62 lines
1.1 KiB
Nix
62 lines
1.1 KiB
Nix
{ pkgs, ... }:
|
|
|
|
{
|
|
imports = [
|
|
./users.nix
|
|
./motd.nix
|
|
];
|
|
|
|
nix = {
|
|
package = pkgs.lix;
|
|
settings.experimental-features = [ "nix-command" "flakes" ];
|
|
};
|
|
|
|
nix.gc = {
|
|
automatic = true;
|
|
options = "--delete-older-than 14d";
|
|
randomizedDelaySec = "30min";
|
|
};
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
vim
|
|
wget
|
|
curl
|
|
htop
|
|
tmux
|
|
openssl
|
|
git
|
|
podman-tui
|
|
];
|
|
|
|
programs.mtr.enable = true;
|
|
programs.zsh.enable = true;
|
|
security.sudo = {
|
|
enable = true;
|
|
wheelNeedsPassword = false;
|
|
execWheelOnly = true;
|
|
};
|
|
|
|
networking.firewall.enable = false;
|
|
services.openssh = {
|
|
enable = true;
|
|
settings = {
|
|
PasswordAuthentication = false;
|
|
KbdInteractiveAuthentication = false;
|
|
};
|
|
extraConfig = ''
|
|
AllowTcpForwarding yes
|
|
AllowAgentForwarding yes
|
|
AllowStreamLocalForwarding yes
|
|
AuthenticationMethods publickey
|
|
'';
|
|
};
|
|
|
|
virtualisation.containers.enable = true;
|
|
virtualisation = {
|
|
podman = {
|
|
enable = true;
|
|
dockerCompat = true;
|
|
defaultNetwork.settings.dns_enabled = true;
|
|
};
|
|
};
|
|
}
|