Update system weekly

configuration.nix

@@ -34,16 +34,15 @@
   boot.cleanTmpDir = true;
 
   # Set hostname
-  networking.hostName = "zion";
+  networking.hostName = "aegis";
 
-  # Create coolneng user
+  # Create coace user
-  users.users.coolneng = {
+  users.users.coace = {
     isNormalUser = true;
-    home = "/home/coolneng";
+    extraGroups = [ "wheel" ];
-    extraGroups = [ "wheel" "docker" ];
+    openssh.authorizedKeys.keys = [''
-    openssh.authorizedKeys.keys = [
+      ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINNmNckWBxa2fQkUjWLHgQd32C272yB+f9kTcnooszd5 coolneng@panacea
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFRqINHR7/zc+c3/PuR+NeSsBHXXzBiEtFWSK6QaxQTW coolneng@panacea"
+    ''];
-    ];
     shell = "${pkgs.fish}/bin/fish";
   };
 
@@ -55,7 +54,6 @@
   services.timesyncd.enable = true;
 
   # Enable ZFS support
-  networking.hostId = "4e74ea68";
   boot.supportedFilesystems = [ "zfs" ];
 
   # Scrub zpool monthly
@@ -68,6 +66,7 @@
   system.autoUpgrade = {
     enable = true;
     allowReboot = true;
+    dates = "Sat *-*-* 04:40:00";
   };
 
   # Run Nix garbage collector, while avoiding recompilation
@@ -88,9 +87,9 @@
   programs.fish.enable = true;
   users.users.root = {
     shell = "${pkgs.fish}/bin/fish";
-    openssh.authorizedKeys.keys = [
+    openssh.authorizedKeys.keys = [''
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFRqINHR7/zc+c3/PuR+NeSsBHXXzBiEtFWSK6QaxQTW coolneng@panacea"
+      ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINNmNckWBxa2fQkUjWLHgQd32C272yB+f9kTcnooszd5 coolneng@panacea
-    ];
+    ''];
   };
 
   # Rotate logs after 7 days
@@ -99,20 +98,7 @@
   # Increase inotify limits
   boot.kernel.sysctl = { "fs.inotify.max_user_watches" = 204800; };
 
-  # MOTD message
-  programs.fish.interactiveShellInit = "${./scripts/motd.sh}";
-
   # Import other configuration modules
-  imports = [
+  imports = [ ./modules/hardware-configuration.nix ./modules/networking.nix ];
-    ./modules/hardware-configuration.nix
-    ./modules/networking.nix
-    ./modules/datasync.nix
-    ./modules/webstack.nix
-    ./modules/devops.nix
-    ./modules/monitoring.nix
-    ./modules/periodic.nix
-    ./modules/communication.nix
-    ./modules/information.nix
-  ];
 
 }

modules/hardware-configuration.nix

@@ -0,0 +1,24 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "usbhid" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/44444444-4444-4444-8888-888888888888";
+      fsType = "ext4";
+    };
+
+  swapDevices = [ ];
+
+  powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
+}

modules/networking.nix

@@ -0,0 +1,40 @@
+{ config, lib, pkgs, ... }:
+
+{
+  # Assign a static IP
+  networking = {
+    hostName = "aegis";
+    hostId = "78bb604d";
+    interfaces.eth0 = {
+      useDHCP = false;
+      ipv4.addresses = [{
+        address = "10.0.1.4";
+        prefixLength = 24;
+      }];
+    };
+    defaultGateway = {
+      address = "10.0.1.1";
+      interface = "eth0";
+    };
+    nameservers = [ "1.1.1.1" "8.8.8.8" ];
+    enableIPv6 = false;
+  };
+
+  # Enable zeroconf
+  services.avahi = {
+    enable = true;
+    nssmdns = true;
+    publish = {
+      enable = true;
+      addresses = true;
+      domain = true;
+    };
+  };
+
+  # Firewall configuration
+  networking.firewall = {
+    allowedTCPPorts = [ ];
+    allowedUDPPorts = [ ];
+  };
+
+}