{ pkgs, lib, inputs, config, ... }: let sshKeys = import ../../crypto/ssh-keys.nix; in { imports = [ # Defaults ./hardware-configuration.nix ../../common/base.nix ../../common/full-install.nix # Localization ../../common/locales/en.nix ../../common/locales/de-keymap.nix # Hardware # ../../common/hardware/tpm2.nix ../../common/hardware/wireless.nix ../../common/hardware/ssd.nix # ../../common/hardware/btrfs.nix # ../../common/components/lanzaboote.nix # Software components # ../../common/components/de/greetd.nix # ../../common/components/de/sway.nix # ../../common/components/de/plasma6.nix # Programs # ../../common/programs/steam.nix # Services # ../../common/services/auditd.nix # ../../common/services/nix-gc.nix # ../../common/services/opensnitch.nix # ../../common/services/adguardhome.nix ../../common/services/syncthing.nix # ../../common/services/usbguard.nix # ../../common/services/autoupgrade.nix # Home-manager # ../../home/tasia/home.nix inputs.agenix.nixosModules.default ../../common/components/wifi-secrets.nix # inputs.thymis.nixosModules.thymis-controller # Personal modules # ../../modules/nixos/tildefriends.nix # ./yubikey.nix # ./rtl-sdr.nix ]; boot.loader.systemd-boot.enable = lib.mkForce false; # Bootloader. boot.loader.grub.enable = true; boot.loader.grub.device = "/dev/sda"; boot.loader.grub.useOSProber = true; # Setup keyfile boot.initrd.secrets = { "/crypto_keyfile.bin" = null; }; services.logind.extraConfig = '' # don’t shutdown when power button is short-pressed HandleLidSwitch=ignore HandleLidSwitchExternalPower=ignore HandleLidSwitchDocked=ignore ''; boot.loader.grub.enableCryptodisk = true; services.tailscale.enable = true; services.syncthing.guiAddress = "0.0.0.0:8384"; boot.initrd.luks.devices."luks-7aa6742e-020d-49aa-a458-78ea5c3b85f8".keyFile = "/crypto_keyfile.bin"; networking.hostName = "jo"; # Define your hostname. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. # Configure network proxy if necessary # networking.proxy.default = "http://user:password@proxy:port/"; # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; # Enable networking networking.networkmanager.enable = true; users.users.tasia.openssh.authorizedKeys.keys = [ sshKeys.tasia.cave ]; # Set your time zone. time.timeZone = "Europe/Paris"; # Configure keymap in X11 # services.xserver = { # layout = "de"; # xkbVariant = ""; # }; services.syncthing = { user = "tasia"; dataDir = lib.mkForce "/home/tasia/Sync/data"; configDir = lib.mkForce "/home/tasia/Sync/configuration"; }; # Configure console keymap console.keyMap = "de"; # Define a user account. Don't forget to set a password with ‘passwd’. users.users.tasia = { isNormalUser = true; description = "Tasia"; extraGroups = ["networkmanager" "wheel"]; packages = with pkgs; []; }; # List packages installed in system profile. To search, run: # $ nix search wget environment.systemPackages = with pkgs; [ # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. # wget ]; # Some programs need SUID wrappers, can be configured further or are # started in user sessions. # programs.mtr.enable = true; # programs.gnupg.agent = { # enable = true; # enableSSHSupport = true; # }; # List services that you want to enable: # Enable the OpenSSH daemon. # services.openssh.enable = true; # Open ports in the firewall. # networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ]; # Or disable the firewall altogether. # networking.firewall.enable = false; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "23.11"; # Did you read the comment? }