# Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, lib, ... }: with lib; with lib.plusultra; { imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix ]; nix.settings.experimental-features = "nix-command flakes"; nix.settings.trusted-users = [ "@wheel" ]; programs = { bash = { ## shellInit = '' interactiveShellInit = '' bind '"\e[A": history-search-backward' bind '"\e[B": history-search-forward' ''; }; starship.enable = true; mosh.enable = true; vim.defaultEditor = true; fish.enable = true; }; # Bootloader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; networking.hostName = "sgx-nixos"; # Define your hostname. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. # Configure network proxy if necessary # networking.proxy.default = "http://user:password@proxy:port/"; # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; # Enable networking networking.networkmanager.enable = true; # Set your time zone. time.timeZone = "Europe/Berlin"; # Select internationalisation properties. i18n.defaultLocale = "en_US.UTF-8"; i18n.extraLocaleSettings = { LC_ADDRESS = "de_DE.UTF-8"; LC_IDENTIFICATION = "de_DE.UTF-8"; LC_MEASUREMENT = "de_DE.UTF-8"; LC_MONETARY = "de_DE.UTF-8"; LC_NAME = "de_DE.UTF-8"; LC_NUMERIC = "de_DE.UTF-8"; LC_PAPER = "de_DE.UTF-8"; LC_TELEPHONE = "de_DE.UTF-8"; LC_TIME = "de_DE.UTF-8"; }; # Configure keymap in X11 services.xserver = { layout = "us"; xkbVariant = ""; }; users.users.root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMNsmP15vH8BVKo7bdvIiiEjiQboPGcRPqJK0+bH4jKD harald@lenovo.fritz.box" "sk-ecdsa-sha2-nistp256@openssh.com AAAAInNrLWVjZHNhLXNoYTItbmlzdHAyNTZAb3BlbnNzaC5jb20AAAAIbmlzdHAyNTYAAABBBACLgT81iB1iWWVuXq6PdQ5GAAGhaZhSKnveQCvcNnAOZ5WKH80bZShKHyAYzrzbp8IGwLWJcZQ7TqRK+qZdfagAAAAEc3NoOg== harald@hoyer.xyz" "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIDsb/Tr69YN5MQLweWPuJaRGm+h2kOyxfD6sqKEDTIwoAAAABHNzaDo= harald@fedora.fritz.box" ]; virtualisation = { podman = { enable = true; # Create a `docker` alias for podman, to use it as a drop-in replacement dockerCompat = true; # For Nixos version > 22.11 defaultNetwork.settings = { dns_enabled = true; }; }; }; system.autoUpgrade = { enable = true; operation = "switch"; allowReboot = true; flags = [ "--update-input" "nixpkgs" ]; flake = "git+https://git.hoyer.xyz/harald/nixcfg#sgx-nixos"; }; security = { sudo = { enable = true; wheelNeedsPassword = false; }; }; # List packages installed in system profile. To search, run: # $ nix search wget environment.systemPackages = with pkgs; [ age delta gcc git git-delete-merged-branches gnumake htop mdadm mosh nixpkgs-fmt openssl rustup sops strace tmux tpm2-pkcs11 tpm2-pkcs11.out tpm2-tools vim wget ]; environment.shells = [ pkgs.fish pkgs.bash ]; # Some programs need SUID wrappers, can be configured further or are # started in user sessions. # programs.mtr.enable = true; # programs.gnupg.agent = { # enable = true; # enableSSHSupport = true; # }; # List services that you want to enable: # Enable the OpenSSH daemon. services.openssh.enable = true; # Open ports in the firewall. # networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ]; # Or disable the firewall altogether. # networking.firewall.enable = false; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "23.11"; # Did you read the comment? }