Crablo
100 lines
2.0 KiB
Nix
100 lines
2.0 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
{
|
|
# VM Hardware Configuration
|
|
boot.loader.grub = {
|
|
enable = true;
|
|
device = "/dev/sda";
|
|
useOSProber = false;
|
|
};
|
|
|
|
# Filesystem — will be generated by nixos-generate-config, but override
|
|
fileSystems."/" = lib.mkDefault {
|
|
device = "/dev/disk/by-label/nixos";
|
|
fsType = "ext4";
|
|
};
|
|
fileSystems."/boot" = lib.mkDefault {
|
|
device = "/dev/disk/by-label/boot";
|
|
fsType = "vfat";
|
|
};
|
|
|
|
# Network
|
|
networking = {
|
|
hostName = "nixos-dev";
|
|
networkmanager.enable = true;
|
|
useDHCP = true;
|
|
firewall = {
|
|
enable = true;
|
|
allowedTCPPorts = [ 22 8000 8080 3000 ];
|
|
};
|
|
};
|
|
|
|
# QEMU Guest Agent (for Proxmox integration)
|
|
services.qemuGuest.enable = true;
|
|
|
|
# SSH
|
|
services.openssh = {
|
|
enable = true;
|
|
settings = {
|
|
PermitRootLogin = "no";
|
|
PasswordAuthentication = true; # change to no after keys deployed
|
|
};
|
|
};
|
|
|
|
# User configuration
|
|
users.users.konrad = {
|
|
isNormalUser = true;
|
|
extraGroups = [ "wheel" "docker" "networkmanager" ];
|
|
shell = pkgs.zsh;
|
|
# Temporary password — change after first login
|
|
initialPassword = "changeme";
|
|
};
|
|
|
|
# System-wide programs
|
|
programs = {
|
|
zsh.enable = true;
|
|
git.enable = true;
|
|
};
|
|
|
|
# System packages (minimal core)
|
|
environment.systemPackages = with pkgs; [
|
|
curl
|
|
git
|
|
vim
|
|
htop
|
|
];
|
|
|
|
# Docker
|
|
virtualisation.docker = {
|
|
enable = true;
|
|
enableOnBoot = true;
|
|
};
|
|
|
|
# Nix configuration
|
|
nix = {
|
|
settings = {
|
|
experimental-features = [ "nix-command" "flakes" ];
|
|
auto-optimise-store = true;
|
|
};
|
|
gc = {
|
|
automatic = true;
|
|
dates = "weekly";
|
|
options = "--delete-older-than 7d";
|
|
};
|
|
};
|
|
|
|
# Allow unfree packages
|
|
nixpkgs.config.allowUnfree = true;
|
|
|
|
# Auto-upgrades
|
|
system = {
|
|
stateVersion = "24.11";
|
|
autoUpgrade = {
|
|
enable = true;
|
|
allowReboot = false;
|
|
};
|
|
};
|
|
|
|
# Enable flakes in this boot configuration
|
|
boot.kernelPackages = pkgs.linuxPackages_latest;
|
|
}
|