90 lines
2.5 KiB
Nix
90 lines
2.5 KiB
Nix
# Edit this configuration file to define what should be installed on
|
||
# your system. Help is available in the configuration.nix(5) man page
|
||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||
|
||
{ config, pkgs, ... }:
|
||
|
||
{
|
||
system.autoUpgrade.enable = true;
|
||
nix.optimise.automatic = true;
|
||
nix.gc.automatic = true;
|
||
nixpkgs.config.allowUnfree = true;
|
||
|
||
networking.useDHCP = false;
|
||
networking.firewall.enable = true; # is already enabled ...
|
||
networking.firewall.allowedUDPPorts = [ 5355 ]; # LLMNR
|
||
|
||
services.openssh = {
|
||
enable = true;
|
||
passwordAuthentication = false;
|
||
kbdInteractiveAuthentication = false;
|
||
permitRootLogin = "without-password";
|
||
openFirewall = true;
|
||
ports = [ 1512 ];
|
||
startWhenNeeded = true;
|
||
};
|
||
users.users.root.openssh.authorizedKeys.keys = [
|
||
"command=\"zrepl stdinserver fireStore\",restrict ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM1U9DTKueKuTuu/F9wxGr3we7y00V8HMyUjVBMwFQwo root-zrepl@fireStore"
|
||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDZm0TZPBzgXrY1vrLoYviNRb/oGZQDQk9vrppPK84sN55ZPlr9VvP+JYE7Qkx8teRuH9ulxqX40+dxKaiAXMUl4HU57KPLjwCb7SnBNIFTv6ZHGxPS8ZgUzKJr4Agph51oenNEO3RziEqAo3EwK67SGnjeIYQQKcjpfwd08+PYMOjv42zSYQ9umooj5LooOvbxoogZ3VpboXv6DeyA4rev1M9RgnMWaWVF2LxJjQ3jVr7xh1vZktVGKuVk/XXKD6WVAuwmGMVEouQzjtG9kepWd8FUYe+fgj5mtdqfeQP9CypxvOcb7jT20wO1Abpp5udS9iPDQHg+lafklIAeKG3qgxxhBDH3otXtnWcoeXUmDpBI8HU/8d/yrGaLHYRfy3HHiSGFq3lBgoxi83QIOl9ELeKWMJC0fWKBApm0NU0flgwfy2j7GRyXmlM7tVFyuj5RTAZNQfgD9g054di9WbtUs7sm/9r3/rQe2+3neE3Jskt4xvZK0xbc4dZSZGn4E2JDWjENqPBvQ2dU5lsjpUKTZWAnxVGPe//BErsDxNLIHWz8emG71r3Q2yud4KPdAR9CgeC8g1bwlCI6JDFZutKBzIlE3QQ4ryKJEioiUL89xi6G+nNB7W5ABsQN0ZtWvZl8TG4Wh00B+oBXzgRER5Y9SdAYcrwWxlGVxxQyElUNrw=="
|
||
];
|
||
|
||
time.timeZone = "Europe/Berlin";
|
||
i18n.defaultLocale = "en_IE.UTF-8";
|
||
console = {
|
||
font = "Lat2-Terminus16";
|
||
keyMap = "de";
|
||
};
|
||
|
||
environment.systemPackages = with pkgs; [
|
||
python3
|
||
killall
|
||
htop
|
||
bat
|
||
git
|
||
git-lfs
|
||
tig
|
||
tcpdump
|
||
iperf3
|
||
figlet
|
||
grml-zsh-config
|
||
tmux
|
||
neovim
|
||
xh
|
||
liboping
|
||
mtr
|
||
jq
|
||
unzip
|
||
unrar
|
||
home-manager
|
||
];
|
||
programs.mosh.enable = true; # open firewall
|
||
|
||
programs.neovim = {
|
||
enable = true;
|
||
defaultEditor = true;
|
||
viAlias = true;
|
||
vimAlias = true;
|
||
};
|
||
|
||
# zsh
|
||
users.defaultUserShell = pkgs.zsh;
|
||
programs.zsh = {
|
||
enable = true;
|
||
autosuggestions.enable = true;
|
||
syntaxHighlighting.enable = true;
|
||
interactiveShellInit = ''
|
||
source ${pkgs.grml-zsh-config}/etc/zsh/zshrc
|
||
'';
|
||
promptInit = "";
|
||
shellAliases = {
|
||
ip = "ip --color";
|
||
watch = "watch -c";
|
||
grep = "grep --color=always --exclude-dir=.git";
|
||
};
|
||
};
|
||
|
||
# tmux
|
||
imports = [ ./files/tmux.nix ];
|
||
}
|
||
|