{ inputs, pkgs, config, lib, ... }: { imports = [ inputs.agenix.nixosModules.default ./hardware-configuration.nix ../../modules/nixos/tailscale.nix ../../modules/nixos/matrix.nix ]; # Workaround for https://github.com/NixOS/nix/issues/8502 services.logrotate.checkConfig = false; boot = { tmp.cleanOnBoot = true; }; zramSwap.enable = true; security.sudo.extraConfig = '' Defaults lecture = never Defaults pwfeedback Defaults env_keep += "DISPLAY EDITOR PATH" ''; networking = { hostName = "nimbus"; networkmanager.enable = true; domain = "subnet03200816.vcn03200816.oraclevcn.com"; }; nix = { settings = { experimental-features = [ "nix-command" "flakes" ]; trusted-users = [ "jan" ]; }; }; users.users.jan = { isNormalUser = true; description = "Jan Kremer"; extraGroups = [ "networkmanager" "wheel" ]; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPTpgedzJ7vs3GMOjUeQGkAzGhNZRhvMMz9Z1whaWieE jan@malus" ]; }; services = { openssh = { enable = true; settings = { PermitRootLogin = "no"; # Root-Login sperren PasswordAuthentication = false; # Nur SSH-Keys }; }; }; programs = { git = { enable = true; lfs = { enable = true; enablePureSSHTransfer = true; }; }; gnupg.agent = { enable = true; enableSSHSupport = true; }; nh = { enable = true; clean = { enable = true; extraArgs = "--keep-since 7d --keep 3"; }; flake = "${config.users.users.jan.home}/.config/nix"; }; }; # environment.systemPackages = with pkgs; [ # helix # claude-code # ]; nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ "claude-code" ]; time.timeZone = "Europe/Berlin"; i18n.defaultLocale = "de_DE.UTF-8"; system.stateVersion = "23.11"; # Don't change! }