{ config, lib, pkgs, ... }: { imports = [ ./ThinkCentre-M710q-zoro-hardware-configuration.nix ../modules/minimal-server.nix ]; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; networking = { hostName = "zoro"; domain = "mrflos.pw"; nameservers = ["80.67.169.12" "2001:910:800::12" "80.67.169.40" "2001:910:800::40"]; wg-quick.interfaces = { wg0 = { address = [ "10.42.0.3/32"]; dns = ["80.67.169.12" "2001:910:800::12" "80.67.169.40" "2001:910:800::40"]; privateKeyFile = "/etc/wireguard_private_key"; peers = [ { publicKey = "2MZzEGJzA3HrwkHf91TaKJEHwCNyVvsTLWoIYHrCxhY="; presharedKeyFile = "/etc/wireguard_preshared_key"; allowedIPs = [ "10.10.10.0/24" ]; endpoint = "195.201.63.240:8098"; persistentKeepalive = 15; } ]; }; }; }; time.timeZone = "Europe/Moscow"; i18n.defaultLocale = "en_US.UTF-8"; users.users.optisseur = { isNormalUser = true; extraGroups = [ "wheel" ]; initialPassword = "ACHANGER"; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBBM+2TwkopAQF7splTWjORQoxjcp67VhodwzvTMlL8g florian@florian-LinuxMint-MBP" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILRG0CyeeMMrrjTTm/PHgRXD/I4lH/bBPBCGUiL+cBdq douzeb@tux-12" ]; }; services.openssh.enable = true; services.openssh.ports = [ 4222 ]; services.openssh.settings = { PermitRootLogin = "no"; PasswordAuthentication = false; KbdInteractiveAuthentication = false; }; networking.firewall.allowedTCPPorts = [ 80 443 4222 ]; system.stateVersion = "24.05"; }