80 lines
1.4 KiB
Nix
80 lines
1.4 KiB
Nix
{
|
|
pkgs,
|
|
inputs,
|
|
user,
|
|
constants,
|
|
...
|
|
}: {
|
|
security.sudo.enable = true;
|
|
security.sudo.extraRules = [
|
|
{
|
|
users = [user];
|
|
commands = [
|
|
{
|
|
command = "/run/current-system/sw/bin/nix-env";
|
|
options = ["NOPASSWD"];
|
|
}
|
|
{
|
|
command = "/nix/store/*/bin/switch-to-configuration";
|
|
options = ["NOPASSWD"];
|
|
}
|
|
];
|
|
}
|
|
];
|
|
|
|
system.stateVersion = constants.stateVersions.nixos;
|
|
time.timeZone = "UTC";
|
|
|
|
home-manager.sharedModules = [
|
|
{_module.args = {inherit user constants inputs;};}
|
|
];
|
|
|
|
nix = {
|
|
settings.trusted-users = [user];
|
|
gc.dates = "weekly";
|
|
nixPath = ["nixos-config=/home/${user}/.local/share/src/nixos-config:/etc/nixos"];
|
|
};
|
|
|
|
boot = {
|
|
loader = {
|
|
systemd-boot = {
|
|
enable = true;
|
|
configurationLimit = 42;
|
|
};
|
|
efi.canTouchEfiVariables = true;
|
|
};
|
|
initrd.availableKernelModules = [
|
|
"xhci_pci"
|
|
"ahci"
|
|
"nvme"
|
|
"usbhid"
|
|
"usb_storage"
|
|
"sd_mod"
|
|
];
|
|
kernelPackages = pkgs.linuxPackages_latest;
|
|
};
|
|
|
|
sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
|
|
|
|
users.users = {
|
|
${user} = {
|
|
isNormalUser = true;
|
|
home = "/home/${user}";
|
|
extraGroups = [
|
|
"wheel"
|
|
"sudo"
|
|
"network"
|
|
"systemd-journal"
|
|
];
|
|
shell = pkgs.nushell;
|
|
openssh.authorizedKeys.keys = constants.sshKeys;
|
|
};
|
|
|
|
root = {
|
|
openssh.authorizedKeys.keys = constants.sshKeys;
|
|
};
|
|
};
|
|
|
|
home-manager.useGlobalPkgs = true;
|
|
}
|