{ config, lib, pkgs, ... }: { imports = [ ./hardware-configuration.nix ]; boot.loader = { systemd-boot.enable = true; efi.canTouchEfiVariables = true; }; networking = { hostName = "mercury"; networkmanager.enable = true; firewall.allowedTCPPorts = [ 22 80 443 8080 8443 ]; }; time.timeZone = "America/Los_Angeles"; fileSystems."/storage" = { device = "/dev/disk/by-label/storage"; }; users.users.cybr = { isNormalUser = true; extraGroups = [ "wheel" "podman" ]; packages = with pkgs; [ tree fastfetch podman-compose ]; }; programs.nix-ld = { enable = true; libraries = with pkgs; [ ]; }; environment.systemPackages = with pkgs; [ micro wget curl zulu go python3 nodejs screen gnumake bun btop sqlite git deno cargo ]; systemd = { timers = { "markov-bot" = { wantedBy = [ "timers.target" ]; timerConfig = { OnCalendar = "hourly"; Persistent = true; Unit = "markov-bot.service"; }; }; "pds-backup" = { wantedBy = [ "timers.target" ]; timerConfig = { OnCalendar = "*-*-* 04:00:00"; Persistent = true; Unit = "pds-backup.service"; }; }; }; services = { "markov-bot" = { serviceConfig = { Type = "simple"; User = "cybr"; WorkingDirectory = "/home/cybr/markov"; ExecStart = "/home/cybr/markov/post.sh"; # sorry ur not getting dis script }; }; "pds-backup" = { serviceConfig = { Type = "simple"; User = "cybr"; WorkingDirectory = "/home/cybr/pds"; ExecStart = "/home/cybr/pds/backup.sh"; # get the script here -> https://tangled.org/strings/did:web:gayfamicom.lol/3mdr2aehdrf22 }; }; }; }; services = { openssh = { enable = true; settings = { PasswordAuthentication = false; KbdInteractiveAuthentication = false; PermitRootLogin = "no"; AllowUsers = [ "cybr" ]; }; }; fail2ban = { enable = true; maxretry = 5; bantime = "48h"; }; caddy = { enable = true; configFile = ./Caddyfile; }; postgresql.enable = true; }; virtualisation = { containers.enable = true; podman = { enable = true; dockerCompat = true; defaultNetwork.settings.dns_enabled = true; }; }; system = { copySystemConfiguration = true; stateVersion = "25.11"; }; }