From a1c7956366e8ba7ec38bb8d959929190f554b11b Mon Sep 17 00:00:00 2001 From: Caroline Larimore Date: Thu, 25 Jul 2024 20:02:01 -0700 Subject: phoenix: create host --- hosts/phoenix/configuration.nix | 79 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 79 insertions(+) create mode 100644 hosts/phoenix/configuration.nix (limited to 'hosts/phoenix/configuration.nix') diff --git a/hosts/phoenix/configuration.nix b/hosts/phoenix/configuration.nix new file mode 100644 index 0000000..45007dc --- /dev/null +++ b/hosts/phoenix/configuration.nix @@ -0,0 +1,79 @@ +{ config, lib, pkgs, inputs, ... }: + +{ + imports = [ + ./hardware.nix + ../../core + ../../roles + ]; + + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + + environment.persistence."/persist/system" = { + hideMounts = true; + + directories = [ + "/etc/nixos" + "/var/log" + "/var/lib/nixos" + "/var/lib/systemd/coredump" + ]; + + files = [ + "/etc/machine-id" + ]; + }; + + programs.fuse.userAllowOther = true; + + networking = { + hostName = "phoenix"; + hostId = "d62900ff"; + + useDHCP = true; + }; + + time.timeZone = "America/Los_Angeles"; + + users.users = { + root.hashedPasswordFile = "/secrets/passwords/root"; + + "c" = { + isNormalUser = true; + hashedPasswordFile = "/secrets/passwords/c"; + extraGroups = [ "wheel" ]; + openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIDO8JxqS7B2n3YlNtlVMZGARi+GG/z7wLiiyl52qSZc caroline@larimo.re" ]; + }; + }; + + roles = { + + }; + + programs = { + gnupg.agent = { + enable = true; + enableSSHSupport = true; + }; + }; + + services = { + pcscd.enable = true; + openssh = { + enable = true; + settings = { + PermitRootLogin = "no"; + PasswordAuthentication = false; + }; + }; + }; + + environment.systemPackages = with pkgs; [ + (writeShellScriptBin "rb" "sudo nixos-rebuild switch --flake /etc/nixos") + (writeShellScriptBin "rbf" "sudo nixos-rebuild switch --flake path:/etc/nixos") + + ffmpeg + ]; + + system.stateVersion = "24.05"; +} -- cgit v1.2.3