{ config, lib, pkgs, inputs, ... }: { environment = { variables = { EDITOR = "hx"; VISUAL = "hx"; PAGER = "less"; MANPAGER = "less"; }; systemPackages = with pkgs; [ age bat bind bottom curl dog dua exa fd file gnumake gron hexyl htop iputils jq killall kitty # TODO: I really just need the terminfo on servers, though, right? less mosh nmap openssl pciutils rclone restic ripgrep rsync sd sops smartmontools unzip watchexec wget xh zellij zstd ] ++ [ inputs.helix.packages."x86_64-linux".helix inputs.rtx.packages."x86_64-linux".rtx ]; }; users.users = { daniel = { isNormalUser = true; home = "/home/daniel/.home"; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAPLXOjupz3ScYjgrF+ehrbp9OvGAWQLI6fplX6w9Ijb daniel@lyte.dev" ]; extraGroups = [ "wheel" "video" ]; packages = [ ]; }; root = { openssh.authorizedKeys.keys = config.users.users.daniel.openssh.authorizedKeys.keys; }; }; i18n = { defaultLocale = "en_US.UTF-8"; }; services = { xserver = { layout = "us"; xkbOptions = "ctrl:nocaps"; }; openssh = { enable = true; settings = { PasswordAuthentication = false; }; # tailscale handles this I think openFirewall = lib.mkDefault false; # listenAddresses = [ # { addr = "0.0.0.0"; port = 22; } # ]; }; tailscale = { enable = true; useRoutingFeatures = lib.mkDefault "client"; }; fwupd.enable = true; smartd.enable = true; }; console = { font = "Lat2-Terminus16"; useXkbConfig = true; earlySetup = true; # colors = [ # "111111" # "f92672" # "a6e22e" # "f4bf75" # "66d9ef" # "ae81ff" # "a1efe4" # "f8f8f2" # "75715e" # "f92672" # "a6e22e" # "f4bf75" # "66d9ef" # "ae81ff" # "a1efe4" # "f9f8f5" # ]; }; networking = { useDHCP = lib.mkDefault true; firewall = { enable = lib.mkDefault true; allowPing = lib.mkDefault true; allowedTCPPorts = lib.mkDefault [ ]; allowedUDPPorts = lib.mkDefault [ ]; }; }; nix = { settings = { experimental-features = lib.mkDefault [ "nix-command" "flakes" ]; }; }; nixpkgs = { config = { allowUnfree = true; }; hostPlatform = lib.mkDefault "x86_64-linux"; }; programs = { fish = { enable = true; }; tmux = { enable = true; clock24 = true; }; traceroute.enable = true; git = { enable = true; lfs = { enable = true; }; }; }; time = { timeZone = "America/Chicago"; }; users = { defaultUserShell = pkgs.fish; }; }