65 lines
1.3 KiB
Nix
65 lines
1.3 KiB
Nix
{ pkgs, lib, inputs, config, outputs, ... }:
|
|
let
|
|
sopsHashedPasswordFile = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."passwords/root".path;
|
|
in
|
|
{
|
|
imports = [
|
|
inputs.impermanence.nixosModules.impermanence
|
|
./sops.nix
|
|
./locale.nix
|
|
];
|
|
|
|
nixpkgs = {
|
|
overlays = [
|
|
outputs.overlays.additions
|
|
outputs.overlays.modifications
|
|
outputs.overlays.unstable-packages
|
|
inputs.nur.overlays.default
|
|
];
|
|
config = {
|
|
allowUnfree = true;
|
|
};
|
|
};
|
|
|
|
programs.gnupg.agent = {
|
|
enable = true;
|
|
enableSSHSupport = true;
|
|
};
|
|
|
|
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
|
|
|
users = {
|
|
mutableUsers = true;
|
|
extraUsers = {
|
|
root = {
|
|
password = "1234";
|
|
# hashedPasswordFile = sopsHashedPasswordFile;
|
|
};
|
|
};
|
|
};
|
|
|
|
nix.gc = {
|
|
automatic = true;
|
|
dates = "weekly";
|
|
options = "--delete-older-than 30d";
|
|
};
|
|
|
|
environment.systemPackages = [
|
|
pkgs.rsync
|
|
pkgs.curl
|
|
pkgs.just
|
|
pkgs.vim
|
|
];
|
|
|
|
programs.git = {
|
|
enable = true;
|
|
package = pkgs.git;
|
|
config = {
|
|
# need to set /etc/nixos as safe directory to enable root to interact with non-root nix config repo
|
|
safe = {directory = ["/etc/nixos"]; };
|
|
};
|
|
};
|
|
|
|
system.stateVersion = "24.05";
|
|
}
|