installer: add a configuration.nix template for easier installs

2022-10-05 07:32:37 -06:00 · 2022-10-05 07:32:37 -06:00 · 3fbcf03c7c
commit 3fbcf03c7c
parent 78bd38d9f2
2 changed files with 54 additions and 0 deletions
--- a/install_template.nix
+++ b/install_template.nix
@ -0,0 +1,49 @@
+{ config, pkgs, ... }:
+
+let
+  pubKeys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDM2k2C6Ufx5RNf4qWA9BdQHJfAkskOaqEWf8yjpySwH Nix Manager"
+    "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIB1cBO17AFcS2NtIT+rIxR2Fhdu3HD4de4+IsFyKKuGQAAAACnNzaDpsZXNzZXI="
+    "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIDEKElNAm/BhLnk4Tlo00eHN5bO131daqt2DIeikw0b2AAAABHNzaDo="
+    "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBBB/V8N5fqlSGgRCtLJMLDJ8Hd3JcJcY8skI0l+byLNRgQLZfTQRxlZ1yymRs36rXj+ASTnyw5ZDv+q2aXP7Lj0="
+    "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIHrYWbbgBkGcOntDqdMaWVZ9xn+dHM+Ap6s1HSAalL28AAAACHNzaDptYWlu"
+  ];
+in {
+  imports = [ ./hardware-configuration.nix ];
+
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+  boot.loader.efi.efiSysMountPoint = "/boot/efi";
+
+  networking.hostName = "changeme";
+
+  networking.networkmanager.enable = true;
+
+  time.timeZone = "America/Denver";
+
+  i18n.defaultLocale = "en_US.utf8";
+
+  services.xserver = {
+    layout = "us";
+    xkbVariant = "colemak";
+  };
+  console = { keyMap = "colemak"; };
+
+  users.users.qbit = {
+    isNormalUser = true;
+    description = "Aaron Bieber";
+    extraGroups = [ "networkmanager" "wheel" ];
+    packages = with pkgs; [ ];
+  };
+
+  environment.systemPackages = with pkgs; [ neovim nixfmt ];
+
+  services.openssh = {
+    enable = true;
+    permitRootLogin = "prohibit-password";
+  };
+
+  users.users.root = { openssh.authorizedKeys.keys = pubKeys; };
+
+  system.stateVersion = "22.05"; # Did you read the comment?
+}
--- a/installer.nix
+++ b/installer.nix
@ -119,6 +119,11 @@ in {
      openssh.authorizedKeys.keys = config.myconf.hwPubKeys;
    };

+    environment.etc."configuration-template.nix" = {
+      source = ./install_template.nix;
+      mode = "0644";
+    };
+
    services = {
      openntpd.enable = true;
      pcscd.enable = true;