{ config, lib, pkgs, ... }: { imports = [ ./hardware-configuration.nix ]; nix = { settings = { experimental-features = [ "nix-command" "flakes" ]; trusted-users = [ "@wheel" ]; auto-optimise-store = true; }; gc = { automatic = true; dates = "daily"; options = "--delete older-than 3d"; }; }; security.sudo.wheelNeedsPassword = false; networking= { useNetworkd = true; firewall.allowedTCPPorts = [ 22 ]; }; systemd.network = { enable = true; netdevs."br0" = { netdevConfig = { Name = "br0"; Kind = "bridge"; }; }; networks = { "10-lan" = { matchConfig.Name = ["ens18" "vm-*"]; networkConfig = { Bridge = "br0"; }; }; "10-lan-bridge" = { matchConfig.Name = "br0"; networkConfig = { Address = ["192.168.1.67/24"]; Gateway = "192.168.1.254"; DNS = ["192.168.1.254"]; IPv6AcceptRA = true; }; linkConfig.RequiredForOnline = "routable"; }; }; }; time.timeZone = "Europe/Paris"; i18n.defaultLocale = "fr_FR.UTF-8"; console = { useXkbConfig = true; # use xkb.options in tty. }; users.users = { tbarnouin = { isNormalUser = true; description = "Théo Barnouin"; extraGroups = [ "networkmanager" "wheel" "libvirtd" "docker" "render" "video" ]; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAxccGxdfOFXeEClqz3ULl94ubzaJnk4pUus+ek18G0B tbarnouin@nixos" ]; }; root = { openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAxccGxdfOFXeEClqz3ULl94ubzaJnk4pUus+ek18G0B tbarnouin@nixos" ]; }; }; environment.systemPackages = with pkgs; [ vim htop wget curl git neofetch libvirt qemu_kvm nmap ]; services = { openssh = { enable = true; settings = { PasswordAuthentication = false; X11Forwarding = false; PermitRootLogin = "prohibit-password"; }; }; qemuGuest.enable = true; }; system.stateVersion = "24.11"; # Did you read the comment? }