misc changes

profiles/common.nix

@@ -4,6 +4,13 @@
 
   imports = [ ./security.nix ];
 
+  environment.systemPackages = [
+    # for quick activity overview
+    pkgs.htop
+    # for users with TERM=xterm-termite
+    pkgs.termite.terminfo
+  ];
+
   # Nicer interactive shell
   programs.fish.enable = true;
   # And for the zsh peeps
@@ -19,19 +26,22 @@
       # auto-free the /nix/store
       min-free = ${asGB 10}
       max-free = ${asGB 200}
+
+      # avoid copying unecessary stuff over SSH
+      builders-use-substitutes = true
     '';
     # Hard-link duplicated files
     autoOptimiseStore = true;
   };
 
-  # No mutable users
-  users.mutableUsers = false;
-
   services.openssh.enable = true;
   networking.firewall.allowedTCPPorts = [
     22
   ];
 
+  # enable "sar" system activity collection
+  services.sysstat.enable = true;
+
   # Make debugging failed units easier
   systemd.extraConfig = ''
     DefaultStandardOutput=journal
@@ -41,6 +51,9 @@
   # The nix-community is global :)
   time.timeZone = "UTC";
 
+  # No mutable users
+  users.mutableUsers = false;
+
   # Assign keys from all users in wheel group
   # This is only done because nixops cant be deployed from any other account
   users.extraUsers.root.openssh.authorizedKeys.keys = lib.unique (lib.flatten (