1 # This is the root configuration of the target machine.
 
   2 # Usable by nixos-install and used by nixops.
 
   3 # It is NOT copied nor usable on the target machine,
 
   4 # only the resulting closure is copied to the target machine.
 
   5 { pkgs, lib, config, options, ... }:
 
   7   inherit (builtins) readFile;
 
   8   inherit (builtins.extraBuiltins) pass pass-chomp;
 
  11   # This value determines the NixOS release with which your system is to be
 
  12   # compatible, in order to avoid breaking some software such as database servers.
 
  13   # You should change this only after NixOS release notes say you should.
 
  14   system.stateVersion = "19.09"; # Did you read the comment?
 
  17     trustedUsers = [ "julm" ];
 
  20   nixpkgs.overlays = import ../overlays.nix;
 
  23     [ ../nixos/defaults.nix
 
  38     domainBase = "sourcephile";
 
  39     domain     = "${domainBase}.fr";
 
  43   environment.etc."sudo.conf".text = ''
 
  44     Debug sudo /var/log/sudo_debug.log all@debug
 
  45     Debug sudoers.so /var/log/sudo_debug.log all@debug
 
  53         openssh.authorizedKeys.keys = [
 
  54           (readFile ../../sec/ssh/julm.pub)
 
  55           (readFile ../../sec/ssh/julm-mob.pub)
 
  60         hashedPassword = pass-chomp "servers/mermet/login/julm/hashedPassword";
 
  62         openssh.authorizedKeys.keys = [
 
  63           (readFile ../../sec/ssh/julm.pub)
 
  64           (readFile ../../sec/ssh/julm-mob.pub)
 
  65           (readFile ../../sec/ssh/julm-mermet.pub)
 
  84   systemd.coredump.enable = true;
 
  87     enableDebugInfo = true;
 
  88     systemPackages = with pkgs; [