26 lines
608 B
Nix
26 lines
608 B
Nix
{ pkgs, config, ... }: {
|
|
config = {
|
|
services.openssh.enable = true;
|
|
services.avahi = { enable = true; nssmdns4 = true; };
|
|
|
|
sops.defaultSopsFile = ./secrets/encrypted_secrets.yaml;
|
|
sops.defaultSopsFormat = "yaml";
|
|
|
|
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
home-manager
|
|
bash
|
|
busybox
|
|
git
|
|
eza
|
|
sops
|
|
];
|
|
|
|
security.sudo-rs = {
|
|
enable = true;
|
|
execWheelOnly = false;
|
|
wheelNeedsPassword = false; # allows sudo without password for those in the wheel group
|
|
};
|
|
};
|
|
} |