{ config, lib, pkgs, ... }: { imports = [ ./hardware-configuration.nix ]; networking.hostName = "arcturus"; time.timeZone = "Europe/London"; i18n.defaultLocale = "en_US.UTF-8"; console = { font = "Lat2-Terminus16"; keyMap = "us"; }; boot = { kernelPackages = pkgs.linuxPackages_latest; loader = { systemd-boot.enable = true; efi.canTouchEfiVariables = true; }; }; networking = { useNetworkd = false; useDHCP = false; nftables.enable = true; firewall = { allowedTCPPorts = [ 2222 ]; }; }; systemd.network = { enable = true; netdevs = { "10-bond0" = { netdevConfig = { Kind = "bond"; Name = "bond0"; }; bondConfig = { Mode = "802.3ad"; TransmitHashPolicy = "layer3+4"; LACPTransmitRate = "fast"; MIIMonitorSec = "100ms"; }; }; }; networks = { "30-eno1" = { matchConfig.Name = "eno1"; networkConfig.Bond = "bond0"; }; "30-eno2" = { matchConfig.Name = "eno2"; networkConfig.Bond = "bond0"; }; "40-bond0" = { matchConfig.Name = "bond0"; linkConfig = { RequiredForOnline = "carrier"; }; networkConfig.LinkLocalAddressing = "no"; networkConfig.DHCP = "yes"; vlan = [ "vlan1" ]; }; }; }; services = { openssh = { enable = true; ports = [2222]; settings = { PasswordAuthentication = false; PermitRootLogin = "no"; AllowUsers = ["foxora"]; UseDns = false; # enables rDNS lookup X11Forwarding = false; }; }; }; users.users.foxora = { isNormalUser = true; extraGroups = [ "wheel" ]; packages = with pkgs; [ tree ]; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE7NLaT/J1S/lwFp0YRHN5oTGhFoDYd2yaRKKsBVpqIv aurora@nixarawrui" ]; }; environment = { systemPackages = with pkgs; [ neovim git wget ]; variables = { EDITOR = "nvim"; }; }; system.stateVersion = "25.11"; }