hope

common/systemModules/crypt.nix

@@ -10,12 +10,10 @@
   programs = {
     ssh = {
       startAgent = true;
-      askPassword = "${pkgs.ksshaskpass}/bin/ksshaskpass";
     };
     gnupg = {
       agent = {
         enable = true;
-        pinentryPackage = pkgs.pinentry-gnome3;
       };
     };
   };

common/systemModules/kde.nix

@@ -1,4 +1,15 @@
-{ ... }: {
+{ pkgs, ... }:
+{
+  programs = {
+    ssh = {
+      askPassword = "${pkgs.ksshaskpass}/bin/ksshaskpass";
+    };
+    gnupg = {
+      agent = {
+        pinentryPackage = pkgs.pinentry-gnome3;
+      };
+    };
+  };
   services = {
     desktopManager = {
       plasma6 = {

common/systemModules/ssh.keys

@@ -0,0 +1,6 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINbwWjnyagf8yvKhWruncrSaj4zOClJM4j1cspf/tYNz
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII0GeAUBr3aprEC+V0s5qcfKsJyy7JFXvtZUNCWw328w
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKopbljRYwhVbVoXApoPZpmEjb9Zw7GD+SV49Asvuo7O
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPaz0uIWicLCPcYq35RUq/7iqaYOr9R5HDj89EeXXfzL
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINUl0IkmEqdUA09sC+SzDWAnTuAbdDl3KHeQbMNK1zRQ
+

common/systemModules/sshd.nix

@@ -0,0 +1,8 @@
+{ ... }:
+{
+    services= {
+        openssh = {
+            authorizedKeysFiles = ["${./ssh.keys}"];
+        };
+    };
+}

common/systemModules/tailscaleServer.nix

@@ -0,0 +1,10 @@
+{ config, ... }:
+{
+  services = {
+    tailscale = {
+      enable = true;
+      authKeyFile = config.sops.secrets.tailscale_server_key.path;
+      extraSetFlags = [ "--advertise-exit-node" ];
+    };
+  };
+}

common/users/meyer-server/default.nix

@@ -0,0 +1,40 @@
+{
+  pkgs,
+  inputs,
+  stable,
+  unstable,
+  ...
+}:
+let
+  NAME = "meyer";
+in
+{
+  imports = [
+    (import ../../systemModules/sops.nix { inherit NAME; })
+  ];
+  users = {
+    users = {
+      "${NAME}" = {
+        isNormalUser = true;
+        extraGroups = [
+          "wheel"
+          "audio"
+          "sound"
+          "video"
+          "input"
+          "tty"
+          "plugdev"
+        ];
+        shell = pkgs.zsh;
+      };
+    };
+  };
+  home-manager = {
+    extraSpecialArgs = {
+      inherit inputs stable unstable;
+    };
+    users = {
+      "${NAME}" = import ./home.nix;
+    };
+  };
+}

common/users/meyer-server/home.nix

@@ -0,0 +1,49 @@
+
+{
+  ...
+}:
+{
+  nixpkgs.config.allowInsecurePredicate = (pkg: true);
+  nixpkgs.config.allowUnfreePredicate = (pkg: true);
+
+  imports = [
+  ];
+
+  # Home Manager needs a bit of information about you and the paths it should
+  # nixpkg.config.allowUnfree = true;
+  # manage.
+  home.username = "meyer";
+  home.homeDirectory = "/home/meyer";
+
+  # The home.packages option allows you to install Nix packages into your
+  # environment.
+  # Home Manager is pretty good at managing dotfiles. The primary way to manage
+  # plain files is through 'home.file'.
+
+  # Home Manager can also manage your environment variables through
+  # 'home.sessionVariables'. If you don't want to manage your shell through Home
+  # Manager then you have to manually source 'hm-session-vars.sh' located at
+  # either
+  #
+  #  ~/.nix-profile/etc/profile.d/hm-session-vars.sh
+  #
+  # or
+  #
+  #  ~/.local/state/nix/profiles/profile/etc/profile.d/hm-session-vars.sh
+  #
+  # or
+  #
+  #  /etc/profiles/per-user/meyer/etc/profile.d/hm-session-vars.sh
+  #
+
+  # This value determines the Home Manager release that your configuration is
+  # compatible with. This helps avoid breakage when a new Home Manager release
+  # introduces backwards incompatible changes.
+  #
+  # You should not change this value, even if you update Home Manager. If you do
+  # want to update the value, then make sure to first check the Home Manager
+  # release notes.
+  home.stateVersion = "23.11"; # Please read the comment before changing.
+  # Let Home Manager install and manage itself.
+  programs.home-manager.enable = true;
+}

common/users/meyer/default.nix

@@ -1,4 +1,10 @@
-{ pkgs, inputs, stable, unstable, ... }:
+{
+  pkgs,
+  inputs,
+  stable,
+  unstable,
+  ...
+}:
 let
   NAME = "meyer";
 in