-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdefault.nix
83 lines (77 loc) · 1.34 KB
/
default.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
{
lib,
pkgs,
config,
...
}:
{
environment.systemPackages = with pkgs; [
bat
bc
btop
curl
difftastic
dig
dmidecode
dstat
dust
dysk
fd
file
fzf
git
hdparm
htop
iotop
killall
lshw
lsof
molly-guard
ncdu
nmon
pstree
procs
tmux
tree
vim
wget
whois
zsh
];
users.users.dgrig = {
isNormalUser = true;
extraGroups = [
"wheel"
"plugdev"
];
initialPassword = "vmonlypass";
openssh.authorizedKeys.keys = [
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIPb9z1U7Sti2lls0mlcmyPwmwD91amKwVlLZHYclSoULAAAABHNzaDo="
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBg4C7jOGuVMxSvUlGaZXf0JD/jag//1kFl5okKhjQhF"
];
};
users.defaultUserShell = pkgs.zsh;
security.sudo.wheelNeedsPassword = false;
programs.zsh.enable = true;
networking.firewall.enable = true;
nix.package = pkgs.lix;
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
services = {
openssh = {
enable = true;
ports = [ 222 ];
settings = {
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
PermitRootLogin = lib.mkDefault "no";
};
};
locate = {
enable = true;
};
speechd.enable = false;
};
}