{ lib, config, pkgs, sources, self-meta, ... }: let inherit (lib) mkEnableOption mkOption mkMerge mkIf mkDefault ; inherit (lib.types) str package ; in { imports = [ ./users ./proxies ./root.nix self-meta.home-manager "${sources.disko}/module.nix" ]; options.kat = { addArgs = mkEnableOption "the extra arguments" // { default = true; }; wireguardPubKey = mkOption { type = str; }; fqdn = mkOption { type = str; }; anywhere = mkOption { type = package; readOnly = true; }; }; config = mkMerge [ (mkIf config.kat.addArgs { _module.args = { ssh-keys = import ./ssh-keys { inherit lib; }; }; }) { kat = { anywhere = pkgs.writeShellApplication { name = "anywhere-deploy_${config.networking.hostName}.sh"; runtimeInputs = [ pkgs.nixos-anywhere ]; # --kexec ${nodes.kat-kexec.config.system.build.kexecTarball}/${nodes.kat-kexec.config.system.kexec-installer.name}-${pkgs.stdenv.hostPlatform.system}.tar.gz text = '' nixos-anywhere --no-substitute-on-destination --store-paths ${config.system.build.diskoScriptNoDeps} ${config.system.build.toplevel} ${config.deployment.targetHost} ''; }; }; boot = { tmp.useTmpfs = true; supportedFilesystems.bcachefs = mkDefault true; kernelPackages = pkgs.linuxPackages_latest; }; networking = { useNetworkd = true; nftables.enable = true; }; systemd.network.enable = true; nixpkgs.overlays = map import self-meta.overlay-paths; nix = { nixPath = [ "nixpkgs=${self-meta.nixpkgs-paths.nixpkgs}" "nixos=${self-meta.nixpkgs-paths.nixpkgs}" ]; channel.enable = false; settings.nix-path = config.nix.nixPath; package = pkgs.lix; }; time.timeZone = mkDefault "Europe/Paris"; i18n.defaultLocale = "en_US.UTF-8"; console = { font = "Lat2-Terminus16"; keyMap = mkDefault "fr"; }; environment.systemPackages = with pkgs; [ tree ranger ripgrep wget git lazygit btop screen nix-search-cli nix-output-monitor ]; services = { resolved.enable = !config.boot.isContainer; openssh.settings = { ClientAliveInterval = 60; ClientAliveCountMax = 1; }; }; } ]; }