{ config, pkgs, lib, inputs, ... }:
{
imports = [
- ../nixos/profiles/server.nix
+ ../nixos/profiles/router.nix
#../nixos/profiles/debug.nix
../nixos/profiles/lang-fr.nix
#../nixos/profiles/tor.nix
+ ../nixos/profiles/networking/remote.nix
+ ../nixos/profiles/home.nix
aubergine/hardware.nix
+ aubergine/nebula.nix
aubergine/networking.nix
+ aubergine/printing.nix
aubergine/nginx.nix
aubergine/backup.nix
aubergine/sftp.nix
];
# Lower kernel's security for better performances
- boot.kernelParams = [ "mitigations=off" ];
+ security.kernel.mitigations = "off";
home-manager.users.julm = {
imports = [ ../homes/julm.nix ];
hashedPassword = lib.readFile aubergine/users/julm/login/hashedPassword.clear;
extraGroups = [
"adbusers"
+ "audio"
"dialout"
"networkmanager"
"tor"
+ "video"
"wheel"
+ "wireshark"
];
- # If created, zfs-mount.service would require:
- # zfs set overlay=yes ${hostName}/home
createHome = true;
openssh.authorizedKeys.keys = map lib.readFile [
../users/root/ssh/losurdo.pub
../users/julm/ssh/losurdo.pub
../users/julm/ssh/oignon.pub
+ ../users/julm/ssh/pumpkin.pub
../users/julm/ssh/redmi.pub
];
};
hashedPassword = "!";
extraGroups = [
];
- # If created, zfs-mount.service would require:
- # zfs set overlay=yes ${hostName}/home
createHome = true;
openssh.authorizedKeys.keys = map lib.readFile [
../users/sevy/ssh/patate.pub
#"ssh://nix-ssh@oignon.wg?priority=30"
];
trusted-public-keys = map lib.readFile [
- ../users/root/nix/oignon.pub
+ #../users/root/nix/oignon.pub
+ #../users/root/nix/pumpkin.pub
];
};
nixPath = lib.mkForce [ "nixpkgs=${inputs.nixpkgs}" ];
../users/julm/ssh/losurdo.pub
../users/sevy/ssh/patate.pub
../users/julm/ssh/oignon.pub
+ ../users/julm/ssh/pumpkin.pub
];
};
sourcephile / git / julm / julm-nix.git / blobdiff