{ config, pkgs, lib, flake, ... }: let psCfg = config.pub-solar; xdg = config.home-manager.users."${psCfg.user.name}".xdg; in { config = { age.secrets.docker-ci-runner-secrets = { file = "${flake.self}/secrets/docker-ci-runner-secrets.age"; mode = "600"; owner = "999"; }; pub-solar.terminal-life.full = true; #pub-solar.docker-ci-runner = { # enable = false; # runnerEnvironment = { # DRONE_RUNNER_CAPACITY = "1"; # DRONE_RUNNER_LABELS = "hosttype:baremetal"; # }; # runnerVarsFile = config.age.secrets.docker-ci-runner-secrets.path; #}; boot.kernelParams = [ "amd_pstate=active" ]; boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; # Required for WakeOnLan boot.initrd = { availableKernelModules = [ "r8169" ]; network = { enable = true; udhcpc.enable = true; flushBeforeStage2 = true; ssh = { enable = true; # To prevent ssh clients from freaking out because a different host key is used, # a different port for ssh is useful (assuming the same host has also a regular sshd running) port = 2222; # Please create this manually the first time. # sudo ssh-keygen -t ed25519 -N "" -f /etc/secrets/initrd/ssh_host_ed25519_key hostKeys = [ "/etc/secrets/initrd/ssh_host_ed25519_key" ]; authorizedKeys = psCfg.user.publicKeys; }; postCommands = '' # Automatically ask for the password on SSH login echo 'cryptsetup-askpass || echo "Unlock was successful; exiting SSH session" && exit 1' >> /root/.profile ''; }; }; services.fstrim.enable = true; services.tailscale.enable = true; services.openssh = { enable = true; openFirewall = true; allowSFTP = true; }; networking.hostName = "ryzensun"; hardware.keyboard.uhk.enable = true; hardware.cpu.amd.updateMicrocode = true; home-manager.users."${psCfg.user.name}".xdg.configFile = { "sway/config.d/10-custom-keybindings.conf".source = ./.config/sway/config.d/custom-keybindings.conf; "sway/config.d/autostart.conf".source = ./.config/sway/config.d/autostart.conf; "sway/config.d/input-defaults.conf".source = ./.config/sway/config.d/input-defaults.conf; "sway/config.d/screens.conf".source = ./.config/sway/config.d/screens.conf; }; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "21.05"; # Did you read the comment? }; }