{ npins, pkgs, lib, config, machineConfig, ... }: let cfg = config.zpha.profiles.zaphyra; in { options.zpha.profiles.zaphyra.enable = lib.mkEnableOption "zaphyra's defaults"; imports = (lib.mkIf cfg.enable [ "${npins.nixMaid}/src/nixos" ]).content; config = lib.mkIf cfg.enable { dns.zones."fc9f.de".subdomains."${config.networking.hostName}" = lib.mkIf (machineConfig ? networking) ( let networkCfg = machineConfig.networking; in { AAAA = lib.mkIf ((networkCfg ? ip6Address) && !networkCfg.ip6IsPrivate) [ networkCfg.ip6Address ]; A = lib.mkIf ((networkCfg ? ip4Address) && !networkCfg.ip4IsPrivate) [ networkCfg.ip4Address ]; } ); maid.sharedModules = [ ../../../maidModules/environment.nix ../../../maidModules/xdg.nix ../../../maidModules/dbus.nix ../../../maidModules/programs/fish.nix ../../../maidModules/programs/starship.nix ../../../maidModules/programs/git.nix ../../../maidModules/programs/lazygit.nix ]; users.users = { root = { extraGroups = [ "ssh" ]; openssh.authorizedKeys.keys = [ (builtins.readFile "${pkgs.zpha.website}/ssh_pubkey.asc") ]; }; zaphyra.maid = { programs = { starship.enable = true; }; }; }; zpha = { profiles.nginx.enable = true; programs = { fish.enable = true; htop.enable = true; ssh.enable = true; }; }; common = { configure = { rootDisk.enable = lib.mkDefault true; persist.system.enable = lib.mkDefault true; persist.home.enable = lib.mkDefault true; }; profiles = { base.enable = true; minimal.enable = lib.mkDefault true; }; services.vnstat.enable = true; users.zaphyra.enable = true; }; services = { timesyncd.enable = lib.mkDefault true; fstrim.enable = lib.mkDefault true; speechd.enable = false; journald.extraConfig = "SystemMaxUse=2.5G"; # logind.settings.Login.KillUserProcesses = lib.mkDefault true; nginx.appendHttpConfig = ''add_header X-Clacks-Overhead "GNU memdmp" always;''; }; }; }