configuration.nix at main · jollywhoppers.com/infra

jollywhoppers.com / infra
fork atom
NixOS config for jollywhoppers servers
fork atom
infra / configuration.nix
at main 122 lines 2.9 kB view raw
wrap content
of-the-stars Enabled OpenSSH, added fastfetch, and included comments with some TODOs and FIXes 7w ago
046e9706
  1{
  2  config,
  3  pkgs,
  4  inputs,
  5  hostname,
  6  ...
  7}:
  8let
  9  pkgsUnstable = import inputs.nixpkgs-unstable {
 10    inherit (pkgs.stdenv.hostPlatform) system;
 11    inherit (config.nixpkgs) config;
 12  };
 13in
 14{
 15  imports = [
 16  ];
 17
 18  nix.settings.experimental-features = [
 19    "nix-command"
 20    "flakes"
 21  ];
 22
 23  # Bootloader.
 24  boot.loader.systemd-boot.enable = true;
 25  boot.loader.efi.canTouchEfiVariables = true;
 26
 27  # Use latest kernel.
 28  boot.kernelPackages = pkgs.linuxPackages_latest;
 29
 30  # Atomatically old derivations from the nix store that haven't been used
 31  nix.gc = {
 32    automatic = true;
 33    dates = "weekly";
 34    options = "--delete-older-than 14d";
 35  };
 36
 37  nix.settings.auto-optimise-store = true;
 38
 39  # Define your hostname.
 40  networking.hostName = "${hostname}";
 41  # Enable networking
 42  networking.networkmanager.enable = true;
 43
 44  # Set your time zone.
 45  time.timeZone = "America/Los_Angeles";
 46
 47  # Select internationalisation properties.
 48  i18n.defaultLocale = "en_US.UTF-8";
 49
 50  nixpkgs.config = {
 51    # Allow unsupported systems
 52    allowUnsupportedSystem = true;
 53    # Allow unfree software
 54    allowUnfree = true;
 55  };
 56
 57  i18n.extraLocaleSettings = {
 58    LC_ADDRESS = "en_US.UTF-8";
 59    LC_IDENTIFICATION = "en_US.UTF-8";
 60    LC_MEASUREMENT = "en_US.UTF-8";
 61    LC_MONETARY = "en_US.UTF-8";
 62    LC_NAME = "en_US.UTF-8";
 63    LC_NUMERIC = "en_US.UTF-8";
 64    LC_PAPER = "en_US.UTF-8";
 65    LC_TELEPHONE = "en_US.UTF-8";
 66    LC_TIME = "en_US.UTF-8";
 67  };
 68
 69  users.users.xan = {
 70    isNormalUser = true;
 71    extraGroups = [
 72      # Enable ‘sudo’ for the user.
 73      "networkmanager"
 74      "wheel"
 75    ];
 76    packages = with pkgs; [
 77      tree
 78    ];
 79    openssh.authorizedKeys.keys = [
 80      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILsq6xp3LtOL4iBF4+ehkGC8GFpbZLnyckgad8Fh5QKy xan.lol"
 81    ];
 82  };
 83
 84  # networking.firewall.allowedTCPPorts = [ ];
 85  # networking.firewall.allowedUDPPorts = [ ];
 86  # networking.firewall.allowedTCPPortRanges = [
 87  #   {
 88  #     from = 1714;
 89  #     to = 1764;
 90  #   }
 91  # ];
 92  # networking.firewall.allowedUDPPortRanges = [
 93  #   {
 94  #     from = 1714;
 95  #     to = 1764;
 96  #   }
 97  # ];
 98
 99  # Or disable the firewall altogether.
100  # networking.firewall.enable = false;
101
102  # Enable the OpenSSH daemon.
103  services.openssh = {
104    enable = true;
105    settings = {
106      PermitRootLogin = "no";
107      PasswordAuthentication = false;
108    };
109  };
110
111  environment.systemPackages = with pkgs; [
112    fastfetch
113  ];
114
115  # This value determines the NixOS release from which the default
116  # settings for stateful data, like file locations and database versions
117  # on your system were taken. It‘s perfectly fine and recommended to leave
118  # this value at the release version of the first install of this system.
119  # Before changing this value read the documentation for this option
120  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
121  system.stateVersion = "25.11"; # Did you read the comment?
122}