{ inputs, config, lib, pkgs, username, ... }: let flakeInputs = lib.filterAttrs (_: lib.isType "flake") inputs; in { networking.hostName = username; users.mutableUsers = false; users.users.${username} = { isNormalUser = true; extraGroups = [ "networkmanager" "wheel" ]; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBcGhVpjmWEw1GEw0y/ysJPa2v3+u/Rt/iES/Se2huH2 alexander0derevianko@gmail.com" ]; shell = pkgs.zsh; }; environment.systemPackages = with pkgs; [ vim wget ripgrep ]; programs = { zsh.enable = true; }; services.openssh = { enable = true; settings = { # Opinionated: forbid root login through SSH. PermitRootLogin = "no"; # Opinionated: use keys only. # Remove if you want to SSH using passwords PasswordAuthentication = false; }; }; nixpkgs = { # You can add overlays here overlays = [ ]; # Configure your nixpkgs instance config = { # Disable if you don't want unfree packages allowUnfree = true; }; }; nix = { settings = { # Enable flakes and new 'nix' command experimental-features = "nix-command flakes"; # Opinionated: disable global registry flake-registry = ""; # Allow user to reubild nixos without sudo trusted-users = [ "root" username ]; }; # Opinionated: disable channels channel.enable = false; # Opinionated: make flake registry and nix path match flake inputs registry = lib.mkDefault (lib.mapAttrs (_: flake: { inherit flake; }) flakeInputs); nixPath = lib.mapAttrsToList (n: _: "${n}=flake:${n}") flakeInputs; }; time.timeZone = "Europe/Warsaw"; # Select internationalisation properties. i18n = { defaultLocale = "en_US.UTF-8"; extraLocaleSettings = { LC_ADDRESS = "en_GB.UTF-8"; LC_IDENTIFICATION = "en_GB.UTF-8"; LC_MEASUREMENT = "en_GB.UTF-8"; LC_MONETARY = "en_GB.UTF-8"; LC_NAME = "en_GB.UTF-8"; LC_NUMERIC = "en_GB.UTF-8"; LC_PAPER = "en_GB.UTF-8"; LC_TELEPHONE = "en_GB.UTF-8"; LC_TIME = "en_GB.UTF-8"; }; }; security.rtkit.enable = true; }