Todo Items#

• !important flatten nixosSystem definitions

  • instead of import ./systems/stuff {} do nixosSystem = {...; imports = [./systems/stuff]}

• migrate firewall to nftables

  • setup ipsets and block known abusers

• migrate ~/.yubico/authorized_yubikeys to HM config (via pam.yubico.authorizedYubiKeys.ids)

• [-] fcitx5

  • enable and configure basic fcitx5 stuff
  • migrate rime config to HM

• arrpc

• one of

  • setup port knocking/fwknop
    • shield sshd behind fwknop
  • wireguard

• migrate to a configuration where erase your darlings is possible

• setup patchouli
• setup vaultwarden