{ config, lib, pkgs, ... }: { imports = [ ./hardware-configuration.nix ]; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; boot.kernelPackages = pkgs.linuxPackages_latest; networking.hostName = "RFC-7168"; networking.networkmanager.enable = true; time.timeZone = "Europe/Berlin"; services.pipewire = { enable = true; pulse.enable = true; }; services.logind.settings.Login = { HandleLidSwitch = "ignore"; HandleLidSwitchDocked = "ignore"; HandleLidSwitchExternalPower = "ignore"; HandlePowerKey = "ignore"; HandleRebootKey = "ignore"; HandleSuspendKey = "ignore"; HandleHibernateKey = "ignore"; }; systemd.services.foo = { enable = true; script = '' echo "0" > /sys/class/backlight/nv_backlight/brightness ''; wantedBy = [ "multi-user.target" ]; serviceConfig = { Restart = "on-failure"; RestartSec = "3"; }; }; # Enable touchpad support (enabled default in most desktopManager). services.libinput.enable = true; # Define a user account. Don't forget to set a password with ‘passwd’. users.users.crispy = { isNormalUser = true; extraGroups = [ "wheel" ]; packages = with pkgs; [ tree ]; }; programs.firefox.enable = true; environment.systemPackages = with pkgs; [ vim curl microfetch gdu age ]; programs.gnupg.agent = { enable = true; enableSSHSupport = true; }; age.secrets.wg0-key = { file = ./secrets/wg0-key.age; }; networking.wg-quick.interfaces = { wg0 = { address = ["10.0.0.18/32"]; privateKeyFile = config.age.secrets.wg0-key.path; peers = [ { endpoint = "202.61.203.128:51820"; publicKey = "dGeLAqZD81XYcZQBJ5SELiUGh7hD//G+o1rahSpxY0s="; allowedIPs = [ "10.0.0.1/32" "10.0.0.6/32" ]; persistentKeepalive = 25; } ]; }; }; programs.git = { enable = true; config = { user = { email = "crispy@crispy-caesus.eu"; name = "crispy-caesus"; }; }; }; services.openssh.enable = true; networking.firewall.allowedTCPPorts = [ 22 ]; system.stateVersion = "25.11"; }