first commit

2025-07-23 04:27:38 +02:00
commit caba04d493
18 changed files with 829 additions and 0 deletions
--- a/hosts/generic/default.nix
+++ b/hosts/generic/default.nix
@@ -0,0 +1,88 @@
+{
+  pkgs,
+  username,
+  hostname,
+  ...
+}:
+{
+  imports = [
+    ./disk-config.nix
+    ./hardware-configuration.nix
+    ../../modules/core/grub.nix
+    ../../modules/optionnal/sops-desktop.nix
+  ];
+
+  boot.kernelPackages = pkgs.linuxPackages_latest;
+
+  time.timeZone = "Europe/Paris";
+
+  nix = {
+    settings = {
+      ## Enable flakes
+      experimental-features = [
+        "nix-command"
+        "flakes"
+      ];
+      ## Users trusted to use flake command
+      trusted-users = [
+        "root"
+        "${username}"
+      ];
+    };
+  };
+
+  users.users = {
+    ${username} = {
+      isNormalUser = true;
+      createHome = true;
+      description = "Admin account";
+      extraGroups = [
+        "wheel"
+      ];
+      openssh.authorizedKeys.keys = [
+        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAKMJ3TkEmRQcX7RQijNa2km6a2xXJk6M6FERh7C9nTJ"
+      ];
+    };
+    root = {
+      password = null;
+    };
+  };
+
+  system.activationScripts.setup-ssh-keys = {
+    text = ''
+      mkdir -p /home/${username}/.ssh
+      chown ${username}:users /home/${username}/.ssh
+      chmod 700 /home/${username}/.ssh
+    '';
+  };
+
+  security.sudo = {
+    enable = true;
+    extraRules = [
+      {
+        users = [ "${username}" ];
+        host = "ALL";
+        runAs = "ALL:ALL";
+        commands = [
+          {
+            command = "ALL";
+            options = [ "NOPASSWD" ];
+          }
+        ];
+      }
+    ];
+    #extraConfig = "#includedir /etc/sudoers.d";
+  };
+  environment.systemPackages = [
+    pkgs.neovim
+    pkgs.git
+    pkgs.curl
+    pkgs.nixos-anywhere
+    pkgs.nixos-generators
+  ];
+
+  services.openssh.enable = true;
+
+  networking.hostName = "${hostname}";
+  system.stateVersion = "25.11";
+}