NixOS-Config/nixos/shared/default.nix

{
  inputs,
  outputs,
  lib,
  config,
  pkgs,
  ...
}: {
  imports = [
    ./locale
    ./packages
  ];
  sops.age.keyFile = ../../../../../../var/secrets/keys.txt;
  sops.secrets."lillian-password".neededForUsers = true;

  nix = {
    package = pkgs.nixFlakes;
    gc = {
      automatic = true;
      dates = "weekly";
      options = "--delete-older-than 7d";
    };
    # This will add each flake input as a registry
    # To make nix3 commands consistent with your flake
    registry = lib.mapAttrs (_: value: {flake = value;}) inputs;

    # This will additionally add your inputs to the system's legacy channels
    # Making legacy nix commands consistent as well, awesome!
    nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;

    settings = {
      # Enable flakes and new 'nix' command
      experimental-features = "nix-command flakes";
      # Deduplicate and optimize nix store
      auto-optimise-store = true;
    };
  };

  users.users.lillian = {
    isNormalUser = true;
    extraGroups = ["sudo" "networkmanager" "wheel" "vboxsf" "docker"];
    shell = pkgs.zsh;
    hashedPasswordFile = config.sops.secrets."lillian-password".path;
    openssh.authorizedKeys.keys = [
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGatnsrKMoZSW24Lw4meb6BAgHgeyN/8rUib4nZVT+CB lillian@EDI"
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC7+LEQnC/nlYp7nQ4p6hUCqaGiqfsA3Mg8bSy+zA8Fj lillian@GLaDOS"
    ];
  };

  programs.zsh = {
    enable = true;
  };

  # Enable completion of system packages by zsh
  environment.pathsToLink = ["/share/zsh"];

  environment.interactiveShellInit = ''
    alias cd='z'
  '';

  users.mutableUsers = false;

  users.users.root = {
    hashedPassword = "*";
  };
}
Big refactor, test first 2024-02-07 13:50:03 +01:00			`{`
			`inputs,`
			`outputs,`
			`lib,`
			`config,`
			`pkgs,`
			`...`
			`}: {`
			`imports = [`
			`./locale`
			`./packages`
			`];`
Set password for all hosts, made sops look at the same folder for the key file for all hosts (move in queen) 2024-02-22 13:01:31 +01:00			`sops.age.keyFile = ../../../../../../var/secrets/keys.txt;`
Put user definition in the shared file to reduce duplicate code 2024-02-22 12:52:10 +01:00			`sops.secrets."lillian-password".neededForUsers = true;`

Home manager configuration says this is needed, don't know why, also small refactor to put nix config in shared 2024-03-03 20:55:49 +01:00			`nix = {`
			`package = pkgs.nixFlakes;`
			`gc = {`
			`automatic = true;`
			`dates = "weekly";`
			`options = "--delete-older-than 7d";`
			`};`
			`# This will add each flake input as a registry`
			`# To make nix3 commands consistent with your flake`
			`registry = lib.mapAttrs (_: value: {flake = value;}) inputs;`

			`# This will additionally add your inputs to the system's legacy channels`
			`# Making legacy nix commands consistent as well, awesome!`
			`nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;`

			`settings = {`
			`# Enable flakes and new 'nix' command`
			`experimental-features = "nix-command flakes";`
			`# Deduplicate and optimize nix store`
			`auto-optimise-store = true;`
			`};`
			`};`

Put user definition in the shared file to reduce duplicate code 2024-02-22 12:52:10 +01:00			`users.users.lillian = {`
			`isNormalUser = true;`
			`extraGroups = ["sudo" "networkmanager" "wheel" "vboxsf" "docker"];`
			`shell = pkgs.zsh;`
			`hashedPasswordFile = config.sops.secrets."lillian-password".path;`
			`openssh.authorizedKeys.keys = [`
			`"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGatnsrKMoZSW24Lw4meb6BAgHgeyN/8rUib4nZVT+CB lillian@EDI"`
			`"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC7+LEQnC/nlYp7nQ4p6hUCqaGiqfsA3Mg8bSy+zA8Fj lillian@GLaDOS"`
			`];`
			`};`

Move some zsh config around to shared 2024-03-04 16:11:01 +01:00			`programs.zsh = {`
			`enable = true;`
			`};`

			`# Enable completion of system packages by zsh`
			`environment.pathsToLink = ["/share/zsh"];`

Needs to be in there instead 2024-03-04 16:17:16 +01:00			`environment.interactiveShellInit = ''`
			`alias cd='z'`
			`'';`

Put user definition in the shared file to reduce duplicate code 2024-02-22 12:52:10 +01:00			`users.mutableUsers = false;`

			`users.users.root = {`
			`hashedPassword = "*";`
			`};`
Big refactor, test first 2024-02-07 13:50:03 +01:00			`}`