{ pkgs, lib, config, shared, ... }: let inherit (builtins) readFile; inherit (config.users) users; in { imports = [ ../../members/julm.nix ]; nix.settings.trusted-users = [ users."julm".name ]; users = { mutableUsers = false; users = { root = { openssh.authorizedKeys.keys = users."julm".openssh.authorizedKeys.keys ++ [ (readFile (shared + "/hosts/losurdo/users/root/ssh/ed25519.pub")) ]; hashedPassword = "!"; }; }; groups = { wheel.members = [ users."julm".name ]; }; }; services.sanoid.datasets."rpool/home/julm/mail" = { use_template = [ "snap" ]; # Not until https://github.com/jimsalterjrs/sanoid/pull/342#issuecomment-980494511 has been fixed #hourly = 12; daily = 7; }; services.sanoid.datasets."rpool/home/julm/log" = { use_template = [ "snap" ]; # Not until https://github.com/jimsalterjrs/sanoid/pull/342#issuecomment-980494511 has been fixed #hourly = 12; daily = 7; monthly = 1; }; services.sanoid.datasets."rpool/backup/losurdo/home/julm/work" = { use_template = [ "prune" ]; daily = 31; }; networking.nftables.ruleset = '' table inet filter { chain output-net-julm { tcp dport { smtp, submissions } counter accept comment "SMTP" tcp dport nicname counter accept comment "Whois" tcp dport nntps counter accept comment "NNTPS" tcp dport ircs-u counter accept comment "IRCS" tcp dport hkp counter accept comment "HKP" } chain output-net { meta skuid ${users.julm.name} jump output-net-julm } } ''; }