make config deployable

configuration.nix

@@ -53,13 +53,6 @@
     };
   };
 
-  # https://github.com/viperML/nh
-  programs.nh = {
-    enable = true;
-    clean.enable = true;
-    clean.extraArgs = "--keep-since 4d --keep 3";
-  };
-
   boot = {
     # 6.12 LTS until 2027
     kernelPackages = pkgs.linuxPackages_6_12;
@@ -105,9 +98,9 @@
   services.openssh = {
     enable = true;
     settings = {
-      AllowUsers = [ username ];
+      AllowUsers = [ username "root" ];
       PasswordAuthentication = false;
-      PermitRootLogin = "no";
+      PermitRootLogin = "yes"; # for deploying configs
     };
   };
 
@@ -139,12 +132,13 @@
 
     borgbackup
     smartmontools
-
     nil
 
     ripgrep
 
     intel-gpu-tools
+    iotop
+    iftop
 
     tmux
 
@@ -289,7 +283,7 @@
       service_configs.torrent_group
     ];
 
-    hashedPasswordFile = "${./secrets/hashedPass}";
+    hashedPasswordFile = builtins.toString ./secrets/hashedPass;
 
     openssh.authorizedKeys.keys = [
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO4jL6gYOunUlUtPvGdML0cpbKSsPNqQ1jit4E7U1RyH" # laptop
@@ -297,6 +291,8 @@
     ];
   };
 
+  users.users.root.openssh.authorizedKeys.keys = config.users.users.${username}.openssh.authorizedKeys.keys;
+
   # https://nixos.wiki/wiki/Fish#Setting_fish_as_your_shell
   programs.fish.enable = true;
   programs.bash = {