1 files changed, 79 insertions, 0 deletions
diff --git a/users/sterni/modules/common.nix b/users/sterni/modules/common.nix
new file mode 100644
index 0000000000..2c513acad3
--- /dev/null
+++ b/users/sterni/modules/common.nix
@@ -0,0 +1,79 @@
+# This module is common in the weakest sense, i.e. contains common settings to
+# all my machines contained in depot—as opposed to common to all my potential
+# machines. Consequently, this module is currently very server-centric.
+{ pkgs, lib, depot, config, ... }:
+
+let
+  me = "lukas";
+in
+
+{
+  config = {
+
+    # More common
+
+    time.timeZone = "Europe/Berlin";
+
+    nix = {
+      package = pkgs.nix_2_3;
+      settings = {
+        trusted-public-keys = lib.mkAfter [
+          "headcounter.org:/7YANMvnQnyvcVB6rgFTdb8p5LG1OTXaO+21CaOSBzg="
+        ];
+        substituters = lib.mkAfter [
+          "https://hydra.build"
+        ];
+        trusted-users = [ me ];
+      };
+    };
+    tvl.cache.enable = true;
+
+    programs.fish.enable = true;
+
+    users = {
+      users = {
+        root.openssh.authorizedKeys.keys = depot.users.sterni.keys.all;
+        ${me} = {
+          isNormalUser = true;
+          extraGroups = [ "wheel" "http" "git" ];
+          openssh.authorizedKeys.keys = depot.users.sterni.keys.all;
+          shell = pkgs.fish;
+        };
+      };
+    };
+
+    # Less common
+
+    services = {
+      journald.extraConfig = ''
+        SystemMaxUse=10G
+      '';
+
+      openssh.enable = true;
+    };
+
+    programs = {
+      mosh.enable = true;
+      tmux.enable = true;
+    };
+
+    environment.systemPackages = [
+      pkgs.wget
+      pkgs.git
+      pkgs.stow
+      pkgs.htop
+      pkgs.foot.terminfo
+      pkgs.vim
+      pkgs.smartmontools
+    ];
+
+    security.acme = {
+      defaults.email = builtins.getAttr "email" (
+        builtins.head (
+          builtins.filter (attrs: attrs.username == "sterni") depot.ops.users
+        )
+      );
+      acceptTerms = true;
+    };
+  };
+}