Emma Thorpe
85139ddfb1
- Add common-nixos.nix (timezone, locale, git/fastfetch) imported by every NixOS host, and laptop.nix (systemd-boot, sway, dvorak, iwd, firewall) imported by X1 and MBP. Strip the nixos-generate-config boilerplate from both machine configs and reduce them to host-specific settings. - Enable the firewall on the laptops (was disabled); X1 opens 22 next to its sshd. - Pin nixpkgs input to github:nixos/nixpkgs/nixos-26.05 for consistency; lock rev unchanged (still b51242d). - Drop unused module arguments. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
22 lines
722 B
Nix
22 lines
722 B
Nix
# Shared configuration for the physical NixOS laptops (X1, MBP-Asahi). Imported
|
|
# from the host table in flake.nix. Platform-specific bits (bootloader EFI var
|
|
# touching, firmware, audio, hostname, sshd) stay in the per-machine configs.
|
|
{ ... }:
|
|
{
|
|
boot.loader.systemd-boot.enable = true;
|
|
|
|
features.swayDesktop.enable = true;
|
|
|
|
console.keyMap = "dvorak";
|
|
|
|
# Wi-Fi via iwd with its built-in DHCP/network configuration.
|
|
networking.wireless.iwd = {
|
|
enable = true;
|
|
settings.General.EnableNetworkConfiguration = true;
|
|
};
|
|
|
|
# Default-deny inbound. Hosts that run a listening service open their own
|
|
# ports next to where the service is enabled (e.g. sshd -> 22 on X1).
|
|
networking.firewall.enable = true;
|
|
}
|