{ config, lib, pkgs, ... }: { imports = [ ./hardware-configuration.nix ]; networking.hostName = "arcturus"; # Enable the Flakes feature and the accompaying new nix command-line tool nix.settings = { experimental-features = ["nix-command" "flakes"]; download-buffer-size = 524288000; trusted-users = ["root" "@wheel"]; }; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; networking = { useNetworkd = false; useDHCP = false; nftables.enable = true; firewall = { allowedTCPPorts = [ 2222 ]; }; }; systemd.network = { enable = true; netdevs = { "10-bond0" = { netdevConfig = { Kind = "bond"; Name = "bond0"; }; bondConfig = { Mode = "802.3ad"; TransmitHashPolicy = "layer3+4"; LACPTransmitRate = "fast"; MIIMonitorSec = "100ms"; }; }; }; networks = { "30-eno1" = { matchConfig.Name = "eno1"; networkConfig.Bond = "bond0"; }; "30-eno2" = { matchConfig.Name = "eno2"; networkConfig.Bond = "bond0"; }; "40-bond0" = { matchConfig.Name = "bond0"; linkConfig = { RequiredForOnline = "carrier"; }; networkConfig.LinkLocalAddressing = "no"; networkConfig.DHCP = "yes"; vlan = [ "vlan1" ]; }; }; }; time.timeZone = "Europe/London"; i18n.defaultLocale = "en_US.UTF-8"; console = { font = "Lat2-Terminus16"; keyMap = "us"; }; users.users.foxora = { isNormalUser = true; extraGroups = [ "wheel" ]; packages = with pkgs; [ tree ]; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE7NLaT/J1S/lwFp0YRHN5oTGhFoDYd2yaRKKsBVpqIv aurora@nixarawrui" ]; }; environment.systemPackages = with pkgs; [ git neovim wget ]; services = { openssh = { enable = true; ports = [2222]; settings = { PasswordAuthentication = false; PermitRootLogin = "no"; AllowUsers = ["foxora"]; UseDns = false; # enables rDNS lookup X11Forwarding = false; }; }; }; security = { sudo = { enable = true; wheelNeedsPassword = true; }; pam = { sshAgentAuth.enable = true; services.sudo.sshAgentAuth = true; # pam_ssh_agent_auth module }; }; system.stateVersion = "25.11"; }