{ lib, config, pkgs, sources, ... }: with lib; { imports = [ ./users ./proxies ./root.nix "${sources.home-manager}/nixos" "${sources.disko}/module.nix" ]; options.kat = { addArgs = mkEnableOption "the extra arguments" // { default = true; }; wireguardPubKey = mkOption { type = types.str; }; fqdn = mkOption { type = types.str; }; anywhere = lib.mkOption { type = lib.types.package; readOnly = true; }; }; config = mkMerge [ (mkIf config.kat.addArgs { _module.args = { ssh-keys = import ./ssh-keys { inherit lib; }; kat-path = ./.; }; }) { kat = { anywhere = pkgs.writeShellApplication { name = "anywhere-deploy_${config.networking.hostName}.sh"; runtimeInputs = [ pkgs.nixos-anywhere ]; # --kexec ${nodes.kat-kexec.config.system.build.kexecTarball}/${nodes.kat-kexec.config.system.kexec-installer.name}-${pkgs.stdenv.hostPlatform.system}.tar.gz text = '' nixos-anywhere --no-substitute-on-destination --store-paths ${config.system.build.diskoScriptNoDeps} ${config.system.build.toplevel} ${config.deployment.targetHost} ''; }; }; boot = { tmp.useTmpfs = true; supportedFilesystems.bcachefs = mkDefault true; kernelPackages = pkgs.linuxPackages_latest; }; networking = { useNetworkd = true; nftables.enable = true; }; systemd.network.enable = true; nix = { nixPath = [ "nixpkgs=${builtins.storePath pkgs.path}" "nixos=${builtins.storePath pkgs.path}" ]; channel.enable = false; settings.nix-path = config.nix.nixPath; package = pkgs.lix; }; time.timeZone = mkDefault "Europe/Paris"; i18n.defaultLocale = "en_US.UTF-8"; console = { font = "Lat2-Terminus16"; keyMap = mkDefault "fr"; }; environment.systemPackages = with pkgs; [ tree ranger ripgrep wget git lazygit btop screen nix-search-cli nix-output-monitor ]; services = { resolved.enable = !config.boot.isContainer; openssh.settings = { ClientAliveInterval = 60; ClientAliveCountMax = 1; }; }; } ]; }