167 lines
2.8 KiB
Nix
167 lines
2.8 KiB
Nix
{ config, lib, pkgs, inputs, ... }: {
|
|
|
|
environment = {
|
|
variables = {
|
|
EDITOR = "hx";
|
|
VISUAL = "hx";
|
|
PAGER = "less";
|
|
MANPAGER = "less";
|
|
};
|
|
|
|
systemPackages = with pkgs; [
|
|
age
|
|
bat
|
|
bind
|
|
bottom
|
|
curl
|
|
dog
|
|
dua
|
|
exa
|
|
fd
|
|
file
|
|
fwupd
|
|
git
|
|
git-lfs
|
|
gnumake
|
|
hexyl
|
|
htop
|
|
iputils
|
|
killall
|
|
kitty # TODO: I really just need the terminfo on servers, though, right?
|
|
less
|
|
mosh
|
|
nmap
|
|
openssl
|
|
pciutils
|
|
rclone
|
|
restic
|
|
ripgrep
|
|
rsync
|
|
sd
|
|
sops
|
|
tmux
|
|
traceroute
|
|
unzip
|
|
watchexec
|
|
wget
|
|
xh
|
|
zellij
|
|
zstd
|
|
] ++ [
|
|
inputs.helix.packages."x86_64-linux".helix
|
|
inputs.rtx.packages."x86_64-linux".rtx
|
|
];
|
|
};
|
|
|
|
users.users = {
|
|
daniel = {
|
|
isNormalUser = true;
|
|
home = "/home/daniel/.home";
|
|
openssh.authorizedKeys.keys = [
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAPLXOjupz3ScYjgrF+ehrbp9OvGAWQLI6fplX6w9Ijb daniel@lyte.dev"
|
|
];
|
|
extraGroups = [ "wheel" "video" ];
|
|
packages = [ ];
|
|
};
|
|
|
|
root = {
|
|
openssh.authorizedKeys.keys = config.users.users.daniel.openssh.authorizedKeys.keys;
|
|
};
|
|
};
|
|
|
|
i18n = {
|
|
defaultLocale = "en_US.UTF-8";
|
|
};
|
|
|
|
services = {
|
|
xserver = {
|
|
layout = "us";
|
|
xkbOptions = "ctrl:nocaps";
|
|
};
|
|
|
|
openssh = {
|
|
enable = true;
|
|
|
|
settings = {
|
|
PasswordAuthentication = false;
|
|
};
|
|
|
|
# tailscale handles this I think
|
|
openFirewall = lib.mkDefault false;
|
|
|
|
# listenAddresses = [
|
|
# { addr = "0.0.0.0"; port = 22; }
|
|
# ];
|
|
};
|
|
|
|
tailscale = {
|
|
enable = true;
|
|
useRoutingFeatures = lib.mkDefault "client";
|
|
};
|
|
};
|
|
|
|
console = {
|
|
font = "Lat2-Terminus16";
|
|
useXkbConfig = true;
|
|
earlySetup = true;
|
|
|
|
# colors = [
|
|
# "111111"
|
|
# "f92672"
|
|
# "a6e22e"
|
|
# "f4bf75"
|
|
# "66d9ef"
|
|
# "ae81ff"
|
|
# "a1efe4"
|
|
# "f8f8f2"
|
|
# "75715e"
|
|
# "f92672"
|
|
# "a6e22e"
|
|
# "f4bf75"
|
|
# "66d9ef"
|
|
# "ae81ff"
|
|
# "a1efe4"
|
|
# "f9f8f5"
|
|
# ];
|
|
};
|
|
|
|
networking = {
|
|
useDHCP = lib.mkDefault true;
|
|
|
|
firewall = {
|
|
enable = lib.mkDefault true;
|
|
allowPing = lib.mkDefault true;
|
|
allowedTCPPorts = lib.mkDefault [ ];
|
|
allowedUDPPorts = lib.mkDefault [ ];
|
|
};
|
|
};
|
|
|
|
nix = {
|
|
settings = {
|
|
experimental-features = lib.mkDefault [ "nix-command" "flakes" ];
|
|
};
|
|
};
|
|
|
|
nixpkgs = {
|
|
config = {
|
|
allowUnfree = true;
|
|
};
|
|
hostPlatform = lib.mkDefault "x86_64-linux";
|
|
};
|
|
|
|
programs =
|
|
{
|
|
fish = {
|
|
enable = true;
|
|
};
|
|
};
|
|
|
|
time = {
|
|
timeZone = "America/Chicago";
|
|
};
|
|
|
|
users = {
|
|
defaultUserShell = pkgs.fish;
|
|
};
|
|
}
|