configuration.nix (view raw)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 |
{ config, lib, pkgs, ... }:
{
imports =
[
./hardware-configuration.nix
];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.kernelPackages = pkgs.linuxPackages_latest;
networking.hostName = "RFC-7168";
networking.networkmanager.enable = true;
time.timeZone = "Europe/Berlin";
services.pipewire = {
enable = true;
pulse.enable = true;
};
# Enable touchpad support (enabled default in most desktopManager).
services.libinput.enable = true;
# Define a user account. Don't forget to set a password with ‘passwd’.
users.users.crispy = {
isNormalUser = true;
extraGroups = [ "wheel" ];
packages = with pkgs; [
tree
];
};
programs.firefox.enable = true;
environment.systemPackages = with pkgs; [
vim
curl
microfetch
gdu
age
];
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
age.secrets.wg0-key = {
file = ./secrets/wg0-key.age;
};
networking.wg-quick.interfaces = {
wg0 = {
address = ["10.0.0.18/32"];
privateKeyFile = config.age.secrets.wg0-key.path;
peers = [
{
endpoint = "202.61.203.128:51820";
publicKey = "dGeLAqZD81XYcZQBJ5SELiUGh7hD//G+o1rahSpxY0s=";
allowedIPs = [ "10.0.0.1/32" ];
}
];
};
};
programs.git = {
enable = true;
config = {
user = {
email = "crispy@crispy-caesus.eu";
name = "crispy-caesus";
};
};
};
services.openssh.enable = true;
networking.firewall.allowedTCPPorts = [ 22 ];
system.stateVersion = "25.11";
}
|