Gitiles
Code Review Sign In
git.clicks.codes / Infra / NixFiles / a509d3dc11659df19137b227066afadf65aa4e3c / . / default / configuration.nix
blob: 0a9127656007aa025a269c5436135f995eb9c002 [file] [log] [blame]
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]1# Edit this configuration file to define what should be installed on
2# your system. Help is available in the configuration.nix(5) man page
3# and in the NixOS manual (accessible by running ‘nixos-help’).
4
5{ config, pkgs, lib, ... }:
6
7{
8 # Use the GRUB 2 boot loader.
9 boot.loader.systemd-boot.enable = true;
10 # boot.loader.grub.efiSupport = true;
11 # boot.loader.grub.efiInstallAsRemovable = true;
12 # boot.loader.efi.efiSysMountPoint = "/boot/efi";
13 # Define on which hard drive you want to install Grub.
14 # boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only
15
16 # networking.hostName = "nixos"; # Define your hostname.
17 # Pick only one of the below networking options.
18 # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
19 # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
20
21 # Set your time zone.
22 time.timeZone = "America/New_York";
23
24 # Configure network proxy if necessary
25 # networking.proxy.default = "http://user:password@proxy:port/";
26 # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
27
28 # Select internationalisation properties.
29 # i18n.defaultLocale = "en_US.UTF-8";
30 # console = {
31 # font = "Lat2-Terminus16";
32 # keyMap = "us";
33 # useXkbConfig = true; # use xkbOptions in tty.
34 # };
35
36 # Enable the X11 windowing system.
37 # services.xserver.enable = true;
38
39
40
41
42 # Configure keymap in X11
43 # services.xserver.layout = "us";
44 # services.xserver.xkbOptions = {
45 # "eurosign:e";
46 # "caps:escape" # map caps to escape.
47 # };
48
49 # Enable CUPS to print documents.
50 # services.printing.enable = true;
51
52 # Enable sound.
53 # sound.enable = true;
54 # hardware.pulseaudio.enable = true;
55
56 # Enable touchpad support (enabled default in most desktopManager).
57 # services.xserver.libinput.enable = true;
58
59 # Define a user account. Don't forget to set a password with ‘passwd’.
60 # users.users.alice = {
61 # isNormalUser = true;
62 # extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
63 # packages = with pkgs; [
64 # firefox
65 # thunderbird
66 # ];
67 # };
68 users.users.minion = {
69 isNormalUser = true;
70 extraGroups = [ "wheel" ];
71
72 openssh.authorizedKeys.keys = [
Skyler Grey624e5112023-08-20 21:51:01 +0000[diff] [blame]73 "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIIteIdlZv52nUDxW2SUsoJ2NZi/w9j1NZwuHanQ/o/DuAAAAHnNzaDpjb2xsYWJvcmFfeXViaWtleV9yZXNpZGVudA== collabora_yubikey_resident"
74 "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIJRzQbQjXFpHKtt8lpNKmoNx57+EJ/z3wnKOn3/LjM6cAAAAFXNzaDppeXViaWtleV9yZXNpZGVudA== iyubikey_resident"
75 "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIOhzJ0p9bFRSURUjV05rrt5jCbxPXke7juNbEC9ZJXS/AAAAGXNzaDp0aW55X3l1YmlrZXlfcmVzaWRlbnQ= tiny_yubikey_resident"
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]76 ];
77 };
78 users.users.coded = {
79 isNormalUser = true;
80 extraGroups = [ "wheel" ];
81 shell = pkgs.zsh;
82
83 openssh.authorizedKeys.keys = [
84 "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCZGErwcw5YUlJS9tAfIYOSqkiuDRZZRTJjMlrDaAiNwTjqUML/Lrcau/1KA6a0+sXCM8DhQ1e0qhh2Qxmh/kxZWO6XMVK2EB7ELPNojqFI16T8Bbhq2t7yVAqbPUhXLQ4xKGvWMCPWOCo/dY72P9yu7kkMV0kTW3nq25+8nvqIvvuQOlOUx1uyR7qEfO706O86wjVTIuwfZKyzMDIC909vyg0xS+SfFlD7MkBuGzevQnOAV3U6tyafg6XW4PaJuDLyGXwpKz6asY08F7gRL/7/GhlMB09nfFfT4sZggmqPdGAtxwsFuwHPjNSlktHz5nlHtpS0LjefR9mWiGIhw5Hw1z33lxP0rfmiEU9J7kFcXv9B8QAWFwWfNEZfeqB7h7DJruo+QRStGeDz4SwRG3GR+DB4iNJLt7n0ALkVFJpOpskeo8TV4+Fwok+hYs2GsvdEmh9Cj7dC/9CyRhJeam9iLIi/iVGZhXEE3tIiqEktZPjiK7JwQyr97zhGJ7Rj4oE= samue@SamuelDesktop"
