{ config , pkgs , nixos-hardware , ... }: { imports = [ (nixos-hardware + "/common/pc/ssd") (nixos-hardware + "/common/cpu/amd") (nixos-hardware + "/common/cpu/amd/pstate.nix") ./settings/base.nix ./settings/configuration/berlin.nix ./settings/configuration/british-english.nix ./settings/configuration/nix.nix ./settings/configuration/user.nix ./settings/hardware/audio.nix ./settings/hardware/bare-metal.nix ./settings/hardware/personal-computer.nix ./settings/hardware/mouse.nix ./settings/hardware/systemd-boot.nix ./settings/hardware/nvidia-gpu.nix ./settings/hardware/keyboard.nix ./settings/services/syncthing.nix ./settings/services/zeroconf.nix ./settings/user-interface.nix ./settings/programs/base.nix ./settings/programs/gnupg.nix ./settings/programs/xfce.nix ./settings/programs/shell.nix ./settings/gaming.nix ]; services.xserver.screenSection = '' Option "MetaModes" "2560x1440_165 +0+0 { ForceCompositionPipeline=On }" ''; services.xserver.monitorSection = '' Option "DPMS" ''; boot.kernelPackages = pkgs.linuxPackages_xanmod; boot.extraModulePackages = with config.boot.kernelPackages; [ zenpower ]; boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "sd_mod" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-amd" ]; fileSystems = { "/" = { device = "/dev/disk/by-partlabel/nixos-root"; fsType = "f2fs"; options = [ "atgc" "gc_merge" "lazytime" "nodiscard" ]; }; "/boot" = { device = "/dev/disk/by-partlabel/efi-boot"; fsType = "vfat"; }; "/home" = { device = "/dev/disk/by-partlabel/home"; fsType = "ext4"; options = [ "lazytime" "nodiscard" ]; }; "/mnt/data" = { device = "/dev/disk/by-partlabel/data"; fsType = "ntfs3"; options = [ "uid=1000" "gid=100" "x-systemd-automount" "nofail" ]; }; }; swapDevices = [ { label = "swap"; discardPolicy = "once"; } ]; services.xserver = { xautolock.enable = pkgs.lib.mkForce false; }; services.postgresql = { enableTCPIP = true; authentication = '' # TYPE DATABASE USER ADDRESS METHOD host all all samenet md5 ''; }; services.openssh = { enable = true; openFirewall = false; startWhenNeeded = true; }; systemd.services."ssh-no-sleep@" = { bindsTo = [ "sshd@%i.service" ]; wantedBy = [ "sshd@.service" ]; serviceConfig.ExecStart = "${pkgs.systemd}/bin/systemd-inhibit --mode block --what sleep --who 'ssh session '%I --why 'session still active' ${pkgs.coreutils}/bin/sleep infinity"; }; # needed to resolve local hostname overrides services.resolved.dnssec = "false"; networking = { useNetworkd = true; interfaces.enp6s0 = { useDHCP = true; }; }; networking.nftables = { enable = true; }; networking.firewall = { allowedTCPPorts = [ 80 443 139 445 1024 ]; extraInputRules = '' ip saddr 10.0.0.0/8 accept ip6 saddr { fd00::/8, fe80::/10 } accept ''; }; networking = { hostName = "prefect"; }; system.stateVersion = "23.05"; boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; nix.settings.trusted-users = [ "root" "nixremote" ]; users.users.nixremote = { shell = "/bin/sh"; isNormalUser = true; home = "/var/lib/nixremote"; createHome = true; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBxa7lxDu0M4chats/VvpFzjT3ruexKa3J9UC6ASo3bN root@NanoPi.lan" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE9of82WBHK8nr8L9RGeieLMfcAWaFCeCkmvYHM9LCuT nanopi" ]; }; }