79 lines
1.6 KiB
Nix
79 lines
1.6 KiB
Nix
{
|
|
lib,
|
|
config,
|
|
pkgs,
|
|
...
|
|
}: let
|
|
ifTheyExist = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups;
|
|
in {
|
|
users.users.cnst = {
|
|
isNormalUser = true;
|
|
shell = pkgs.fish;
|
|
extraGroups = ifTheyExist [
|
|
"wheel"
|
|
"networkmanager"
|
|
"audio"
|
|
"video"
|
|
"git"
|
|
"mysql"
|
|
"docker"
|
|
"libvirtd"
|
|
"qemu-libvirtd"
|
|
"kvm"
|
|
"network"
|
|
"gamemode"
|
|
"adbusers"
|
|
"rtkit"
|
|
"users"
|
|
"plocate"
|
|
"fuse"
|
|
"fail2ban"
|
|
"vaultwarden"
|
|
];
|
|
};
|
|
|
|
imports = [
|
|
./hardware-configuration.nix
|
|
./modules.nix
|
|
./settings.nix
|
|
./server.nix
|
|
];
|
|
|
|
boot.initrd.luks.devices."luks-47b35d4b-467a-4637-a5f9-45177da62897".device = "/dev/disk/by-uuid/47b35d4b-467a-4637-a5f9-45177da62897";
|
|
|
|
networking = {
|
|
hostName = "sobotka";
|
|
domain = "cnst.dev";
|
|
firewall.allowedUDPPorts = [51820];
|
|
wireguard = {
|
|
interfaces.wg1 = {
|
|
ips = [
|
|
"127.0.0.1/8"
|
|
];
|
|
peers = [
|
|
{
|
|
name = "kima";
|
|
allowedIPs = ["192.168.88.13/24"];
|
|
publicKey = "cUeRvwTwrL5GRc4dHjea89RJSa1kh4kIA/sHYzmscyQ=";
|
|
}
|
|
];
|
|
privateKeyFile = config.age.secrets.wgSobotkaPrivateKey.path;
|
|
};
|
|
};
|
|
};
|
|
|
|
powerManagement.enable = false;
|
|
|
|
swapDevices = [
|
|
{
|
|
device = "/var/lib/swapfile";
|
|
size = 8 * 1024;
|
|
}
|
|
];
|
|
|
|
environment.variables.NH_FLAKE = "/home/cnst/.nix-config";
|
|
|
|
# # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
|
|
system.stateVersion = lib.mkDefault "25.05";
|
|
}
|