aboutsummaryrefslogtreecommitdiff
path: root/modules/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'modules/default.nix')
-rw-r--r--modules/default.nix50
1 files changed, 50 insertions, 0 deletions
diff --git a/modules/default.nix b/modules/default.nix
new file mode 100644
index 0000000..7f71fab
--- /dev/null
+++ b/modules/default.nix
@@ -0,0 +1,50 @@
+{ config, nixpkgs, pkgs, lib, ... }:
+
+{
+ imports = [
+ ./users
+ ./crypto
+ ./wireguard
+ ./nix-settings.nix
+ ];
+
+ # Time and Locale
+ time.timeZone = "UTC";
+ i18n.defaultLocale = "en_US.UTF-8";
+ console = {
+ font = "Lat2-Terminus16";
+ keyMap = "us";
+ };
+
+ # Default Packages Set
+ environment.systemPackages = with pkgs; [ vim htop wget nftables wireguard-tools ];
+
+ # Wireguard
+ wireguard = {
+ enable = lib.mkDefault false;
+ v4 = { network = lib.mkDefault "10.10.0.0"; };
+ v6 = {
+ ula = lib.mkDefault "fd15:3d8c:d429:beef";
+ gua = lib.mkDefault "2a0f:9400:8020:beef";
+ };
+ };
+
+ # Security
+ networking.firewall.enable = false;
+ security.sudo.wheelNeedsPassword = false;
+ services.openssh = {
+ enable = true;
+ passwordAuthentication = false;
+ permitRootLogin = "no";
+ };
+
+ # CPU
+ powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
+ hardware.cpu.amd.updateMicrocode =
+ lib.mkDefault config.hardware.enableRedistributableFirmware;
+ hardware.cpu.intel.updateMicrocode =
+ lib.mkDefault config.hardware.enableRedistributableFirmware;
+
+ # System state version
+ system.stateVersion = lib.mkDefault "23.05";
+}
generated by cgit v1.2.3 (git 2.46.0) at 2026-02-15 21:38:34 +0000