cschmatzler/nixos-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ed7fc605b146212a289162330cf611aea519a001
nixos-config/modules/nixos/default.nix
Christoph Schmatzler ed7fc605b1 up
2025-08-12 17:56:16 +00:00

115 lines
2.1 KiB
Nix
Raw Blame History

{
pkgs,
nixvim,
config,
user,
agenix,
...
}: let
sshKeys = import ../../shared/ssh-keys.nix;
in {
imports = [
agenix.nixosModules.default
];
system.stateVersion = "25.11";
time.timeZone = "UTC";
nix = {
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
nixPath = ["nixos-config=/home/${user}/.local/share/src/nixos-config:/etc/nixos"];
};
networking.firewall = {
enable = true;
trustedInterfaces = ["eno1" "tailscale0"];
};
services = {
openssh = {
enable = true;
settings = {
PermitRootLogin = "yes";
PasswordAuthentication = false;
};
};
tailscale = {
enable = true;
port = 41641;
useRoutingFeatures = "server";
openFirewall = true;
};
adguardhome = {
enable = true;
port = 10000;
settings = {
dns = {
upstream_dns = [
"1.1.1.1"
"1.0.0.1"
];
};
filtering = {
protection_enabled = true;
filtering_enabled = true;
safe_search = {
enabled = false;
};
};
};
};
};
users.users = {
${user} = {
isNormalUser = true;
home = "/home/${user}";
extraGroups = [
"wheel"
"sudo"
"network"
"systemd-journal"
"docker"
];
shell = pkgs.fish;
openssh.authorizedKeys.keys = sshKeys.keys;
};
root = {
openssh.authorizedKeys.keys = sshKeys.keys;
};
};
security.sudo = {
enable = true;
};
environment.systemPackages = [
agenix.packages."${pkgs.system}".default
];
home-manager = {
users.${user} = {
pkgs,
config,
lib,
...
}: {
_module.args = {inherit user;};
imports = [
nixvim.homeModules.nixvim
../base/home-manager
./home-manager/zellij.nix
];
home = {
packages = pkgs.callPackage ../base/packages.nix {} ++ pkgs.callPackage ./packages.nix {};
stateVersion = "25.11";
};
};
};
}
Reference in New Issue View Git Blame Copy Permalink