feat: nixcloud config

2025-10-17 18:13:29 -03:00 · 2025-10-17 18:13:29 -03:00 · 959af7690d
commit 959af7690d
parent 634d7eb2e8
12 changed files with 113 additions and 152 deletions
--- a/hosts/Nixcloud/default.nix
+++ b/hosts/Nixcloud/default.nix
@ -6,20 +6,35 @@
  ...
 }:
 {
-  imports = [ ./users/nimbus/default.nix ];
-
-  boot.loader.systemd-boot.enable = true;
-
-  nixpkgs.overlays = [
-    (final: prev: {
-      libnitrokey = prev.libnitrokey.overrideAttrs (old: {
-        cmakeFlags = (old.cmakeFlags or [ ]) ++ [
-          "-DCMAKE_POLICY_VERSION_MINIMUM=3.5"
-        ];
-      });
-    })
+  imports = [
+    ./hardware-configuration.nix
+    ./networking.nix
  ];

+  boot.tmp.cleanOnBoot = true;
+  zramSwap.enable = true;
+  networking.hostName = "srv1065175";
+  networking.domain = "hstgr.cloud";
+  services.openssh.enable = true;
+  users.users = {
+    root.openssh.authorizedKeys.keyFiles = [
+      (builtins.fetchurl {
+        url = "https://meta.sr.ht/~sposito.keys";
+        name = "sposito-srht-keys";
+        sha256 = "1mf76x36kd1iaccy6l5f5xnbjqkm1fwf9giws9nb3bvgmj3c25wc";
+      })
+    ];
+    nimbus.openssh.authorizedKeys.keys = [
+      (builtins.fetchurl {
+        url = "https://meta.sr.ht/~sposito.keys";
+        name = "sposito-srht-keys";
+        sha256 = "1mf76x36kd1iaccy6l5f5xnbjqkm1fwf9giws9nb3bvgmj3c25wc";
+      })
+    ];
+  };
+
+  system.stateVersion = "23.11";
+
  environment = {
    shells = with pkgs; [ bash ];
    etc = lib.mapAttrs' (name: value: {
@ -27,23 +42,7 @@
      value.source = value.flake;
    }) config.nix.registry;
    systemPackages = with pkgs; [
-      ccid
-      exfat
-      file
-      fuse3
-      gcsfuse
      git
-      gnupg
-      libnitrokey
-      libusb1
-      nix-ld
-      opensc
-      pciutils
-      pcsc-safenet
-      pcsclite
-      pcsctools
-      pkcs11helper
-      rclone
      sops
      wget
    ];
@ -63,7 +62,6 @@
    };
  };

-  nixpkgs.config.allowUnfree = true;
  programs = {
    gnupg = {
      agent = {
@ -72,24 +70,6 @@
        pinentryPackage = pkgs.pinentry-tty;
      };
    };
-    nix-ld = {
-      enable = true;
-      libraries = with pkgs; [
-        glibc
-        zlib
-      ];
-    };
  };
-  services = {
-    pcscd.enable = true;
-    # xserver.displayManager.sessionCommands =
-    #   "${pkgs.xorg.xmodmap}/bin/xmodmap -e 'keycode 64 = Alt_L'";
-
-    udev.packages = [
-      pkgs.nitrokey-udev-rules
-    ];
-  };
-  users.groups.scard = { };
-
  time.timeZone = "America/Sao_Paulo";
 }