91 lines
1.7 KiB
Nix
91 lines
1.7 KiB
Nix
{
|
|
pkgs,
|
|
username,
|
|
hostname,
|
|
...
|
|
}:
|
|
{
|
|
imports = [
|
|
./disk-config.nix
|
|
./hardware-configuration.nix
|
|
../../modules/core/grub.nix
|
|
../../modules/optionnal/sops-desktop.nix
|
|
];
|
|
|
|
boot.kernelPackages = pkgs.linuxPackages_latest;
|
|
|
|
time.timeZone = "Europe/Paris";
|
|
|
|
nix = {
|
|
settings = {
|
|
## Enable flakes
|
|
experimental-features = [
|
|
"nix-command"
|
|
"flakes"
|
|
];
|
|
## Users trusted to use flake command
|
|
trusted-users = [
|
|
"root"
|
|
"${username}"
|
|
];
|
|
};
|
|
};
|
|
|
|
users.users = {
|
|
${username} = {
|
|
isNormalUser = true;
|
|
createHome = true;
|
|
password = "toto";
|
|
description = "Admin account";
|
|
extraGroups = [
|
|
"wheel"
|
|
];
|
|
openssh.authorizedKeys.keys = [
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAKMJ3TkEmRQcX7RQijNa2km6a2xXJk6M6FERh7C9nTJ"
|
|
];
|
|
};
|
|
root = {
|
|
password = null;
|
|
};
|
|
};
|
|
|
|
system.activationScripts.setup-ssh-keys = {
|
|
text = ''
|
|
mkdir -p /home/${username}/.ssh
|
|
chown ${username}:users /home/${username}/.ssh
|
|
chmod 700 /home/${username}/.ssh
|
|
'';
|
|
};
|
|
|
|
security.sudo = {
|
|
enable = true;
|
|
extraRules = [
|
|
{
|
|
users = [ "${username}" ];
|
|
host = "ALL";
|
|
runAs = "ALL:ALL";
|
|
commands = [
|
|
{
|
|
command = "ALL";
|
|
options = [ "NOPASSWD" ];
|
|
}
|
|
];
|
|
}
|
|
];
|
|
#extraConfig = "#includedir /etc/sudoers.d";
|
|
};
|
|
environment.systemPackages = [
|
|
pkgs.neovim
|
|
pkgs.git
|
|
pkgs.curl
|
|
pkgs.nixos-anywhere
|
|
pkgs.nixos-generators
|
|
pkgs.ssh-to-age
|
|
];
|
|
|
|
services.openssh.enable = true;
|
|
|
|
networking.hostName = "${hostname}";
|
|
system.stateVersion = "25.11";
|
|
}
|