c3terminal/config.nix

{
  pkgs,
  lib,
  ...
}: {
  system.stateVersion = "24.11";
  nixpkgs.hostPlatform = {
    system = "x86-64-linux";
    config = "x86_64-unknown-linux-gnu";
  };
  networking.hostName = "c3terminal";
  time.timeZone = "Europe/Berlin";
  facter.reportPath = ./facter.json;

  users.users.c3terminal = {
    isNormalUser = true;
    password = "test";
    extraGroups = [
      "wheel"
      "networkmanager"
    ];
    openssh.authorizedKeys.keys = [
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB8oyMpS2hK3gQXyHIIVS6oilgMpemLmfhKKJ6RBMwUh jopejoe1_2@joens.email"
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP3pKtvhOOjG1pGJq7cVHS5uWy5IP8y1Ra/ENpmJcqOe jopejoe1@zap"
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFEcNAVRN66mfKmaCpxs++0094Eh4mqXkUwDPZPkIIBB jopejoe1@joens.email"
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFZDUoC+1lNR2JTY1Q+vhXpuLmKMdVl2OMFLVbQ3cGkw jopejoe1@kuraokami"
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKm2igbJ+Ke+dJO3r7wp5ZTreHqC39Sjctca119Bl2yc jopejoe1@zap"
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPHns90pKP8pDOKM7ziCiG7ZjO3kFvScnbq7uBlUWG5H n0th1ng"
    ];
    packages = with pkgs; [
      firefox
    ];
  };

  users.users.demo = {
    isNormalUser = true;
    password = "test";
    packages = with pkgs; [
      firefox
    ];
  };

  users.users.root = {
    password = "test";
    shell = lib.mkForce (lib.getExe pkgs.bash);
    extraGroups = [
      "wheel"
      "networkmanager"
    ];
    openssh.authorizedKeys.keys = [
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB8oyMpS2hK3gQXyHIIVS6oilgMpemLmfhKKJ6RBMwUh jopejoe1_2@joens.email"
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP3pKtvhOOjG1pGJq7cVHS5uWy5IP8y1Ra/ENpmJcqOe jopejoe1@zap"
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFEcNAVRN66mfKmaCpxs++0094Eh4mqXkUwDPZPkIIBB jopejoe1@joens.email"
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFZDUoC+1lNR2JTY1Q+vhXpuLmKMdVl2OMFLVbQ3cGkw jopejoe1@kuraokami"
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKm2igbJ+Ke+dJO3r7wp5ZTreHqC39Sjctca119Bl2yc jopejoe1@zap"
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPHns90pKP8pDOKM7ziCiG7ZjO3kFvScnbq7uBlUWG5H n0th1ng"
    ];
    packages = with pkgs; [
      firefox
    ];
  };

  boot = {
    loader = {
      grub = {
        enable = true;
      };
      efi = {
        canTouchEfiVariables = true;
        #efiSysMountPoint = "/boot";
      };
    };
  };

  services = {
    openssh = {
      enable = true;
      settings = {
        PermitRootLogin = "no";
      };
    };

    cage = {
      enable = true;
      program = "${lib.getExe pkgs.firefox} --kiosk --private-window ${./index.html}";
    };
  };

  disko.devices = {
    disk = {
      main = {
        type = "disk";
        device = "/dev/disk/by-id/wwn-0x502b2a201d1c1b1a";
        content = {
          type = "gpt";
          partitions = {
            boot = {
              size = "1M";
              type = "EF02"; # for grub MBR
            };
            ESP = {
              size = "512M";
              type = "EF00";
              content = {
                type = "filesystem";
                format = "vfat";
                mountpoint = "/boot";
                mountOptions = [ "umask=0077" ];
              };
            };
            root = {
              size = "100%";
              content = {
                type = "filesystem";
                format = "ext4";
                mountpoint = "/";
              };
            };
          };
        };
      };
    };
  };
}