101 lines
3.1 KiB
Nix
101 lines
3.1 KiB
Nix
{
|
|
sources,
|
|
self,
|
|
config,
|
|
pkgs,
|
|
...
|
|
}:
|
|
{
|
|
networking = {
|
|
hostName = "generic";
|
|
domain = "oceanbox.io";
|
|
search = [ "oceanbox.io" ];
|
|
firewall.allowedTCPPorts = [ ];
|
|
firewall.extraCommands = '''';
|
|
# TODO: Add your interface(s)
|
|
# interfaces.@iface@ = {
|
|
# useDHCP = false;
|
|
# ipv4.addresses = [ {
|
|
# address = "@address@";
|
|
# prefixLength = 24;
|
|
# } ];
|
|
# };
|
|
defaultGateway = "172.16.239.1";
|
|
nameservers = [
|
|
"8.8.8.8"
|
|
"1.1.1.1"
|
|
];
|
|
};
|
|
|
|
boot = {
|
|
loader.systemd-boot.enable = true;
|
|
loader.efi.canTouchEfiVariables = true;
|
|
};
|
|
|
|
services.openssh.enable = true;
|
|
|
|
console = {
|
|
font = "Lat2-Terminus16";
|
|
keyMap = "us";
|
|
};
|
|
i18n = {
|
|
defaultLocale = "en_US.UTF-8";
|
|
extraLocaleSettings = {
|
|
LC_CTYPE = "en_DK.UTF-8";
|
|
LC_TIME = "en_DK.UTF-8";
|
|
LC_PAPER = "en_DK.UTF-8";
|
|
LC_NAME = "en_DK.UTF-8";
|
|
LC_ADDRESS = "en_DK.UTF-8";
|
|
LC_TELEPHONE = "en_DK.UTF-8";
|
|
LC_MEASUREMENT = "en_DK.UTF-8";
|
|
LC_IDENTIFICATION = "en_DK.UTF-8";
|
|
};
|
|
};
|
|
|
|
time.timeZone = "Europe/Oslo";
|
|
|
|
users.users.root = {
|
|
openssh.authorizedKeys.keys = [
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKiAS30ZO+wgfAqDE9Y7VhRunn2QszPHA5voUwo+fGOf jonas-3"
|
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDULdlLC8ZLu9qBZUYsjhpr6kv5RH4yPkekXQdD7prkqapyoptUkO1nOTDwy7ZsKDxmp9Zc6OtdhgoJbowhGW3VIZPmooWO8twcaYDpkxEBLUehY/n8SlAwBtiHJ4mTLLcynJMVrjmTQLF3FeWVof0Aqy6UtZceFpLp1eNkiHTCM3anwtb9+gfr91dX1YsAOqxqv7ooRDu5rCRUvOi4OvRowepyuBcCjeWpTkJHkC9WGxuESvDV3CySWkGC2fF2LHkAu6SFsFE39UA5ZHo0b1TK+AFqRFiBAb7ULmtuno1yxhpBxbozf8+Yyc7yLfMNCyBpL1ci7WnjKkghQv7yM1xN2XMJLpF56v0slSKMoAs7ThoIlmkRm/6o3NCChgu0pkpNg/YP6A3HfYiEDgChvA6rAHX6+to50L9xF3ajqk4BUzWd/sCk7Q5Op2lzj31L53Ryg8vMP8hjDjYcgEcCCsGOcjUVgcsmfC9LupwRIEz3aF14AWg66+3zAxVho8ozjes= jonas.juselius@juselius.io"
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII77Aa2MFZMTha8PdkNg32UR8y6Hwb4R0aR9Ad9qifNq mrtz@wurst"
|
|
];
|
|
hashedPassword = "$y$j9T$fNWL6dq9Q6k/RhoCQQkqA0$zI5217vjE2s6C75NlyHKO7btVXDUi..VKCMRjcH46b6";
|
|
};
|
|
|
|
# HACK: workaround for settings nixosModules without flakes
|
|
_module.args = { inherit sources; };
|
|
|
|
# remove nix-channel related tools & configs, we use system-wide npins instead.
|
|
# from https://piegames.de/dumps/pinning-nixos-with-npins-revisited
|
|
nix.channel.enable = false;
|
|
nix.nixPath = [
|
|
"nixpkgs=/etc/nixos/nixpkgs"
|
|
];
|
|
nixpkgs.config.allowUnfreee = true;
|
|
environment.etc = {
|
|
"nixos/nixpkgs".source = builtins.storePath pkgs.path;
|
|
};
|
|
|
|
# Enable system diffs.
|
|
system.activationScripts.system-diff = {
|
|
supportsDryActivation = true; # safe: only outputs to stdout
|
|
text = ''
|
|
if [ -e /run/current-system ]; then
|
|
PATH=$PATH:${pkgs.nix}/bin ${pkgs.nvd}/bin/nvd diff /run/current-system $systemConfig
|
|
fi
|
|
'';
|
|
};
|
|
|
|
imports = [
|
|
# NOTE: to use with disko
|
|
# examples: https://github.com/nix-community/disko/tree/master/example
|
|
"${sources.disko}/module.nix"
|
|
./disk-config.nix
|
|
./hardware-configuration.nix
|
|
#./kernel.nix
|
|
#"${builtins.fetchGit { url = "https://github.com/NixOS/nixos-hardware.git"; }}/lenovo/thinkpad/x1/7th-gen"
|
|
];
|
|
|
|
}
|