# NixOps configuration for the hosts utilising IOHK resources { config, inputs, pkgs, lib, ... }: let nix = inputs.nix.packages."${pkgs.system}".nix; in { imports = [../profiles/terminal-recording.nix ../profiles/nix-direnv.nix]; nix = { package = nix; settings = { substituters = [ "https://cache.nixos.org" "https://cache.iog.io" ]; trusted-public-keys = [ "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" "hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ=" "iohk.cachix.org-1:DpRUyj7h7V830dp/i6Nti+NEO2/nhblbov/8MW7Rqoo=" ]; }; extraOptions = '' #repeat = 1 # Ensure reproducibility of builds experimental-features = nix-command flakes ''; }; # Set the system-wide environment environment = { systemPackages = with pkgs; [ awscli # Unified tool to manage your AWS services bitwarden-cli # CLI client for Bitwarden brave # Privacy-oriented browser buildkite-agent # Buildkite for IOHK cue # A data constraint language docker # Pack, ship and run any application as a lightweight container docker-compose # Multi-container orchestration for Docker freerdp # A Remote Desktop Protocol Client, xfreerdp gist # Upload code to https://gist.github.com (or github enterprise) gnupg # GNU Privacy Guard, a GPL OpenPGP implementation go-jira # Simple command line client for Atlassian's Jira service written in Go jq # A lightweight and flexible command-line JSON processor keybase-gui # The Keybase official client magic-wormhole # Securely transfer data between computers s3fs # Mount an S3 bucket as filesystem through FUSE shellcheck # Shell script analysis tool slack-dark # Slack desktop client xxd # make a hexdump or do the reverse ]; variables = { NIX_SKIP_KEYBASE_CHECKS = "1"; # As per IOHK Keybase reqs }; }; virtualisation.docker.enable = true; services = { keybase.enable = true; }; users.groups.docker.members = ["craige"]; }