{ config, pkgs, outputs, ... }: let hostName = "muffinman"; static_ip = "192.168.178.2"; gateway = "192.168.178.1"; in { imports = [ ./hardware-configuration.nix outputs.nixosModules.default ]; # Bootloader. boot = { loader.grub = { enable = true; device = "nodev"; efiSupport = true; }; # systemd-boot.enable = true; loader.efi.canTouchEfiVariables = true; # TODO: remove my mail address from here swraid.enable = true; swraid.mdadmConf = '' MAILADDR michael.flossmann@posteo.net ''; kernelParams = builtins.trace "ip=${static_ip}::${gateway}:255.255.255.0:${hostName}:" [ "ip=${static_ip}::${gateway}:255.255.255.0:${hostName}:" ]; initrd = { availableKernelModules = [ "igb" ]; # systemd.users.root.shell = "/bin/conspy"; network = { enable = true; ssh = { enable = true; port = 2222; authorizedKeys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJlwh35h9AfYwTJ94V4UNo08o/Nt0qXrg8axNWsw0JlF prunebutt@remus" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDEzOPuJcV4KSKrsXUtVXqStpdQbFwJH++cbCf8rdFXcx/dXwfAI/tKw3P5oEkRCE+cg6sFtUD4nvU+htfTO4UrZqfKojOP6DxPl+eDRztELjvenPmRo8/WhlVyMhdj2JNy3if5GK2KtbThLqZSrud9qCxRkUFLd4EK75Tukv4Qv3yer1UYcDtbEjNsrdZK5llyb283fHSnm/P145BK4bCFIrbpi8Hzh5eq/usRhPAsNnuGmYnTpV1Kcf90z2gE1IEoFFzzXeKGNTPDrGr9QFPWDfUsyvrsxv4kej8GWNnAgI3VAvvXTYRy+Vz/QF12vU3Sm1s0/nQc+/liprTLl17H5IrnpGc1Ml/kz6fWRgdbtEEcyTrHnQW9mQqHRGWhhe7KMkQ/GB4EMmGSacC/v86ZSQCQ4X811X3zIk9B/+J6xbtUBqdIXZot5qoBQ8xl3o8UbhKGz+ekVeDdlgmLvICvtbc44vihfW/azFxYJ5PK+WiEN6SpRFaTi5sfwC8b1jQtOCCV7IASepD3/iOG80UQ2AYxwDJEYsHTEg0YwWtGfmmegTxJ33nJIjwoRrVpa61OoMQlxnhkNJUnxrPrV+7WZHeWV5YXl86WRhAi+FHybFeg42gsSPqmFk5MhpE/10cLy7F2EHme+LsdYLxu7PanR68wva0m+6wDCTknIjoDFQ== prunebutt@LittleUmbrella" ]; hostKeys = [ "/etc/secrets/initrd/ssh_host_rsa_key" ]; extraConfig = ''ForceCommand cryptsetup-askpass''; }; }; }; }; networking = { hostName = hostName; networkmanager.enable = true; useDHCP = false; interfaces = { eno2 = { ipv4.addresses = [ { address = "${static_ip}"; prefixLength = 24; } ]; }; }; defaultGateway = { address = "${gateway}"; interface = "eno2"; }; nameservers = [ "${gateway}" "9.9.9.9" ]; }; services.xserver.enable = false; console = { font = "ter-powerline-v16b"; packages = [ pkgs.terminus_font pkgs.powerline-fonts ]; }; myNixOS = { services.syncthing = { enable = true; remoteGui = true; }; home-users = { "prunebutt" = { userConfig = ./home.nix; userSettings = { extraGroups = ["networkmanager" "wheel" "libvirtd" "docker"]; }; }; }; }; # Allow unfree packages nixpkgs.config.allowUnfree = true; # List packages installed in system profile. To search, run: # $ nix search wget environment.systemPackages = with pkgs; [ vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. wget git # mdadm # shouldn't be needed with boot.swraid.enable = true ]; # Some programs need SUID wrappers, can be configured further or are # started in user sessions. # programs.mtr.enable = true; # programs.gnupg.agent = { # enable = true; # enableSSHSupport = true; # }; # # auto unlock storage drive # environment.etc.crypttab.text = '' # cryptstorage UUID=74b68945-6edf-4141-93d4-bcccb310f7df /etc/secrets/storage_keyfile.key # ''; # Enable the OpenSSH daemon. services.openssh.enable = true; # Open ports in the firewall. # networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ]; # Or disable the firewall altogether. networking.firewall.enable = false; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "24.05"; # Did you read the comment? }