{ inputs, outputs, lib, config, pkgs, ... }: let vars = import ../../vars.nix; in { imports = [ inputs.hardware.nixosModules.common-pc-ssd inputs.disko.nixosModules.default ./hardware-configuration.nix (import ../../disko/btrfs-swap.nix {device = "/dev/nvme0n1";}) ./disko/zfs.nix ../common/global ../common/optional/systemd-boot.nix ../common/optional/gnome-keyring.nix ../common/optional/docker.nix ./sops.nix ./restic.nix ./arion # ./hydra.nix ./samba.nix ]; # Enable ZFS boot.supportedFilesystems = ["zfs"]; networking.hostId = "f014fc43"; services.zfs.autoScrub.enable = true; # Prevent server from getting stuck in emergency mode and non-connectable via SSH systemd.enableEmergencyMode = false; # Fix rebuild being stuck when Pihole is down due to docker restart systemd.services.NetworkManager-wait-online.enable = false; # Prevent zfs from being automounted by fstab auto discovery & zfs fileSystems."/storage/dataset".options = ["noauto"]; fileSystems."/storage".options = ["noauto"]; fileSystems."/home/ghoscht/.zfs" = { device = "/dev/disk/by-label/SECRET_KEYS"; fsType = "vfat"; }; users.mutableUsers = true; users.users.${vars.user} = { password = "changeme"; openssh.authorizedKeys.keys = [ #Desktop "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJd6Gut34abkwlZ4tZVBO4Qt7CkIpPm/Z8R6JCisjnYy openpgp:0xBD0CFCA0" #Convertible "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFlRsnLqm6Ap3yKEEhtFiWavo72df/X5Il1ZCmENUqev openpgp:0xDE189CA5" ]; }; security.pam.sshAgentAuth.enable = true; nixpkgs = { overlays = [ outputs.overlays.additions outputs.overlays.modifications outputs.overlays.unstable-packages ]; config = { allowUnfree = true; }; }; networking.hostName = "franz"; programs = { dconf.enable = true; }; services.openssh = { enable = true; settings.PasswordAuthentication = false; }; # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion system.stateVersion = "23.11"; }