nix-configs/nixos/common.nix

{
  pkgs,
  config,
  sops-nix,
  ...
}:

{
  imports = [
    sops-nix.nixosModules.sops
  ];

  nix.settings.experimental-features = "nix-command flakes";

  sops = {
    defaultSopsFile = ../secrets.yaml;
    validateSopsFiles = false;

    age = {
      sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
      keyFile = "/var/lib/sops-nix/key.txt";
      generateKey = true;
    };

    secrets.irl-password.neededForUsers = true;
  };

  time.timeZone = "Europe/London";

  i18n.defaultLocale = "en_GB.UTF-8";

  i18n.extraLocaleSettings = {
    LC_ADDRESS = "en_GB.UTF-8";
    LC_IDENTIFICATION = "en_GB.UTF-8";
    LC_MEASUREMENT = "en_GB.UTF-8";
    LC_MONETARY = "en_GB.UTF-8";
    LC_NAME = "en_GB.UTF-8";
    LC_NUMERIC = "en_GB.UTF-8";
    LC_PAPER = "en_GB.UTF-8";
    LC_TELEPHONE = "en_GB.UTF-8";
    LC_TIME = "en_GB.UTF-8";
  };

  users.mutableUsers = false;

  users.users.irl = {
    isNormalUser = true;
    description = "irl";
    hashedPasswordFile = config.sops.secrets.irl-password.path;
    extraGroups = [
      "networkmanager"
      "wheel"
    ];
    openssh.authorizedKeys.keys = [
      "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIJpoCJEax0XTNK6qfYfZV60euSwoc0RQ0bwFDQGMWYQnAAAABHNzaDo="
    ];
  };

  nixpkgs.config.allowUnfree = true;

  environment.systemPackages = with pkgs; [
    curl
    home-manager
    neovim
    wget
  ];
}
feat: set irl's password 2025-06-13 18:57:19 +01:00			`{`
			`pkgs,`
			`config,`
			`sops-nix,`
			`...`
			`}:`
feat: initial commit 2025-06-06 06:46:08 +01:00
			`{`
feat: set irl's password 2025-06-13 18:57:19 +01:00			`imports = [`
			`sops-nix.nixosModules.sops`
			`];`

feat: initial commit 2025-06-06 06:46:08 +01:00			`nix.settings.experimental-features = "nix-command flakes";`

feat: set irl's password 2025-06-13 18:57:19 +01:00			`sops = {`
			`defaultSopsFile = ../secrets.yaml;`
			`validateSopsFiles = false;`

			`age = {`
			`sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];`
			`keyFile = "/var/lib/sops-nix/key.txt";`
			`generateKey = true;`
			`};`

			`secrets.irl-password.neededForUsers = true;`
			`};`

feat: initial commit 2025-06-06 06:46:08 +01:00			`time.timeZone = "Europe/London";`

			`i18n.defaultLocale = "en_GB.UTF-8";`

			`i18n.extraLocaleSettings = {`
			`LC_ADDRESS = "en_GB.UTF-8";`
			`LC_IDENTIFICATION = "en_GB.UTF-8";`
			`LC_MEASUREMENT = "en_GB.UTF-8";`
			`LC_MONETARY = "en_GB.UTF-8";`
			`LC_NAME = "en_GB.UTF-8";`
			`LC_NUMERIC = "en_GB.UTF-8";`
			`LC_PAPER = "en_GB.UTF-8";`
			`LC_TELEPHONE = "en_GB.UTF-8";`
			`LC_TIME = "en_GB.UTF-8";`
			`};`
feat: move users and base packages to common.nix 2025-06-10 21:40:49 +01:00
feat: set irl's password 2025-06-13 18:57:19 +01:00			`users.mutableUsers = false;`

feat: move users and base packages to common.nix 2025-06-10 21:40:49 +01:00			`users.users.irl = {`
			`isNormalUser = true;`
			`description = "irl";`
feat: set irl's password 2025-06-13 18:57:19 +01:00			`hashedPasswordFile = config.sops.secrets.irl-password.path;`
feat: move users and base packages to common.nix 2025-06-10 21:40:49 +01:00			`extraGroups = [`
			`"networkmanager"`
			`"wheel"`
			`];`
feat: install irl's ssh key 2025-06-10 22:41:38 +01:00			`openssh.authorizedKeys.keys = [`
			`"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIJpoCJEax0XTNK6qfYfZV60euSwoc0RQ0bwFDQGMWYQnAAAABHNzaDo="`
			`];`
feat: move users and base packages to common.nix 2025-06-10 21:40:49 +01:00			`};`

			`nixpkgs.config.allowUnfree = true;`

			`environment.systemPackages = with pkgs; [`
			`curl`
			`home-manager`
			`neovim`
			`wget`
			`];`
feat: initial commit 2025-06-06 06:46:08 +01:00			`}`