{ config, lib, pkgs, ... }: { nixpkgs.config.packageOverrides = import pkgs; imports = [ ./base.nix ]; boot.loader.grub.devices = [ config.ni-disk ]; boot.loader.grub.splashImage = null; environment.systemPackages = [ pkgs.htop pkgs.iptables (pkgs.writeDashBin "ni-upload-iso" '' export NIX_PATH=${config.ni-nix-path} set -efux ${pkgs.nix}/bin/nix-build \ -A config.system.build.isoImage \ -I nixos-config=${config.ni-nix-path}/nixos-config/install.nix \ -o ${config.ni-nix-path}/isoImage \ ${config.ni-nix-path}/nixpkgs/nixos ftpHost=$(${pkgs.jq}/bin/jq -r .ftp.host ${config.ni-key-path}/kvm-info.json); \ ${pkgs.curl}/bin/curl -n --netrc-file ${config.ni-key-path}/upload-iso.netrc \ -T ${config.ni-nix-path}/isoImage/iso/ni-install.iso \ "ftp://$ftpHost/cdrom/ni-install.iso" '') ]; fileSystems = { "/" = { device = "${config.ni-disk}-part1"; fsType = "btrfs"; options = ["defaults" "noatime" "ssd" "compress=lzo"]; }; }; networking.hostName = "ni"; services.timesyncd.enable = true; services.openssh = { enable = true; hostKeys = lib.singleton ({ type = "ed25519"; path = "${config.ni-key-path}/ssh.id_ed25519"; }); }; tv.iptables.enable = true; tv.iptables.accept-echo-request = "internet"; tv.iptables.input-internet-accept-tcp = [ "ssh" ]; }