58 lines
1.3 KiB
Nix
58 lines
1.3 KiB
Nix
{ config, lib, inputs, stable_pkgs, unstable_pkgs, ... }:
|
|
|
|
{
|
|
imports =
|
|
[ # Include the results of the hardware scan.
|
|
./hardware-configuration.nix
|
|
../../nixos
|
|
../../../modules/desktop/hypr
|
|
../../../users/blake
|
|
../../../modules/system
|
|
];
|
|
|
|
home-manager.users.blake.imports = [
|
|
../../../users/blake/hosts/yveltal.nix
|
|
];
|
|
|
|
system = {
|
|
ssh.enable = true;
|
|
sops.enable = true;
|
|
yubikey.enable = true;
|
|
tailscale.enable = true;
|
|
};
|
|
|
|
# boot (systemd is going on me)
|
|
boot.loader.systemd-boot.enable = true; # systemd your pretty cool ya know
|
|
boot.loader.efi.canTouchEfiVariables = true;
|
|
boot.initrd.systemd.enable = true; # better logging
|
|
|
|
# setup hostname and networking stack
|
|
services.resolved = {
|
|
enable = true;
|
|
fallbackDns = [ "1.1.1.1" "9.9.9.9" ];
|
|
dnsovertls = "opportunistic";
|
|
};
|
|
networking = {
|
|
hostName = "yveltal"; # hostname
|
|
networkmanager = {
|
|
enable = true; # the goat
|
|
dns = "systemd-resolved"; # the backup dancer!
|
|
};
|
|
};
|
|
|
|
hardware.bluetooth.enable = true;
|
|
|
|
# Open ports in the firewall.
|
|
networking.firewall.allowedTCPPorts = [
|
|
22
|
|
];
|
|
|
|
networking.firewall.allowedUDPPorts = [ 51820 ];
|
|
# Or disable the firewall altogether.
|
|
networking.firewall.enable = true;
|
|
|
|
system.stateVersion = "25.05"; # stays here : )
|
|
|
|
}
|
|
|