# programs.gnupg.agent = {
				125	# enable = true;
				126	# enableSSHSupport = true;
				127	# };
				128
Skyler Grey	b84a74c	2023-03-08 00:50:03 +0000	[diff] [blame]	129	nix.settings.trusted-users = [ "minion" ]; # please do not add all wheel, only
				130	# add users when there is a specific need
				131
Skyler Grey	1e2187f	2023-03-03 22:45:10 +0000	[diff] [blame]	132	nix.settings.experimental-features = [ "nix-command" "flakes" ];
				133
Skyler Grey	1e2187f	2023-03-03 22:45:10 +0000	[diff] [blame]	134	# Open ports in the firewall.
Skyler Grey	07c947a	2023-06-08 14:11:23 +0200	[diff] [blame]	135	networking.firewall.allowedTCPPorts = [ 80 443 25 465 587 110 995 143 993 ];
Skyler Grey	1e2187f	2023-03-03 22:45:10 +0000	[diff] [blame]	136	# networking.firewall.allowedUDPPorts = [ ... ];
				137	# Or disable the firewall altogether.
Skyler Grey	e11ffdd	2023-05-01 21:31:57 +0000	[diff] [blame]	138	networking.firewall.enable = true;
Skyler Grey	1e2187f	2023-03-03 22:45:10 +0000	[diff] [blame]	139	networking.hostName = "Clicks";
				140	# Copy the NixOS configuration file and link it from the resulting system
				141	# (/run/current-system/configuration.nix). This is useful in case you
				142	# accidentally delete configuration.nix.
				143	/* system.copySystemConfiguration = true; */
				144
				145	# This value determines the NixOS release from which the default
				146	# settings for stateful data, like file locations and database versions
				147	# on your system were taken. It‘s perfectly fine and recommended to leave
				148	# this value at the release version of the first install of this system.
				149	# Before changing this value read the documentation for this option
				150	# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
				151	system.stateVersion = "22.11"; # Did you read the comment?
				152
				153	}