{ flake, config, pkgs, lib, ... }: with lib; { imports = with flake.nixosModules.systemProfiles; [ default-locale zfs bcachefs networkmanager openssh ]; config = { boot.initrd.availableKernelModules = [ "e1000e" ]; hardware.cpu.amd.updateMicrocode = config.hardware.enableRedistributableFirmware; networking = { firewall.enable = false; nftables = { enable = true; rulesetFile = ./ruleset.nft; }; }; users.groups."networkmanager".members = [ "nixos" ]; services.openssh = { enable = true; staticHostKeys = false; }; services.qemuGuest.enable = true; environment.systemPackages = with pkgs; [ nvme-cli iotop pciutils bottom cudatoolkit ]; zramSwap.enable = true; users.defaultUserShell = pkgs.zsh; programs = { mosh.enable = true; tmux.enable = true; zsh.enable = true; }; # nvidia services.xserver.videoDrivers = [ "nvidia" ]; systemd.services.nvidia-control-devices = { wantedBy = [ "multi-user.target" ]; serviceConfig.ExecStart = "${pkgs.linuxPackages.nvidia_x11.bin}/bin/nvidia-smi"; }; nixpkgs.externalConfig.allowUnfree = true; nix.settings.auto-allocate-uids = mkForce false; services.getty.autologinUser = lib.mkForce null; system.disableInstallerTools = false; systemd.sysusers.enable = false; system.machine-id.generate.enable = false; system.stateVersion = config.system.nixos.release; # No state in installer }; }