{
config,
pkgs,
lib,
inputs,
hostName,
...
}:
{
imports = [
../nixos/profiles/graphical.nix
../nixos/profiles/lang-fr.nix
../nixos/profiles/laptop.nix
../nixos/profiles/printing.nix
courge/backup.nix
courge/hardware.nix
courge/networking.nix
];
# Lower kernel's security for better performances
security.kernel.mitigations = "off";
home-manager.users.mo = {
imports = [ ../homes/mo.nix ];
};
users.users.root = {
openssh.authorizedKeys.keys = map lib.readFile [
../users/julm/ssh/oignon.pub
../users/julm/ssh/losurdo.pub
];
};
users.users.mo = {
isNormalUser = true;
uid = 1000;
# Put the hashedPassword in /nix/store,
# though /etc/shadow is not world readable...
# printf %s $(mkpasswd -m yescrypt)
hashedPassword = lib.readFile courge/users/mo/login/hashedPassword.clear;
extraGroups = [
"adbusers"
"dialout"
"lp"
"networkmanager"
#"plugdev" # For rtl-sdr
"scanner"
#"tor"
"video"
"wheel"
#"ipfs"
#config.services.davfs2.davGroup
#"vboxusers"
];
# If created, zfs-mount.service would require:
# zfs set overlay=yes ${hostName}/home
createHome = false;
openssh.authorizedKeys.keys = map lib.readFile [
../users/julm/ssh/oignon.pub
../users/julm/ssh/losurdo.pub
];
};
environment.systemPackages = [
#pkgs.riseup-vpn # Can't be installed by home-manager because it needs to install policy-kit rules
];
boot.extraModulePackages = [
];
#programs.fuse.userAllowOther = true;
services.xserver = {
desktopManager = {
gnome.enable = true;
};
displayManager = {
gdm.enable = true;
};
};
services.displayManager = {
defaultSession = "gnome";
autoLogin = {
user = config.users.users.mo.name;
};
};
# This value determines the NixOS release with which your system is to be
# compatible, in order to avoid breaking some software such as database
# servers. You should change this only after NixOS release notes say you should.
system.stateVersion = "23.05"; # Did you read the comment?
}