{ pkgs, lib, ... }: { networking.hostName = ""; # Allows overriding via DHCP system.stateVersion = "24.11"; users.mutableUsers = false; nixpkgs.config.allowUnfree = true; services.automatic-timezoned.enable = true; nix.settings.experimental-features = [ "nix-command" "flakes" ]; networking.wireless.enable = false; # Basic Utilities environment.systemPackages = with pkgs; [ # Basic Utilities bc pv killall unzip # System Monitoring / TUI QoL Tools btop iotop tmux byobu # Applications vim_configurable # File Systems nfs-utils cifs-utils exfatprogs ]; ############################################################################## ############################################################################## ############################################################################## # Services services.uptimed.enable = true; services.openssh = { enable = true; settings = { PermitRootLogin = lib.mkForce "no"; PasswordAuthentication = false; }; }; virtualisation.docker.enable = true; virtualisation.containers.enable = true; zramSwap = { enable = true; algorithm = "zstd"; memoryPercent = 200; }; ############################################################################## ############################################################################## ############################################################################## # Disable Default User services.getty.autologinUser = lib.mkForce null; users.groups.nixos = {}; users.users.nixos.group = "nixos"; users.users.nixos.isSystemUser = lib.mkForce true; users.users.nixos.isNormalUser = lib.mkForce false; users.users.nixos.initialHashedPassword = lib.mkForce "!"; # Disable root as well users.users.root.initialHashedPassword = lib.mkForce "!"; ############################################################################## ############################################################################## ############################################################################## # Users users.users.lauren_lagarde = { isNormalUser = true; description = "Lauren Lagarde"; extraGroups = [ "docker" "wheel" "libvirtd" "disks" ]; initialHashedPassword = "$y$j9T$KqTFvSj9TYmRXugVbiSgj.$RbvxcGlY/DbLFioa64ntY5RO4Ym0CMswhegeQj5qHyD"; openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCl881A1gvgCx+4ECrmJnO2QCTiqjaOLfAegKAAkvWNFKL0rDfsj8tZULUcyn87HYsRrdmqCOQ62GOjQyK803azq7QTxwY4vjczkJxico4LnIToTobcz+JkgF6Rf/h74bs9dHk4ZU853FRBz3wi/14rI10Iwckt37B1ayJacpELuzFobKYip2FjiL1vNH3tiAFR131z+YBByvNX+uJYEhpsI0xry9zbsSUWUq5/YFpmjezblzYRokfsReYiKJeQBeROSeRC/xFBSnikECSylNI4sw5VIpGXFIxL5xhss+s+3dnb+LFQ+zInOYxkVRydYc/In9Wz6Tu7v07K8bjvE7nQwHenoGtRW590Xu0rJApS+k8Cu16sCO2QFj/aI+gCrhU0ymM0aicr0hFAME6Y7j9HcR6PxYxnXZjI7cfqhO5TG8jot25SPzJcvH3EV5oPKtAkw9XA+8+nAI9czFlUgHnuMJAqw1IGOD3qozwqZ5yn1+kG7FZJRpvaPc5pK2HtqaAKJmnRuVaWcFuNALh86gr7Qn8IEp8Q+YyKmDqrMZ4KLJUMnVqn4y0HVS1eB5nVujaJZUGJWA4q3og0FE/2kH74WEp2ZtuJAoEPcgfZ6Ns7BmmXIZU7qu4kQoQ73b3mn6hCi5xlQ/sClzwHYkRPo4tST64ED/UIRPCYe1byNUWSww== lauren@lagarde.dev" ]; }; ############################################################################## ############################################################################## ############################################################################## # Persistent Docker systemd.mounts = [ { type = "ext4"; options = "rw"; what = "/dev/sda"; where = "/persistent"; } ]; systemd.automounts = [ { wantedBy = [ "multi-user.target" ]; where = "/persistent"; } ]; virtualisation.docker.daemon.settings = { data-root = "/persistent/docker-root"; }; virtualisation.oci-containers.backend = "docker"; virtualisation.oci-containers.containers = { dockge = { image = "louislam/dockge"; ports = [ "5001:5001" ]; volumes = [ "/var/run/docker.sock:/var/run/docker.sock" "/persistent/stacks/dockge/data:/app/data" "/root/.docker/:/root/.docker" "/persistent/stacks:/persistent/stacks" ]; environment = { DOCKGE_STACKS_DIR = "/persistent/stacks"; }; }; }; }