diff --git a/modules/base.nix b/modules/base.nix
new file mode 100755
index 0000000..268ddda
--- /dev/null
+++ b/modules/base.nix
@@ -0,0 +1,76 @@
+{ config, pkgs, lib, ... }:
+
+{
+ imports =
+ [
+ ./monitoring.nix
+ ./users/Rory.nix
+ ./users/chris.nix
+ ];
+ boot = {
+ kernelPackages = pkgs.linuxPackages_latest;
+ kernelParams = [ "memory_hotplug.memmap_on_memory=1" "memhp_default_state=online" ];
+ loader = {
+ grub = {
+ enable = true;
+ version = 2;
+ devices = [ "/dev/sda" ]; # nodev for EFI only
+ # EFI
+ efiSupport = false;
+ efiInstallAsRemovable = false;
+ };
+ timeout = 1;
+ };
+ };
+
+ networking = {
+ hostName = lib.mkDefault "Spacebar-nix-base-server";
+ firewall = {
+ enable = false;
+ # allowedTCPPorts = [ ... ];
+ # allowedUDPPorts = [ ... ];
+ };
+
+ networkmanager.enable = false;
+ wireless.enable = false;
+ enableIPv6 = false;
+
+ useDHCP = false;
+ nameservers = [ "1.1.1.1" ];
+ defaultGateway = "192.168.1.1";
+ };
+
+ services = {
+ openssh = {
+ enable = true;
+ };
+ };
+
+
+ environment.systemPackages = with pkgs; [
+ wget
+ neofetch
+ lnav
+ git
+ lsd
+ htop
+ btop
+ duf
+ kitty.terminfo
+ neovim
+ ];
+
+ systemd.coredump.extraConfig = lib.mkDefault ''
+ Storage=none
+ '';
+
+ documentation.nixos.enable = false;
+ hardware.pulseaudio.enable = false;
+ i18n.defaultLocale = "en_US.UTF-8";
+ nix.settings.experimental-features = [ "nix-command" "flakes" ];
+ nixpkgs.config.allowUnfree = true;
+ security.sudo.wheelNeedsPassword = false;
+ security.polkit.enable = true;
+ sound.enable = false;
+ system.stateVersion = "22.11"; # DO NOT EDIT!
+}
diff --git a/modules/monitoring.nix b/modules/monitoring.nix
new file mode 100755
index 0000000..ce7bbcd
--- /dev/null
+++ b/modules/monitoring.nix
@@ -0,0 +1,51 @@
+{ config, pkgs, lib, ... }:
+
+{
+ services = {
+ prometheus = {
+ exporters = {
+ node = {
+ enable = true;
+ port = 9100;
+ enabledCollectors = [
+ "logind"
+ "systemd"
+ ];
+ disabledCollectors = [
+ #"textfile"
+ ];
+ };
+ };
+ };
+ promtail = {
+ enable = true;
+ configuration = {
+ server = {
+ http_listen_port = 3031;
+ grpc_listen_port = 0;
+ };
+ positions = {
+ filename = "/tmp/positions.yaml";
+ };
+ clients = [{
+ url = "https://loki.regional.seian.cloud/loki/api/v1/push";
+ }];
+ scrape_configs = [{
+ job_name = "journal";
+ journal = {
+ max_age = "12h";
+ labels = {
+ job = "systemd-journal";
+ host = "${toString config.networking.hostName}";
+ };
+ };
+ relabel_configs = [{
+ source_labels = [ "__journal__systemd_unit" ];
+ target_label = "unit";
+ }];
+ }];
+ };
+ };
+ };
+}
+
diff --git a/modules/users/Rory.nix b/modules/users/Rory.nix
new file mode 100755
index 0000000..fe51acc
--- /dev/null
+++ b/modules/users/Rory.nix
@@ -0,0 +1,29 @@
+{ config, pkgs, home-manager, ... }:
+{
+ users.users.Rory = {
+ isNormalUser = true;
+ extraGroups = [ "wheel" ];
+ packages = with pkgs; [
+ ];
+ initialPassword = "password";
+ openssh.authorizedKeys.keys = [
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILF2IuNu//0DP/wKMuDvBgVT3YBS2uULsipbdrhJCTM7 Rory-desktop"
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN/kNkY/E5b6rvCQLMaSbpLQ/xoyywIwVVu9uo2j/B6p Rory@RoryNix"
+ ];
+ };
+
+ home-manager.users.Rory = {
+ programs.git = {
+ enable = true;
+ userName = "TheArcaneBrony";
+ userEmail = "root@thearcanebrony.net";
+ extraConfig = {
+ safe = {
+ directory = "/";
+ };
+ };
+ };
+ home.stateVersion = "22.11";
+ };
+}
+
diff --git a/modules/users/chris.nix b/modules/users/chris.nix
new file mode 100755
index 0000000..bbb4eba
--- /dev/null
+++ b/modules/users/chris.nix
@@ -0,0 +1,14 @@
+{ config, pkgs, ... }:
+{
+ users.users.chris = {
+ isNormalUser = true;
+ extraGroups = [ "wheel" ];
+ packages = with pkgs; [
+ nano
+ ];
+ openssh.authorizedKeys.keys = [
+ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMd9U0+wKjBG3Q9Qg249xJY+ybYeRV9/VMPjuwKvFBEI"
+ ];
+ };
+}
+
|
