2023-07-25 07:32:19 +00:00
|
|
|
{pkgs, ... }:
|
2023-05-07 02:04:36 +00:00
|
|
|
{
|
2023-07-25 07:32:19 +00:00
|
|
|
system.stateVersion = "23.05";
|
2023-08-03 20:00:12 +00:00
|
|
|
|
2023-08-03 20:26:44 +00:00
|
|
|
# Enables flakes and the updated `nix` command
|
2023-07-27 19:24:32 +00:00
|
|
|
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
2023-08-03 20:00:12 +00:00
|
|
|
|
2023-08-03 20:26:44 +00:00
|
|
|
# Enables opengl support
|
2023-07-27 19:24:32 +00:00
|
|
|
hardware.opengl.enable = true;
|
2023-07-25 07:32:19 +00:00
|
|
|
|
2023-08-03 20:26:44 +00:00
|
|
|
# Includes packages needed for startx
|
2023-07-27 19:24:32 +00:00
|
|
|
environment.systemPackages = with pkgs; [
|
2023-08-03 20:00:12 +00:00
|
|
|
xorg.xauth xorg.xinit
|
2023-08-03 20:26:44 +00:00
|
|
|
];
|
2023-07-27 19:24:32 +00:00
|
|
|
|
2023-08-03 18:11:59 +00:00
|
|
|
users = {
|
2023-08-03 20:26:44 +00:00
|
|
|
# No need to edit users on a single-purpose system.
|
2023-08-03 18:11:59 +00:00
|
|
|
mutableUsers = false;
|
|
|
|
|
users = {
|
2023-08-03 20:26:44 +00:00
|
|
|
# My authorized keys are used for remote access
|
|
|
|
|
# CHANGE THIS if forking
|
2023-08-03 18:11:59 +00:00
|
|
|
root.openssh.authorizedKeys.keyFiles = [
|
|
|
|
|
./authorized_keys
|
|
|
|
|
];
|
2023-08-03 20:26:44 +00:00
|
|
|
# Unprivledged user for running the application.
|
2023-08-03 18:11:59 +00:00
|
|
|
appuser = {
|
|
|
|
|
isNormalUser = true;
|
|
|
|
|
group = "appuser";
|
|
|
|
|
password = "";
|
|
|
|
|
packages = with pkgs; [
|
|
|
|
|
graphfix
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
2023-08-03 20:26:44 +00:00
|
|
|
# Allow SSH with authorized keys only!
|
2023-08-03 18:11:59 +00:00
|
|
|
services.openssh = {
|
|
|
|
|
enable = true;
|
|
|
|
|
settings.PasswordAuthentication = false;
|
2023-05-07 02:04:36 +00:00
|
|
|
};
|
|
|
|
|
}
|
|
|
|
|
|
