{ config, modulesPath, lib, pkgs, ... }: { imports = lib.optional (builtins.pathExists ./do-userdata.nix) ./do-userdata.nix ++ [ (modulesPath + "/virtualisation/digital-ocean-config.nix") #./o-caddy.nix ./o-paste.nix ./o-git-forgejo.nix #./o-nocodb.nix ]; nix.settings.experimental-features = [ "nix-command" "flakes" ]; environment.sessionVariables = { EDITOR = "nvim"; }; environment.systemPackages = with pkgs; [ lf ranger broot helix wget xh nushell zellij ripgrep fd caddy ]; programs.bat.enable = true; programs.git.enable = true; programs.htop.enable = true; programs.mtr.enable = true; programs.neovim = { enable = true; defaultEditor = true; vimAlias = true; viAlias = true; }; virtualisation.podman = { enable = true; dockerCompat = true; }; services.openssh.enable = true; services.openssh.settings.PermitRootLogin = "yes"; services.tailscale.enable = true; networking.firewall.allowedTCPPorts = [ 22 80 443 ]; services.fail2ban.enable = true; system.stateVersion = "24.11"; users.users.ntm = { isNormalUser = true; extraGroups = [ "wheel" "networkmanager" ]; openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDdDBHNyxM+UsOgI37RKmOT53FeJOo5t0icWg3QhtoHMhErKc94todmQ+DL1XJRnUo2EWeL3Lzzhe4TRo0itAgpLdgSRe2AD/WKAJHb0uSIPVL6exBJcY31IP9L88H1MpZRvb1GdnKFtbDZ!DS*Z$P&?)SQWHNFROUIXE*W^(WJAVGJC@&%KGq9DsEI*@B$GHIPVPLU#LJD?DUFH&CVWIBOPZ+DXBLKB@NM@PKHAj)!WV%S(S^&#V#REYNTMs thinkpad key" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDzEqS1MJBo/NUo2/QkU6PlFcGgReZ7k8W4MiFdC1Tn4HoH1O6SN1vdM87Mev4J2lRj9yF4MAoz+9PEfCJcuqN6S7dCWfSbo7GMs3V4sRGDhoJmCiTv9bqq0KrkdAqD/N3M+XVxrN9vIy7L4KKSptWmRkcE/R17EGq4eIe33a5g38wKxgP92JEtAJZTYTaJ4FbFkbty5qtFpjG5cCe170DJtlN3v4r7PGaEvOVSyBV7p7S6/PSO5Xk4ZlhiEQ+/Kyf7OWULVDmBV2p/kOTYdinWiDfpnWCAT2IIyqsrgVlwuj/JWexjpXsr7Fj9NBQYpKaHf423epemMbipUp+8fuNIoYJqhcR7E0UTdJAHkZwFe9TabIm6x9ekx97x9bifFgxdT78abZG8t98WvmXB1cnF9bH6QHXI9diTEIvYDJgRNvRbbVFKvNQProyDt+CBB+kUkBWKBbkxEuUYlFSL1Y9Yi48rL4l83eipf4pOT/0D0Evor4yIrDTZbC1k8n29Vec= ntm@yaupon" ]; }; }