{ config, pkgs, lib, ... }: { imports = [ ../../base.nix ./hardware-configuration.nix ./desktop ]; networking = { interfaces.eno1 = { useDHCP = true; ipv6.addresses = [ { address = "2001:700:300:22::15"; prefixLength = 64; } ]; }; tempAddresses = "disabled"; hostName = "felixalbpc"; nameservers = [ "129.241.0.200" "129.241.0.201" "2001:700:300::200" "2001:700:300::201" ]; domain = "it.ntnu.no"; hostId = "f458d6aa"; search = [ "it.ntnu.no" "ntnu.no" ]; # Allow SSH from IT and SSH gateways firewall.extraCommands = '' # IT VPN iptables -I nixos-fw -p tcp -m tcp --dport 22 --source 129.241.117.0/24 -j nixos-fw-accept ip6tables -I nixos-fw -p tcp -m tcp --dport 22 --source 2001:700:301:12::/63 -j nixos-fw-accept # SSHGW iptables -I nixos-fw -p tcp -m tcp --dport 22 --source 129.241.160.72/32 -j nixos-fw-accept ip6tables -I nixos-fw -p tcp -m tcp --dport 22 --source 2001:700:300:6::72/128 -j nixos-fw-accept # SSHGW iptables -I nixos-fw -p tcp -m tcp --dport 22 --source 129.241.210.217/32 -j nixos-fw-accept ip6tables -I nixos-fw -p tcp -m tcp --dport 22 --source 2001:700:300:1900::1:217/128 -j nixos-fw-accept ''; firewall.extraStopCommands = '' iptables -F nixos-fw ip6tables -F nixos-fw ''; }; console.keyMap = "no"; nixpkgs.config = { allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ "copilot.vim" "keymapp" "tlclient" ]; }; services.openssh.openFirewall = false; users.users.felixalb = { uid = 1328256; openssh.authorizedKeys.keys = [ ]; }; hardware.keyboard.zsa.enable = true; system.stateVersion = "24.05"; }