From 49ba1149d86cc1eb22ad9e212c7f2b25e85d6c0d Mon Sep 17 00:00:00 2001
From: andromeda <andromeda@lenovo>
Date: Thu, 1 Jan 2026 18:24:24 +0100
Subject: [PATCH] mb?

---
 machines/109-199-104-83/configuration.nix | 55 ++++-------------------
 1 file changed, 8 insertions(+), 47 deletions(-)

diff --git a/machines/109-199-104-83/configuration.nix b/machines/109-199-104-83/configuration.nix
index 58215fe..32f9ffa 100644
--- a/machines/109-199-104-83/configuration.nix
+++ b/machines/109-199-104-83/configuration.nix
@@ -1,40 +1,22 @@
 {
+  config,
   modulesPath,
   machine,
   ...
 }: {
   system.stateVersion = "25.11";
   nix.settings.experimental-features = ["flakes" "nix-command"];
-
   imports = [(modulesPath + "/profiles/qemu-guest.nix")];
-  fileSystems = {
-    "/" = {
-      device = "none";
-      fsType = "tmpfs";
-      options = ["defaults" "size=30%" "mode=755"];
-    };
-    "/mnt" = {
-      device = "/dev/sda1";
-      fsType = "ext4";
-    };
-    "/boot" = {
-      device = "/mnt/boot";
-      fsType = "none";
-      options = ["bind"];
-    };
-    "/nix" = {
-      device = "/mnt/nix";
-      fsType = "none";
-      options = ["bind"];
-    };
+  fileSystems."/" = {
+    device = "/dev/sda1";
+    fsType = "ext4";
   };
   boot.loader.grub.device = "/dev/sda";
   boot.loader.timeout = 30;
-  boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"];
+  boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "xen_blkfront"];
   boot.initrd.kernelModules = ["nvme"];
   boot.tmp.cleanOnBoot = true;
   zramSwap.enable = true;
-
   networking = {
     useNetworkd = true;
     usePredictableInterfaceNames = true;
@@ -56,29 +38,8 @@
       dns = ["2620:fe::fe" "9.9.9.9"];
     };
   };
-
-  services.openssh = {
-    enable = true;
-    allowSFTP = false;
-    ports = [22 5522];
-    settings = {
-      PermitRootLogin = "no";
-      PasswordAuthentication = false;
-      KbdInteractiveAuthentication = true;
-    };
-  };
-  environment.persistence."/nix/persist" = {
-    enable = true;
-    hideMounts = true;
-    directories = [
-      "/var/log"
-      "/var/lib/nixos"
-      "/var/lib/systemd/coredump"
-      "/etc/NetworkManager/system-connections"
-    ];
-    files = [
-      "/etc/machine-id"
-    ];
-  };
+  services.openssh.enable = true;
+  users.mutableUsers = false;
+  users.users.root.openssh.authorizedKeys.keys = [config.pub-keys.ssh.andromeda];
   programs.noshell.enable = true;
 }