diff options
Diffstat (limited to 'machines/beryllium.nix')
| -rw-r--r-- | machines/beryllium.nix | 104 |
1 files changed, 0 insertions, 104 deletions
diff --git a/machines/beryllium.nix b/machines/beryllium.nix deleted file mode 100644 index 3d0a452..0000000 --- a/machines/beryllium.nix +++ /dev/null @@ -1,104 +0,0 @@ -{ config, lib, pkgs, ... }: - -# My airgapped machine for generating and backing up security keys - -let - nixpkgs = builtins.fetchTarball (import ../nixpkgs.nix); -in { - - security.sudo.wheelNeedsPassword = false; - #security.pam.services."user".yubicoAuth = true; - #security.pam.yubico.enable = true; - #security.pam.yubico.control = "sufficient"; # pam.conf(5) - #security.pam.yubico.mode = "challenge-response"; # ykpamcfg(1) - #file."~/.yubico/authorized_yubikeys" = <list of keys>; - - networking = { - hostName = "beryllium"; - networkmanager.enable = false; - }; - - time.timeZone = "America/New_York"; - - environment.systemPackages = [ - pkgs.brightnessctl - ]; - - nixpkgs = { - config = { - allowUnfree = false; - allowBroken = false; - }; - }; - - hardware = { - enableAllFirmware = ; - bluetooth.enable = false; - }; - - programs = { - bash.enableCompletion = true; - command-not-found.enable = true; - light.enable = true; - gnupg.agent = { - enable = true; - enableSSHSupport = true; - }; - }; - - services = { - pcscd = { - enable = true; - }; - - printing.enable = true; - - xserver = { - enable = true; - autorun = true; - layout = "us"; - libinput.enable = true; - - xkbOptions = "caps:ctrl_modifier"; - - displayManager.sddm.enable = true; - - windowManager.xmonad.enable = true; - desktopManager = { - xterm.enable = true; - }; - }; - - # security stuff - clamav = { - daemon.enable = true; - }; - }; - - # Use the systemd-boot EFI boot loader. - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - - powerManagement.enable = false; - - nix = { - nixPath = [ - "nixpkgs=${nixpkgs}" - "nixos-config=/etc/nixos/configuration.nix" - "/nix/var/nix/profiles/per-user/root/channels" - ]; - binaryCaches = [ ]; - extraOptions = '' - keep-outputs = true - keep-derivations = true - builders-use-substitutes = true - ''; - }; - - # This value determines the NixOS release with which your system is to be - # compatible, in order to avoid breaking some software such as database - # servers. You should change this only after NixOS release notes say you - # should. - system.stateVersion = "19.03"; # Did you read the comment? - system.autoUpgrade.enable = false; -} |