{ config, lib, pkgs, ... }: { imports = [ # Include the results of the hardware scan. ./ThinkCentre-M710q-zoro-hardware-configuration.nix ]; # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; networking = { hostName = "zoro"; domain = "mrflos.pw"; nameservers = ["80.67.169.12" "2001:910:800::12" "80.67.169.40" "2001:910:800::40"]; wg-quick.interfaces = { wg0 = { address = [ "10.10.10.3/32" "fd42::2/128" ]; dns = ["80.67.169.12" "2001:910:800::12" "80.67.169.40" "2001:910:800::40"]; privateKeyFile = "/etc/wireguard_private_key"; peers = [ { publicKey = "2MZzEGJzA3HrwkHf91TaKJEHwCNyVvsTLWoIYHrCxhY="; presharedKeyFile = "/etc/wireguard_preshared_key"; allowedIPs = [ "0.0.0.0/0" "::/0" ]; endpoint = "195.201.63.240:8098"; persistentKeepalive = 15; } ]; }; }; }; time.timeZone = "Europe/Moscow"; i18n.defaultLocale = "en_US.UTF-8"; imports = [ ../modules/minimal-server.nix ]; users.users.optisseur = { isNormalUser = true; extraGroups = [ "wheel" ]; initialPassword = "ACHANGER"; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBBM+2TwkopAQF7splTWjORQoxjcp67VhodwzvTMlL8g florian@florian-LinuxMint-MBP" ]; }; services.openssh.enable = true; services.openssh.ports = [ 4222 ]; services.openssh.settings = { PermitRootLogin = "no"; PasswordAuthentication = false; KbdInteractiveAuthentication = false; }; networking.firewall.allowedTCPPorts = [ 80 443 4222 ]; system.stateVersion = "24.05"; }