about summary refs log tree commit diff
path: root/users/sterni/machines/edwin/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'users/sterni/machines/edwin/default.nix')
-rw-r--r--users/sterni/machines/edwin/default.nix88
1 files changed, 88 insertions, 0 deletions
diff --git a/users/sterni/machines/edwin/default.nix b/users/sterni/machines/edwin/default.nix
new file mode 100644
index 000000000000..de34aa78afe4
--- /dev/null
+++ b/users/sterni/machines/edwin/default.nix
@@ -0,0 +1,88 @@
+{ config, lib, pkgs, depot, ... }:
+
+{
+  imports = [
+    # Third party modules we use
+    "${depot.third_party.agenix.src}/modules/age.nix"
+    # These modules touch things related to booting (filesystems, initrd network…)
+    ./hardware.nix
+    ./network.nix
+    # These modules configure services, websites etc.
+    ../../modules/disk-checkup.nix
+    ./minecraft.nix
+    ./gopher.nix
+    ./http/sterni.lv.nix
+    ./http/code.sterni.lv.nix
+    ./http/flipdot.openlab-augsburg.de.nix
+    ./http/likely-music.sterni.lv.nix
+  ];
+
+  config = {
+    time.timeZone = "Europe/Berlin";
+
+    nixpkgs.config.allowUnfreeRedistributable = true;
+    nix = {
+      package = pkgs.nix_2_3;
+      settings = {
+        trusted-public-keys = lib.mkAfter [
+          "headcounter.org:/7YANMvnQnyvcVB6rgFTdb8p5LG1OTXaO+21CaOSBzg="
+        ];
+        substituters = lib.mkAfter [
+          "https://hydra.build"
+        ];
+      };
+    };
+    tvl.cache.enable = true;
+
+    services = {
+      journald.extraConfig = ''
+        SystemMaxUse=1024M
+      '';
+
+      openssh.enable = true;
+    };
+
+    security.acme = {
+      defaults.email = builtins.getAttr "email" (
+        builtins.head (
+          builtins.filter (attrs: attrs.username == "sterni") depot.ops.users
+        )
+      );
+      acceptTerms = true;
+    };
+
+    programs = {
+      fish.enable = true;
+      mosh.enable = true;
+      tmux.enable = true;
+    };
+
+    environment.systemPackages = [
+      pkgs.weechat
+      pkgs.wget
+      pkgs.git
+      pkgs.stow
+      pkgs.htop
+      pkgs.foot.terminfo
+      pkgs.vim
+    ];
+
+    users = {
+      users = {
+        root.openssh.authorizedKeys.keys = depot.users.sterni.keys.all;
+        lukas = {
+          isNormalUser = true;
+          extraGroups = [ "wheel" "http" "git" ];
+          openssh.authorizedKeys.keys = depot.users.sterni.keys.all;
+          shell = "${pkgs.fish}/bin/fish";
+        };
+      };
+    };
+
+    nix.settings.trusted-users = [
+      "lukas"
+    ];
+
+    system.stateVersion = "20.09";
+  };
+}