Created
April 17, 2026 08:50
-
-
Save daemonfire300/eb978b7ce5b16371d863ef36dab04f72 to your computer and use it in GitHub Desktop.
configuration.nix
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| config, | |
| pkgs, | |
| lib, | |
| ... | |
| }: | |
| { | |
| imports = [ | |
| ./hardware-configuration.nix | |
| ./disko-base.nix | |
| ]; | |
| nix.settings.experimental-features = [ | |
| "nix-command" | |
| "flakes" | |
| ]; | |
| nix.gc = { | |
| automatic = true; | |
| dates = "weekly"; | |
| options = "--delete-older-than 14d"; | |
| }; | |
| nix.settings.trusted-users = [ | |
| "root" | |
| "julius" | |
| "@wheel" | |
| ]; | |
| networking.useDHCP = true; | |
| # Use the GRUB 2 boot loader. | |
| boot.loader.systemd-boot.enable = true; | |
| boot.loader.efi.canTouchEfiVariables = false; | |
| # Proxmox integration | |
| services.qemuGuest.enable = true; | |
| services.cloud-init.enable = true; | |
| services.cloud-init.network.enable = true; | |
| # Helpful for console access in Proxmox | |
| services.getty.autologinUser = lib.mkDefault "root"; | |
| systemd.services."serial-getty@ttyS0".enable = true; | |
| # Drivers are usually auto-detected, but being explicit is harmless | |
| boot.initrd.availableKernelModules = [ | |
| "virtio_pci" | |
| "virtio_blk" | |
| "virtio_scsi" | |
| "ahci" | |
| "sd_mod" | |
| "sr_mod" | |
| "xhci_pci" | |
| ]; | |
| # Use latest kernel. | |
| boot.kernelPackages = pkgs.linuxPackages_latest; | |
| time.timeZone = "Europe/Berlin"; | |
| virtualisation.oci-containers = { | |
| backend = "podman"; | |
| }; | |
| users.users.julius = { | |
| initialPassword = "initial"; | |
| isNormalUser = true; | |
| extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. | |
| packages = with pkgs; [ | |
| tree | |
| neovim | |
| vim | |
| dnsutils | |
| git | |
| curl | |
| wget | |
| ]; | |
| openssh.authorizedKeys.keys = [ | |
| "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP2SNF1GyBFcYimvQyughV7WRgnEGR5NVx9AvsnDBggq info@accountr.eu" | |
| "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK7zBc1ou/D2Pu8IEkHehsdyu/B8yEp8way5VixItrEM julius@desktop-nixos" | |
| ]; | |
| }; | |
| users.users.root = { | |
| openssh.authorizedKeys.keys = [ | |
| "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP2SNF1GyBFcYimvQyughV7WRgnEGR5NVx9AvsnDBggq info@accountr.eu" | |
| "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK7zBc1ou/D2Pu8IEkHehsdyu/B8yEp8way5VixItrEM julius@desktop-nixos" | |
| ]; | |
| }; | |
| environment.systemPackages = with pkgs; [ | |
| neovim | |
| wget | |
| dnsutils | |
| git | |
| curl | |
| rage | |
| ]; | |
| # Some programs need SUID wrappers, can be configured further or are | |
| # started in user sessions. | |
| # programs.mtr.enable = true; | |
| programs.gnupg.agent = { | |
| enable = true; | |
| enableSSHSupport = true; | |
| }; | |
| services.openssh = { | |
| enable = true; | |
| settings.PasswordAuthentication = false; | |
| settings.KbdInteractiveAuthentication = false; | |
| }; | |
| system.stateVersion = "25.11"; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment