{ pkgs, system, blog, ... }: let productionSite = blog.english { ssl = true; host = "danilafe.com"; }; draftSite = blog.english { drafts = true; host = "drafts.danilafe.com"; }; allVirtualHosts = map blog.virtualHostFor [productionSite draftSite]; in { imports = [ ./hardware-configuration.nix ./networking.nix # generated at runtime by nixos-infect ]; nix = { package = pkgs.nixUnstable; extraOptions = '' experimental-features = nix-command flakes ''; }; environment.systemPackages = with pkgs; [ git ]; boot.cleanTmpDir = true; networking.hostName = "nixos-droplet-v2"; networking.firewall.allowPing = true; networking.firewall.allowedTCPPorts = [ 22 80 443 ]; services.openssh.enable = true; users.users.root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJXYJZfEOgccfCa3uQV9z2rHvGn4AuVnXbIDXv27HgEk vanilla@arch-xps" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOzk0SnRBJhpfNpPBgkReQoDpul2Egl2yJhRw7ldYEzF NixOS" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAoyFSuik6XRU2b+O4v9C1bc7rKJyjKgzUeaBaVNQKN6 vanilla-pinebook" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPjTgUFIwo/mtoB1kyj1zJ4QxAwLAgdvvePGXmLqjeY1 vanilla@Daniels-MBP.home" ]; security.acme = { defaults.email = "danila.fedorin@gmail.com"; acceptTerms = true; }; users.groups.www = {}; services.nginx = { enable = true; recommendedGzipSettings = true; recommendedProxySettings = true; virtualHosts = pkgs.lib.mkMerge allVirtualHosts; }; users.defaultUserShell = pkgs.zsh; programs.zsh.enable = true; programs.zsh.ohMyZsh = { enable = true; plugins = [ "git" ]; }; }