melodypond/configuration.nix
2023-10-04 08:42:32 -04:00

61 lines
1.4 KiB
Nix

{pkgs, ... }:
{
system.stateVersion = "23.05";
# Enables flakes and the updated `nix` command
nix.settings.experimental-features = [ "nix-command" "flakes" ];
# Enables opengl support
hardware.opengl.enable = true;
sound.enable = true;
# Includes packages needed for startx
services.xserver = {
enable = true;
displayManager.autoLogin.user = "appuser";
windowManager.fluxbox.enable = true;
};
environment.systemPackages = with pkgs; [
git btop tmux
];
users = {
# No need to edit users on a single-purpose system.
mutableUsers = false;
users = {
# My authorized keys are used for remote access
# CHANGE THIS if forking
geekygay = {
shell = pkgs.fish;
isNormalUser = true;
extraGroups = [ "wheel" "audio" ];
password = "";
openssh.authorizedKeys.keyFiles = [
./authorized_keys
];
};
# Unprivledged user for running the application.
appuser = {
isNormalUser = true;
extraGroups = [ "audio" ];
password = "";
};
};
};
programs.fish.enable = true;
security.sudo.wheelNeedsPassword = false; # Needed for colmena.
nix.settings.trusted-users = [ "root" "@wheel" ];
documentation.man.enable = false; # Takes way too long to build.
# Allow SSH with authorized keys only!
services.openssh = {
enable = true;
settings.PasswordAuthentication = false;
};
}