2024-06-06 18:53:22 +01:00
|
|
|
{ pkgs, lib, inputs, config, outputs, ... }:
|
2024-05-25 18:34:37 +01:00
|
|
|
let
|
|
|
|
sopsHashedPasswordFile = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."passwords/root".path;
|
|
|
|
in
|
2024-05-21 19:11:23 +01:00
|
|
|
{
|
2024-05-12 19:58:55 +01:00
|
|
|
imports = [
|
2024-06-28 18:16:15 +01:00
|
|
|
inputs.impermanence.nixosModules.impermanence
|
2024-05-12 19:58:55 +01:00
|
|
|
./sops.nix
|
2024-05-17 10:54:53 +01:00
|
|
|
./locale.nix
|
2024-05-12 19:58:55 +01:00
|
|
|
];
|
2024-05-14 18:26:45 +01:00
|
|
|
|
2024-05-25 18:34:37 +01:00
|
|
|
nixpkgs = {
|
2024-06-06 18:53:22 +01:00
|
|
|
overlays = [
|
|
|
|
outputs.overlays.additions
|
|
|
|
outputs.overlays.modifications
|
|
|
|
outputs.overlays.unstable-packages
|
2025-01-08 18:41:24 +00:00
|
|
|
inputs.nur.overlays.default
|
2024-06-06 18:53:22 +01:00
|
|
|
];
|
|
|
|
config = {
|
|
|
|
allowUnfree = true;
|
2024-05-25 18:34:37 +01:00
|
|
|
};
|
2024-06-06 18:53:22 +01:00
|
|
|
};
|
2024-05-25 18:34:37 +01:00
|
|
|
|
|
|
|
programs.gnupg.agent = {
|
|
|
|
enable = true;
|
|
|
|
enableSSHSupport = true;
|
|
|
|
};
|
|
|
|
|
|
|
|
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
|
|
|
|
|
|
|
users = {
|
|
|
|
mutableUsers = true;
|
|
|
|
extraUsers = {
|
|
|
|
root = {
|
2025-01-19 19:18:31 +00:00
|
|
|
password = "1234";
|
|
|
|
# hashedPasswordFile = sopsHashedPasswordFile;
|
2024-05-25 18:34:37 +01:00
|
|
|
};
|
2024-06-06 18:53:22 +01:00
|
|
|
};
|
2024-05-25 18:34:37 +01:00
|
|
|
};
|
|
|
|
|
2024-10-07 14:19:27 +01:00
|
|
|
nix.gc = {
|
|
|
|
automatic = true;
|
|
|
|
dates = "weekly";
|
|
|
|
options = "--delete-older-than 30d";
|
|
|
|
};
|
|
|
|
|
2024-05-15 20:44:17 +01:00
|
|
|
environment.systemPackages = [
|
2024-06-06 18:53:22 +01:00
|
|
|
pkgs.rsync
|
|
|
|
pkgs.curl
|
|
|
|
pkgs.just
|
|
|
|
pkgs.vim
|
|
|
|
];
|
2024-05-15 20:44:17 +01:00
|
|
|
|
2025-01-16 13:51:46 +00:00
|
|
|
programs.git = {
|
|
|
|
enable = true;
|
|
|
|
package = pkgs.git;
|
|
|
|
config = {
|
|
|
|
# need to set /etc/nixos as safe directory to enable root to interact with non-root nix config repo
|
|
|
|
safe = {directory = ["/etc/nixos"]; };
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
2024-06-25 18:19:47 +01:00
|
|
|
system.stateVersion = "24.05";
|
2024-05-12 19:58:55 +01:00
|
|
|
}
|