72 lines
1.4 KiB
Nix
72 lines
1.4 KiB
Nix
{ pkgs, ... }:
|
|
|
|
{
|
|
imports = [
|
|
./users.nix
|
|
./motd.nix
|
|
./firewall.nix
|
|
];
|
|
|
|
nix = {
|
|
package = pkgs.lix;
|
|
settings.experimental-features = [ "nix-command" "flakes" ];
|
|
};
|
|
|
|
nix.gc = {
|
|
automatic = true;
|
|
options = "--delete-older-than 14d";
|
|
randomizedDelaySec = "30min";
|
|
};
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
vim
|
|
wget
|
|
curl
|
|
htop
|
|
tmux
|
|
openssl
|
|
git
|
|
podman-tui
|
|
];
|
|
|
|
programs.mtr.enable = true;
|
|
programs.zsh.enable = true;
|
|
security.sudo = {
|
|
enable = true;
|
|
wheelNeedsPassword = false;
|
|
execWheelOnly = true;
|
|
};
|
|
|
|
services.openssh = {
|
|
enable = true;
|
|
settings = {
|
|
PasswordAuthentication = false;
|
|
KbdInteractiveAuthentication = false;
|
|
};
|
|
extraConfig = ''
|
|
AllowTcpForwarding yes
|
|
AllowAgentForwarding yes
|
|
AllowStreamLocalForwarding yes
|
|
AuthenticationMethods publickey
|
|
'';
|
|
};
|
|
|
|
virtualisation.containers.enable = true;
|
|
virtualisation = {
|
|
podman = {
|
|
enable = true;
|
|
dockerCompat = true;
|
|
defaultNetwork.settings.dns_enabled = true;
|
|
};
|
|
};
|
|
environment.etc = {
|
|
"nixos/THIS-SERVER-IS-BUILT-EXTERNALLY-READ-ME" = {
|
|
text = ''
|
|
Nothing in this directory is the current config.
|
|
Please see https://git.private.coffee/wolfgirls/nixos
|
|
Or /run/current-system/
|
|
'';
|
|
mode = "0644";
|
|
};
|
|
};
|
|
}
|