47 lines
1.2 KiB
Nix
47 lines
1.2 KiB
Nix
{ pkgs, lib, userSettings, systemSettings, ... }:
|
|
{
|
|
imports = [
|
|
(import ./home-manager/home.nix {inherit systemSettings userSettings lib;})
|
|
./nixos
|
|
./scripts
|
|
];
|
|
system.stateVersion = systemSettings.stateVersion;
|
|
time.timeZone = "${systemSettings.timeZone}";
|
|
|
|
nix.settings.trusted-users = [ "root" "@wheel" ];
|
|
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
|
|
|
programs.nix-ld.enable = true;
|
|
|
|
sops.defaultSopsFile = ./secrets/encrypted_secrets.yaml;
|
|
sops.defaultSopsFormat = "yaml";
|
|
|
|
# This is needed for nix to access the secrets at build time.
|
|
# It doesn't affect for the `sops ...` command
|
|
# Optional if the system has the key age for /etc/ssh/ssh_host_ed25519_key in .sops.yaml
|
|
# sops.age.keyFile = "${userSettings.adHome}/.config/sops/age/keys.txt";
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
bash
|
|
git
|
|
eza
|
|
gh
|
|
sops
|
|
gdbm
|
|
];
|
|
|
|
virtualisation.docker.enable = true;
|
|
virtualisation.oci-containers.backend = "docker";
|
|
|
|
services.vscode-server.enable = true;
|
|
services.openssh.enable = true;
|
|
services.tailscale.enable = true;
|
|
|
|
services.cron = {
|
|
enable = true;
|
|
systemCronJobs = [
|
|
"30 2 * * * /run/current-system/sw/bin/nfs > /etc/nixos/auto_update.log 2>&1"
|
|
];
|
|
};
|
|
}
|