aether/config.nix

48 lines
1.2 KiB
Nix
Raw Normal View History

2024-07-21 01:44:38 -04:00
{ config, lib, pkgs, rpi5-kernel, ... }:
let modules = builtins.map (mod: modules/${mod}.nix);
in {
imports =
modules [ "acme" "fail2ban" "forgejo" ];
2024-07-21 01:44:38 -04:00
boot.kernelPackages = rpi5-kernel.legacyPackages.aarch64-linux.linuxPackages_rpi5;
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = false;
2024-10-23 17:36:45 -04:00
nix.package = pkgs.nixVersions.latest;
2024-07-21 01:44:38 -04:00
nix.settings.experimental-features = [ "nix-command" "flakes" ];
time.timeZone = "America/New_York";
networking.hostName = "toki-aether";
2024-07-21 01:44:38 -04:00
networking.wireless.iwd.enable = true;
networking.wireless.iwd.settings = {
Settings.AutoConnect = true;
Network.EnableIPv6 = false;
General.EnableNetworkConfiguration = true;
};
services.openssh.enable = true;
services.openssh.settings = {
PasswordAuthentication = false;
PermitRootLogin = "yes";
};
2024-07-22 02:21:31 -04:00
users.mutableUsers = false;
users.users.root = {
2024-09-14 02:21:14 -04:00
hashedPassword = "$y$j9T$LHeAgn5XytQM5DLfGSDT30$9OD3eIua5vEy4/GFBbT1oe1UnlNxDHt9thqsiqcGXy7";
2024-10-15 04:41:10 -04:00
openssh.authorizedKeys.keys = (import secrets/secrets.nix).keys;
2024-07-22 02:21:31 -04:00
};
2024-07-21 01:44:38 -04:00
networking.firewall.allowedTCPPorts = [ 22 80 443 ];
environment.systemPackages = with pkgs; [
openssl
rsync
curl
git
wget
];
system.stateVersion = "24.05";
}