feat: try out colmena

Signed-off-by: Lander Van den Bulcke <landervandenbulcke@gmail.com>

hosts/servers/common.nix

@@ -0,0 +1,88 @@
+{
+  lib,
+  modulesPath,
+  pkgs,
+  ...
+}:
+{
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+    (modulesPath + "/profiles/qemu-guest.nix")
+  ];
+
+  boot = {
+    loader.grub = {
+      devices = [ "/dev/sda" ];
+      efiSupport = true;
+      efiInstallAsRemovable = true;
+    };
+
+    initrd.kernelModules = [ "virtio_gpu" ];
+
+    kernelParams = [ "console=tty" ];
+  };
+
+  time.timeZone = lib.mkDefault "Europe/Berlin";
+
+  networking = {
+    useNetworkd = true;
+  };
+
+  systemd.network = {
+    enable = true;
+
+    networks = {
+      "30-wan" = {
+        matchConfig.Name = "enp1s0";
+        networkConfig.DHCP = "ipv4";
+        routes = [
+          { Gateway = "fe80::1"; }
+        ];
+      };
+    };
+  };
+
+  services.openssh = {
+    enable = true;
+    settings.PasswordAuthentication = false;
+    extraConfig = ''
+      PrintLastLog no
+    '';
+  };
+
+  programs.zsh.enable = true;
+  environment.pathsToLink = [ "/share/zsh" ];
+  environment.shells = [ pkgs.zsh ];
+  environment.enableAllTerminfo = true;
+
+  users.users.lander = {
+    isNormalUser = true;
+    shell = pkgs.zsh;
+    extraGroups = [
+      "wheel"
+    ];
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPnthKtz0fE4yQ/X10cJgKVCjYCNkRNoqV28xAhD7h2M cardno:22_498_026"
+    ];
+  };
+
+  users.users.root.openssh.authorizedKeys.keys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPnthKtz0fE4yQ/X10cJgKVCjYCNkRNoqV28xAhD7h2M cardno:22_498_026"
+  ];
+
+  nix = {
+    settings = {
+      trusted-users = [ "lander" ];
+      accept-flake-config = true;
+      auto-optimise-store = true;
+    };
+
+    package = pkgs.nixVersions.stable;
+    extraOptions = ''experimental-features = nix-command flakes'';
+
+    gc = {
+      automatic = true;
+      options = "--delete-older-than 7d";
+    };
+  };
+}