levanter/configuration.nix

   1 { device, hostname, ayo_public_key, ... }: {
   2         imports = [
   3                 ./hardware-configuration.nix
   4                 ./disko.nix
   5                 ./caddy.nix
   6                 ./komuhn-website.nix
   7                 ./git-server.nix
   8         ];
   9
  10         boot.loader.grub = {
  11                 enable = true;
  12                 inherit device;
  13         };
  14
  15         networking.hostName = hostname;
  16
  17         security.pam = {
  18                 sshAgentAuth.enable = true;
  19                 services."sudo".sshAgentAuth = true;
  20         };
  21
  22         services.openssh.enable = true;
  23
  24         users = {
  25                 mutableUsers = false;
  26
  27                 users."ayo" = {
  28                         isNormalUser = true;
  29                         extraGroups = [ "wheel" ];
  30                         openssh.authorizedKeys.keys = [ ayo_public_key ];
  31                 };
  32         };
  33
  34         system.stateVersion = "26.05";
  35
  36         nix.settings = {
  37                 trusted-users = [ "ayo" ];
  38                 experimental-features = [ "nix-command" "flakes" ];
  39         };
  40 }