add kiwi and lillypilly

hosts/lilly/lillypilly.nix

@@ -0,0 +1,66 @@
+{ config, pkgs, ... }:
+
+{
+  environment.systemPackages = with pkgs; [
+    k3s
+  ];
+
+  users.users.lillypilly = {
+    isNormalUser = true;
+    extraGroups = [
+      "wheel"
+    ];
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 ..."
+    ];
+  };
+
+  services.k3s = {
+    enable = true;
+    role = "agent";
+    serverAddr = "https://192.168.1.89:6443";
+    tokenFile = "/var/lib/rancher/k3s/agent/token";
+  };
+
+  services.openssh = {
+    enable = true;
+    settings = {
+      PasswordAuthentication = true;
+      PermitRootLogin = "yes";
+    };
+  };
+
+  networking.firewall = {
+    enable = false;
+    allowedTCPPorts = [ 10250 22 3001 ];
+    allowedUDPPorts = [ 8472 ];
+  };
+
+  services.uptime-kuma = {
+    enable = true;
+    settings = {
+	HOST = "0.0.0.0";
+	PORT = "3001";
+    };
+  };
+
+
+  systemd.services.cloudflared-connector = {
+    description = "Cloudflare Tunnel Connector";
+    after = [ "network.target" ];
+    wantedBy = [ "multi-user.target" ];
+    serviceConfig = {
+      ExecStart = "${pkgs.cloudflared}/bin/cloudflared tunnel --no-autoupdate run --token token";
+      Restart = "always";
+      RestartSec = "10s";
+      User = "cloudflared";
+      Group = "cloudflared";
+    };
+  };
+
+  users.users.cloudflared = {
+    group = "cloudflared";
+    isSystemUser = true;
+  };
+  users.groups.cloudflared = { };
+}