Skyler Greyc3f94d62023-10-09 06:57:09 +0000[diff] [blame]85 "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIH+TJRuMpDPgh6Wp2h+E+O/WoyEAVyWo6SN8oxm2JZNVAAAABHNzaDo= samue@SamuelDesktop"
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]86 ];
87 };
Skyler Grey62ade0b2023-03-04 11:58:20 +0000[diff] [blame]88 users.users.pinea = {
89 isNormalUser = true;
90 extraGroups = [ "wheel" ];
91 shell = pkgs.zsh;
92
93 openssh.authorizedKeys.keys = [
Skyler Grey335bd902023-03-05 12:34:12 +0000[diff] [blame]94 "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIFXa8ow7H8XpTrwYI+oSgLFfb6YNZanwv/QCKvEKiERSAAAABHNzaDo= pineapplefan@Pineapplefan"
Skyler Grey1d6ed722023-03-08 00:14:12 +0000[diff] [blame]95 "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAJNFMUYiEepGrIAbUM+Hlw/OuGWc8CNQsYlJ7519RVmeu+/vqEQbhchySTelibD19YqsZ7ICfYxAeQzOqHdXfs="
Skyler Grey62ade0b2023-03-04 11:58:20 +0000[diff] [blame]96 ];
97 };
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]98 users.users.nucleus = {
99 isSystemUser = true;
100 createHome = true;
Skyler Grey4f3e6062023-03-04 01:29:29 +0000[diff] [blame]101 home = "/services/nucleus";
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]102 group = "clicks";
103 shell = pkgs.bashInteractive;
104 };
Skyler Grey4f3e6062023-03-04 01:29:29 +0000[diff] [blame]105 users.users.websites = {
106 isSystemUser = true;
107 createHome = true;
108 home = "/services/websites";
109 group = "clicks";
110 shell = pkgs.bashInteractive;
111 };
112 users.groups.clicks = { };
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]113
114 programs.zsh.enable = true;
115 # List packages installed in system profile. To search, run:
116 # $ nix search wget
117 environment.systemPackages = with pkgs; [
118 vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
119 wget
120 ];
121
122 # Some programs need SUID wrappers, can be configured further or are
123 # started in user sessions.
124 # programs.mtr.enable = true;
125 # programs.gnupg.agent = {
126 # enable = true;
127 # enableSSHSupport = true;
128 # };
129
Skyler Greyb84a74c2023-03-08 00:50:03 +0000[diff] [blame]130 nix.settings.trusted-users = [ "minion" ]; # please do not add all wheel, only
131 # add users when there is a specific need
132
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]133 nix.settings.experimental-features = [ "nix-command" "flakes" ];
134
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]135 # Open ports in the firewall.
Skyler Grey08758a62023-10-09 07:35:09 +0000[diff] [blame]136 networking.firewall.allowedTCPPorts = [ 80 443 25 465 587 110 995 143 993 29418 ];
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]137 # networking.firewall.allowedUDPPorts = [ ... ];
138 # Or disable the firewall altogether.
Skyler Greye11ffdd2023-05-01 21:31:57 +0000[diff] [blame]139 networking.firewall.enable = true;
Skyler Grey1e2187f2023-03-03 22:45:10 +0000[diff] [blame]140 networking.hostName = "Clicks";
141 # Copy the NixOS configuration file and link it from the resulting system
142 # (/run/current-system/configuration.nix). This is useful in case you
143 # accidentally delete configuration.nix.
144 /* system.copySystemConfiguration = true; */
145
146 # This value determines the NixOS release from which the default
147 # settings for stateful data, like file locations and database versions
148 # on your system were taken. It‘s perfectly fine and recommended to leave
149 # this value at the release version of the first install of this system.
150 # Before changing this value read the documentation for this option
151 # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
152 system.stateVersion = "22.11"; # Did you read the comment?
153
154}