nixos/systems/prodesk-server/system.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95

{config, pkgs, ...}: {
  imports = [./hardware.nix];

  # Configure general settings.
  general-settings = {
    hostname = "prodesk-server";
    locale = "en_US.UTF-8";
    timezone = "America/New_York";
    stateVersion = "23.11";
  };

  age.secrets.server-user-password.file = ../../../secrets/user-passwords/prodesk-server/server.age;

  # Configure admin user.
  users.users."server" = {
    hashedPasswordFile = config.age.secrets.server-user-password.path;
    isNormalUser = true;
    description = "Server";
    openssh.authorizedKeys.keys = [
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMcc7hXixElOgv87LlY1LgCQ9oOT6Lj66wjCh1uRqpQt culsans@nzxt-desktop" # My Desktop
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM/HLlWDshs3Fn4pbTrUeSdo/2/YWuBEMpQX15ZR0RNv lucia@thinkpad-laptop" # My Laptop
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMqAf3T3uOGEyaNkR/BZ31Qj+z7eJQTcKXn26kO3iQYJ iphone-shortcut" # My iPhone Shortcuts
    ];
    extraGroups = [
      "networkmanager"
      "wheel"
      "audio"
      "video"

      "minecraft"
    ];
  };

  users.users."guest" = {
    isNormalUser = true;
    description = "Guest";
    # password = "";
    packages = with pkgs; [
      btop
      zellij
      helix
      custom-neovim
      fzf
    ];
    openssh.authorizedKeys.keys = [
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMcc7hXixElOgv87LlY1LgCQ9oOT6Lj66wjCh1uRqpQt culsans@nzxt-desktop" # My Desktop
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM/HLlWDshs3Fn4pbTrUeSdo/2/YWuBEMpQX15ZR0RNv lucia@thinkpad-laptop" # My Laptop

      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILXgxptRpuZw7GAbaCh+tw4eeAd3/GEOnINEDYlhh9UU ragin@LAPTOP-BB0TF8J5" # Alex's Desktop
    ];
  };

  # Enable features.
  features = {
    cli = {
      shells.nushell.enable = true;
      utils = {
        nh = {
          enable = true;
          flake = "/home/server/Sync/setup";
        };
      };
    };
    services = {
      core.systemd-boot.enable = true;
      extra = {
        udisks2.enable = true;
      };
    };
  };

  networking.domain = "lucia.garden";

  # Configure homelab modules.
  homelab = {
    core = {
      ssh.enable = true;
      caddy.enable = true;
    };
    cloud = {
      syncthing = {
        enable = true;
        user = "server";
      };
    };
    dev = {
      git.enable = true;
    };
    communications = {
    };
    games = {
      minecraft.enable = true;
    };
  };
}