38 lines
691 B
Nix
38 lines
691 B
Nix
{ config, pkgs, ... }:
|
|
|
|
{
|
|
|
|
boot = {
|
|
tmp.cleanOnBoot = true;
|
|
loader.grub.device = "/dev/sda";
|
|
};
|
|
|
|
constants.sopsFile = ../../common/auths.yaml;
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
bat
|
|
bottom
|
|
helix
|
|
];
|
|
|
|
programs = {
|
|
fish.enable = true;
|
|
git.enable = true;
|
|
starship.enable = true;
|
|
};
|
|
|
|
sops.secrets."users/root/password".neededForUsers = true;
|
|
|
|
system.stateVersion = "23.11";
|
|
|
|
users = {
|
|
mutableUsers = false;
|
|
users.root = {
|
|
openssh.authorizedKeys.keys = config.constants.publicKeys;
|
|
hashedPasswordFile = config.sops.secrets."users/root/password".path;
|
|
shell = pkgs.fish;
|
|
};
|
|
};
|
|
|
|
zramSwap.enable = true;
|
|
}
|