auri.ee / nix-config
my terrible dotfiles
fork atom
nix-config / forest / default.nix
at main 2.6 kB view raw
1{ 2 config, 3 lib, 4 pkgs, 5 ... 6}: 7 8{ 9 imports = 10 lib.fileset.toList (lib.fileset.fileFilter (file: file.hasExt "nix") ../nixos/core) 11 ++ lib.fileset.toList (lib.fileset.fileFilter (file: file.hasExt "nix") ../nixos/server) 12 ++ [ 13 ./hardware.nix 14 ./disk-config.nix 15 ]; 16 17 sops = { 18 defaultSopsFile = ../secrets/forest.yaml; 19 age.keyFile = "/var/lib/sops-nix/forest.txt"; 20 secrets = { 21 "passwords/root".neededForUsers = true; 22 "passwords/monke".neededForUsers = true; 23 }; 24 }; 25 26 boot.loader.systemd-boot.enable = true; 27 boot.loader.efi.canTouchEfiVariables = true; 28 boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; 29 boot.kexec.enable = true; 30 31 networking.hostName = "forest"; 32 networking.hostId = "bca37001"; 33 networking.networkmanager.enable = true; 34 35 time.timeZone = "Australia/Melbourne"; 36 37 console = { 38 font = "Lat2-Terminus16"; 39 keyMap = lib.mkDefault "us"; 40 useXkbConfig = true; 41 }; 42 43 services.xserver.xkb = { 44 layout = "us"; 45 variant = "colemak_dh_ortho"; 46 }; 47 48 programs.zsh.enable = true; 49 users.defaultUserShell = pkgs.zsh; 50 users.users = { 51 root.hashedPasswordFile = config.sops.secrets."passwords/root".path; 52 monke = { 53 isNormalUser = true; 54 extraGroups = [ 55 "audio" 56 "disk" 57 "docker" 58 "input" 59 "lp" 60 "plugdev" 61 "render" 62 "video" 63 "wheel" 64 ]; 65 hashedPasswordFile = config.sops.secrets."passwords/monke".path; 66 openssh.authorizedKeys.keys = [ 67 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICSgzkYEkUDfUWwS2fvPy7gVgjh0zRz4HphkjlUbUkF/ monke@bathtub" 68 "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDUk5RJWdyqqtA7Nh3aO0PYxtywJxRLLNvWO3FEg6WGc8PdxsHczlug5XBKYXonP9VzFcu427udb4DIEzhqsj7zUVRmeEmDAAyIFA8q36ZdMAmIhDp1oLpJVIgm1w/wiBtd8SPFBjZ1aYFCWLDz4kYroC/mhfwKRaXbJcG7b0B55ZHeJ4P/YpAZURX6+q9aNm61K5m0bnvtLoGx5OsQrsqMpmhlwahUdlQe5jbnq4DvwNh3W/u0+N/BABf1wdGW2l5yEBueWbr96DqxV9rFy60kt53l5Ce4RAhNp5bW5y830A7YoHWfq1cQam45LwCAVeDUsnKlYsXQkW6oVMomUJuxh0TmEOUBuA3jR7DM4rKMVPlCKOl54bwstawZR63lRkwNt9MARlbFDID+sUzJgmRLyayEDPqliymHu6mkBTUT9fAmmU6I3ohvVzR8tqy+45zSoQTtZBLZ+DQ//1sqoNgDOKl/DoCx4dFaGvfORpXbqKxmA43eF842hfC6icFeLHx8fGbzfUKAPvPn3aslJtD00j5FrX/LILBFcscY2bu11Hae3qk0W4F9dz5NfIeVh9VMikAr9kfvHzBf/7ayiwE4XxiZkdkxk6sYOzMm1Aw+hzYqpfzz32qRkOptWDgQ2gN20hyKU2IZ3rllYN9xCGWHmGUBBk53EH49e22ThnwGyw== monke@tundra" 69 "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJjEyGfx4H3lyIhSs2Cc4GhfEQkl/oR4oUPAtpbMjohA" 70 ]; 71 }; 72 }; 73 74 environment.systemPackages = with pkgs; [ 75 neovim 76 curl 77 git 78 storcli 79 smartmontools 80 ffmpeg 81 ]; 82 83 system.stateVersion = "25.11"; 84}