61 lines
1.5 KiB
Nix
61 lines
1.5 KiB
Nix
{ config
|
|
, pkgs
|
|
, lib
|
|
, ...
|
|
}:
|
|
let
|
|
secretsPath = config.dadada.secrets.path;
|
|
in
|
|
with lib; {
|
|
imports = [
|
|
./backup.nix
|
|
./base.nix
|
|
];
|
|
|
|
networking.domain = mkDefault "dadada.li";
|
|
|
|
services.fwupd.enable = mkDefault true;
|
|
programs.ssh.startAgent = true;
|
|
programs.ssh.enableAskPassword = true;
|
|
|
|
age.identityPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
|
|
|
fonts.fonts = mkDefault (with pkgs; [
|
|
source-code-pro
|
|
]);
|
|
|
|
users.mutableUsers = mkDefault true;
|
|
|
|
# Use the systemd-boot EFI boot loader.
|
|
boot.loader.systemd-boot.enable = mkDefault true;
|
|
boot.loader.efi.canTouchEfiVariables = mkDefault true;
|
|
|
|
services.fstrim.enable = mkDefault true;
|
|
|
|
services.avahi.enable = mkDefault true;
|
|
|
|
networking.networkmanager.enable = mkDefault true;
|
|
networking.firewall.enable = mkDefault true;
|
|
|
|
services.xserver.enable = mkDefault true;
|
|
services.xserver.displayManager.gdm.enable = mkDefault true;
|
|
services.xserver.desktopManager.gnome.enable = mkDefault true;
|
|
|
|
xdg.mime.enable = mkDefault true;
|
|
|
|
security.rtkit.enable = true;
|
|
services.pipewire = {
|
|
enable = true;
|
|
alsa.enable = true;
|
|
alsa.support32Bit = true;
|
|
pulse.enable = true;
|
|
};
|
|
hardware.pulseaudio.enable = false;
|
|
|
|
dadada.backupClient.gs = {
|
|
enable = true;
|
|
passphrasePath = config.age.secrets."${config.networking.hostName}-backup-passphrase-gs".path;
|
|
};
|
|
|
|
age.secrets."${config.networking.hostName}-backup-passphrase-gs".file = "${secretsPath}/${config.networking.hostName}-backup-passphrase-gs.age";
|
|
}
|