1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57

let
  username = "jolheiser";
  key = ''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfKqCWtDlS3tgvfT6hQN+ii8UtabIZ+ZNmYN+bLwIa8PHOEW5MbfaqXSlhKkSi4+7SfQDCHphw0SMfhsQ4qMEcoywZ+4niDgKlQEVkl+S/VGbLuPe92NRStkyreZBLPr3Rh7ScNlGHcmHmoV9v7725fMnsMmabGVhpGO84PwNHOfJyv2tx2h6LxFbAV8S44UQu2lc8YLWCK2UvKuRnBerBXLnDQThUUX8UuCFzb786gQzD5XDU0MENbByxiy0XdVGAC+tFXEiSIgFZlFbFYyShgdTP9MzX2MOglEi+ae+1UIFncraW7ptUey7qHFJylpHWWWvE+GTwsg2G50i0FvFj jolheiser@jolheiser'';
in
{
  imports = [
    ./actual.nix
    ./caddy.nix
    ./dex.nix
    ./git-pr.nix
    ./golink.nix
    ./gotosocial.nix
    ./restic.nix
    ./soju.nix
    ./tandoor.nix
    ./tclip.nix
    ./ugit.nix
    ./vikunja.nix
    ./hardware.nix
  ];

  boot.tmp.cleanOnBoot = true;
  zramSwap.enable = true;

  networking = {
    hostName = "dragonwell";

    firewall = {
      enable = true;
      allowedTCPPorts = [
        80
        443
        6697
      ];
    };
  };

  services = {
    openssh.enable = true;
    tailscale.enable = true;
  };

  users.users = {
    "${username}" = {
      extraGroups = [
        "wheel"
        "docker"
        "storage"
      ];
      isNormalUser = true;
      openssh.authorizedKeys.keys = [ key ];
    };
    "root".openssh.authorizedKeys.keys = [ key ];
  };

  system.stateVersion = "22.11";
}