78 lines
2 KiB
Nix
78 lines
2 KiB
Nix
{ host, config, lib, ...}:
|
|
let cfg = config.system-sys; in {
|
|
options.system-sys = {
|
|
enable = lib.mkOption {
|
|
type = lib.types.bool;
|
|
default = true;
|
|
};
|
|
swapSize = lib.mkOption {
|
|
type = lib.types.int;
|
|
default = 4;
|
|
};
|
|
zram = lib.mkOption {
|
|
type = lib.types.bool;
|
|
default = true;
|
|
};
|
|
documentation = lib.mkOption {
|
|
type = lib.types.bool;
|
|
default = false;
|
|
};
|
|
};
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
time.timeZone = "America/Chicago";
|
|
boot.tmp.cleanOnBoot = true;
|
|
zramSwap.enable = cfg.zram;
|
|
security.sudo-rs = {
|
|
enable = true;
|
|
wheelNeedsPassword = false;
|
|
};
|
|
swapDevices = [
|
|
{
|
|
device = "/swapfile";
|
|
size = cfg.swapSize * 1024;
|
|
}
|
|
];
|
|
documentation = lib.mkIf cfg.documentation {
|
|
enable = lib.mkDefault false;
|
|
info.enable = lib.mkDefault false;
|
|
man.enable = lib.mkDefault false;
|
|
nixos.enable = lib.mkDefault false;
|
|
};
|
|
networking = {
|
|
domain = "";
|
|
hostName = host.hostName;
|
|
firewall = {
|
|
enable = true;
|
|
allowedTCPPorts = [
|
|
22
|
|
];
|
|
logRefusedConnections = true;
|
|
};
|
|
};
|
|
users = {
|
|
groups.plugdev = { };
|
|
groups.${host.username} = { };
|
|
users.${host.username} = {
|
|
isNormalUser = true;
|
|
group = "${host.username}";
|
|
home = "/home/e";
|
|
extraGroups = [
|
|
"wheel"
|
|
"plugdev"
|
|
"video"
|
|
"adbusers"
|
|
"network"
|
|
];
|
|
openssh.authorizedKeys.keys = [
|
|
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHM4Zr0PFN7QdOG2aJ+nuzRCK6caulrpY6bphA1Ppl8Y e@t14''
|
|
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJou+k8HtIWdlztpWog7fVfJgxJnRIo7c5xVPUBhBxhi'' # phone
|
|
];
|
|
};
|
|
};
|
|
users.users.root.openssh.authorizedKeys.keys = [
|
|
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDcL53Gdrj5V9YDwKlCBIcgqiS+zHtOQpJlnOHTevJCJ e@t14''
|
|
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHM4Zr0PFN7QdOG2aJ+nuzRCK6caulrpY6bphA1Ppl8Y e@t14''
|
|
];
|
|
};
|
|
}
|