74 lines
1.9 KiB
Nix
74 lines
1.9 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
let state-dir = "/state";
|
|
in {
|
|
fudo.slynk.enable = true;
|
|
|
|
environment.systemPackages = with pkgs; [ opencv-java ];
|
|
|
|
networking = {
|
|
interfaces.intif0.useDHCP = true;
|
|
firewall.enable = false;
|
|
};
|
|
|
|
systemd.tmpfiles.rules = [
|
|
"L /root/.gnupg - - - - ${state-dir}/user/root/gnupg"
|
|
"L /root/.ssh/id_rsa - - - - ${state-dir}/user/root/ssh/id_rsa"
|
|
"L /root/.ssh/id_rsa.pub - - - - ${state-dir}/user/root/ssh/id_rsa.pub"
|
|
"L /root/.ssh/known_hosts - - - - ${state-dir}/user/root/ssh/known_hosts"
|
|
"L /var/lib/flatpak - - - - ${state-dir}/lib/flatpak"
|
|
];
|
|
|
|
services.openssh.hostKeys = [
|
|
{
|
|
path = "${state-dir}/ssh/ssh_host_rsa_key";
|
|
type = "rsa";
|
|
bits = 4096;
|
|
}
|
|
{
|
|
path = "${state-dir}/ssh/ssh_host_ed25519_key";
|
|
type = "ed25519";
|
|
bits = 4096;
|
|
}
|
|
];
|
|
|
|
environment.etc = {
|
|
"ssh/ssh_host_rsa_key" = {
|
|
source = "${state-dir}/ssh/ssh_host_rsa_key";
|
|
user = "root";
|
|
group = "root";
|
|
mode = "0400";
|
|
};
|
|
"ssh/ssh_host_rsa_key.pub" = {
|
|
source = "${state-dir}/ssh/ssh_host_rsa_key.pub";
|
|
user = "root";
|
|
group = "root";
|
|
mode = "0444";
|
|
};
|
|
"ssh/ssh_host_ed25519_key" = {
|
|
source = "${state-dir}/ssh/ssh_host_ed25519_key";
|
|
user = "root";
|
|
group = "root";
|
|
mode = "0400";
|
|
};
|
|
"ssh/ssh_host_ed25519_key.pub" = {
|
|
source = "${state-dir}/ssh/ssh_host_ed25519_key.pub";
|
|
user = "root";
|
|
group = "root";
|
|
mode = "0444";
|
|
};
|
|
nixos.source = "/etc/nixos-live";
|
|
"host-config.nix".source = "${state-dir}/host/host-config.nix";
|
|
adjtime.source = "${state-dir}/host/adjtime";
|
|
NIXOS.source = "${state-dir}/host/NIXOS";
|
|
};
|
|
|
|
hardware.bluetooth.enable = true;
|
|
hardware.xpadneo.enable = true;
|
|
|
|
security.sudo.extraConfig = ''
|
|
# Due to rollback, sudo will lecture after every reboot
|
|
Defaults lecture = never
|
|
'';
|
|
}
|