a bit of reorg
This commit is contained in:
John Lancaster
@@ -1,45 +1,7 @@
|
||||
{
|
||||
pkgs,
|
||||
config,
|
||||
systemSettings,
|
||||
userSettings,
|
||||
...
|
||||
}: {
|
||||
{ ... }: {
|
||||
imports =
|
||||
[
|
||||
./services/loki.nix
|
||||
./users.nix
|
||||
];
|
||||
|
||||
config = {
|
||||
nix.settings.experimental-features = ["nix-command" "flakes"];
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
system.stateVersion = "${systemSettings.stateVersion}";
|
||||
# programs.nix-ld.enable = true;
|
||||
services.openssh.enable = true;
|
||||
services.avahi = { enable = true; nssmdns4 = true; };
|
||||
|
||||
time.timeZone = "${systemSettings.timeZone}";
|
||||
networking.hostName = systemSettings.hostName;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
home-manager
|
||||
bash
|
||||
busybox
|
||||
git
|
||||
eza
|
||||
];
|
||||
|
||||
security.sudo-rs = {
|
||||
enable = true;
|
||||
execWheelOnly = false;
|
||||
wheelNeedsPassword = false; # allows sudo without password for those in the wheel group
|
||||
};
|
||||
|
||||
users.users.${userSettings.username} = {
|
||||
isNormalUser = true;
|
||||
uid = 1000;
|
||||
extraGroups = [ "wheel" ];
|
||||
openssh.authorizedKeys.keyFiles = [ /root/.ssh/authorized_keys ];
|
||||
};
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
9
nixosModules/home-manager/git.nix
Normal file
9
nixosModules/home-manager/git.nix
Normal file
@@ -0,0 +1,9 @@
|
||||
{ ... }:
|
||||
{
|
||||
programs.git = {
|
||||
enable = true;
|
||||
extraConfig.credential.helper = "store --file ~/.git-credentials";
|
||||
userName = "John Lancaster";
|
||||
userEmail = "32917998+jsl12@users.noreply.github.com";
|
||||
};
|
||||
}
|
||||
26
nixosModules/users.nix
Normal file
26
nixosModules/users.nix
Normal file
@@ -0,0 +1,26 @@
|
||||
{ config, userSettings, ... }:
|
||||
{
|
||||
# Uses rust-based sudo
|
||||
security.sudo-rs = {
|
||||
enable = true;
|
||||
execWheelOnly = false;
|
||||
wheelNeedsPassword = false; # allows sudo without password for those in the wheel group
|
||||
};
|
||||
|
||||
users.users.root = {
|
||||
isSystemUser = true;
|
||||
extraGroups = [
|
||||
"wheel" # needed for sudo without password
|
||||
"docker" # needed for docker without sudo
|
||||
];
|
||||
openssh.authorizedKeys.keyFiles = [ /root/.ssh/authorized_keys ];
|
||||
};
|
||||
|
||||
home-manager = {
|
||||
useGlobalPkgs = true;
|
||||
users.root = {
|
||||
home.stateVersion = config.system.stateVersion;
|
||||
imports = [ ./home-manager/git.nix ];
|
||||
};
|
||||
};
|
||||
}
|
||||
Reference in New Issue
Block a user