{ flake, config, pkgs, lib, ... }: with lib; { imports = with flake.nixosModules.systemProfiles; [ default-locale nfsroot openssh ]; config = { nixpkgs = { system = "x86_64-linux"; externalConfig = { allowUnfree = true; }; }; boot = { initrd = { availableKernelModules = [ "nvme" "ahci" "xhci_pci" "usbhid" "sd_mod" "sr_mod" ]; kernelModules = [ "igb" ]; }; kernelModules = [ "kvm-amd" ]; extraModulePackages = [ ]; plymouth.enable = true; tmp.useTmpfs = true; }; hardware = { enableRedistributableFirmware = true; cpu.amd.updateMicrocode = config.hardware.enableRedistributableFirmware; nvidia = { modesetting.enable = true; powerManagement.enable = true; }; opengl.enable = true; }; environment.etc."machine-id".text = "f457b21333f1491e916521151ff5d468"; networking = { hostId = "f457b213"; domain = "lan.yggdrasil"; search = [ "lan.yggdrasil" "yggdrasil" ]; hosts = { "127.0.0.1" = [ "eostre.lan.yggdrasil" "eostre" ]; "::1" = [ "eostre.lan.yggdrasil" "eostre" ]; }; firewall.enable = false; nftables = { enable = true; rulesetFile = ./ruleset.nft; }; }; services.resolved = { llmnr = "false"; }; zramSwap.enable = true; system.stateVersion = "22.11"; console.keyMap = "us"; time.hardwareClockInLocalTime = true; environment.systemPackages = with pkgs; [ cifs-utils ]; security.pam.mount = { enable = true; extraVolumes = [ "" "" ]; }; services.xserver = { enable = true; displayManager.sddm = { enable = true; settings = { Users.HideUsers = "gkleen"; }; }; desktopManager.plasma5.enable = true; videoDrivers = [ "nvidia" ]; }; services.openssh = { enable = true; startWhenNeeded = true; settings = { PasswordAuthentication = true; KbdInteractiveAuthentication = true; }; }; }; }