{ config, pkgs, lib, ... }: with lib; let psCfg = config.pub-solar; xdg = config.home-manager.users."${psCfg.user.name}".xdg; in { imports = [ ./configuration.nix ]; config = { hardware.cpu.intel.updateMicrocode = true; pub-solar.core.disk-encryption-active = false; security.sudo.extraRules = [ { users = [ "${psCfg.user.name}" ]; commands = [ { command = "ALL"; options = [ "NOPASSWD" ]; } ]; } ]; systemd.user.services.ssh-tunnel-cloud-pub-solar = { unitConfig = { Description = "Reverse SSH connection to enable backups from IPv4-only to IPv6-only host"; After = [ "network.target" ]; }; serviceConfig = { Type = "simple"; ExecStart = "${pkgs.openssh}/bin/ssh -vvv -g -N -T -o 'ServerAliveInterval 10' -o 'ExitOnForwardFailure yes' -R 127.0.0.1:22022:localhost:22 root@cloud.pub.solar"; Restart = "always"; RestartSec = "5s"; }; }; }; }