flake

nixos/hephaestus/configuration.nix

@@ -5,10 +5,9 @@
 { config, pkgs, ... }:
 
 {
-  imports =
+  imports = [ # Include the results of the hardware scan.
-    [ # Include the results of the hardware scan.
+    ./hardware-configuration.nix
-      ./hardware-configuration.nix
+  ];
-    ];
 
   # Bootloader.
   boot.loader.systemd-boot.enable = true;
@@ -23,10 +22,12 @@
 
   # Enable networking
   networking.networkmanager.enable = true;
+  networking.defaultGateway.address = "192.168.1.1";
   networking.interfaces.enp3s0.ipv4.addresses = [{
     address = "192.168.1.25";
     prefixLength = 24;
   }];
+  networking.nameservers = [ "192.168.1.69" "1.1.1.1" ];
   # Set your time zone.
   time.timeZone = "Europe/Oslo";
 
@@ -47,31 +48,31 @@
     isNormalUser = true;
     description = "Hephaestus";
     extraGroups = [ "networkmanager" "wheel" ];
-    packages = with pkgs; [];
+    packages = with pkgs; [ ];
   };
-  users.users.ansible= {
+  users.users.ansible = {
     isNormalUser = true;
-    extraGroups = [ "wheel" "networkmanager" "sudo"];
+    extraGroups = [ "wheel" "networkmanager" "sudo" ];
-    packages = with pkgs; [];
+    packages = with pkgs; [ ];
     openssh.authorizedKeys.keys = [
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAGKOGZKJO31YZem1OTZtIg3fKaatbFmqmRNRD+K9GpX rgl002@student.uib.no"
     ];
   };
-
+  security.sudo.wheelNeedsPassword = false;
   # Allow unfree packages
   nixpkgs.config.allowUnfree = true;
 
   # List packages installed in system profile. To search, run:
   # $ nix search wget
   environment.systemPackages = with pkgs; [
-  #  vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
+    #  vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
-  #  wget
+    #  wget
     btop
     vim
     tailscale
     python3
   ];
-  nix.settings.experimental-features =  [ "nix-command" "flakes" ];
+  nix.settings.experimental-features = [ "nix-command" "flakes" ];
   #  vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
   # Some programs need SUID wrappers, can be configured further or are
   # started in user sessions.
@@ -86,7 +87,9 @@
   services.tailscale.enable = true;
   # Enable the OpenSSH daemon.
   services.openssh.enable = true;
-  services.openssh.settings.PermitRootLogin = "yes";
+  services.openssh.settings.PermitRootLogin = "no";
+  nix.settings.trusted-users = [ "rolf" ];
+
   # Open ports in the firewall.
   # networking.firewall.allowedTCPPorts = [ ... ];
   # networking.firewall.allowedUDPPorts = [ ... ];

nixos/hephaestus/flake.nix

@@ -0,0 +1,20 @@
+{
+  description = "A simple NixOS flake";
+
+  inputs = {
+    # NixOS official package source, using the nixos-24.11 branch here
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11";
+  };
+
+  outputs = { self, nixpkgs, ... }@inputs: {
+    # Please replace my-nixos with your hostname
+    nixosConfigurations.hephaestus = nixpkgs.lib.nixosSystem {
+      system = "x86_64-linux";
+      modules = [
+        # Import the previous configuration.nix we used,
+        # so the old configuration file still takes effect
+        ./configuration.nix
+      ];
+    };
+  };
+}