2024-01-13 22:33:39 -05:00
|
|
|
|
# Base configuration.nix
|
2023-07-31 00:21:32 -04:00
|
|
|
|
{ config, lib, pkgs, inputs, user, ... }:
|
|
|
|
|
{
|
|
|
|
|
nix = {
|
|
|
|
|
settings.auto-optimise-store = true;
|
|
|
|
|
settings.allowed-users = [ "@wheel" ];
|
|
|
|
|
gc = {
|
|
|
|
|
automatic = true;
|
|
|
|
|
dates = "weekly";
|
|
|
|
|
persistent = true;
|
|
|
|
|
options = "--delete-older-than 30d";
|
|
|
|
|
};
|
|
|
|
|
package = pkgs.nixFlakes;
|
|
|
|
|
registry.nixpkgs.flake = inputs.nixpkgs;
|
|
|
|
|
extraOptions = ''
|
|
|
|
|
experimental-features = nix-command flakes
|
|
|
|
|
keep-outputs = true
|
|
|
|
|
keep-derivations = true
|
|
|
|
|
'';
|
|
|
|
|
};
|
2024-01-16 22:43:56 -05:00
|
|
|
|
boot = {
|
|
|
|
|
tmp.cleanOnBoot = true;
|
|
|
|
|
};
|
2023-08-02 23:20:31 -04:00
|
|
|
|
nixpkgs.config.allowUnfree = true;
|
2023-07-31 00:21:32 -04:00
|
|
|
|
networking.networkmanager.enable = true;
|
|
|
|
|
time.timeZone = "America/Los_Angeles";
|
|
|
|
|
i18n.defaultLocale = "en_US.UTF-8";
|
|
|
|
|
i18n.extraLocaleSettings = {
|
|
|
|
|
LC_ADDRESS = "en_US.UTF-8";
|
|
|
|
|
LC_IDENTIFICATION = "en_US.UTF-8";
|
|
|
|
|
LC_MEASUREMENT = "en_US.UTF-8";
|
|
|
|
|
LC_MONETARY = "en_US.UTF-8";
|
|
|
|
|
LC_NAME = "en_US.UTF-8";
|
|
|
|
|
LC_NUMERIC = "en_US.UTF-8";
|
|
|
|
|
LC_PAPER = "en_US.UTF-8";
|
|
|
|
|
LC_TELEPHONE = "en_US.UTF-8";
|
|
|
|
|
LC_TIME = "en_US.UTF-8";
|
|
|
|
|
};
|
|
|
|
|
|
2023-08-02 23:20:31 -04:00
|
|
|
|
services = {
|
2023-11-14 23:15:29 -05:00
|
|
|
|
cron = {
|
|
|
|
|
enable = true;
|
|
|
|
|
systemCronJobs = [
|
|
|
|
|
# Clean logs older than 2d
|
|
|
|
|
"0 20 * * * root journalctl --vacuum-time=2d"
|
|
|
|
|
];
|
|
|
|
|
};
|
2023-08-02 23:20:31 -04:00
|
|
|
|
openssh = {
|
|
|
|
|
enable = true;
|
|
|
|
|
settings = {
|
|
|
|
|
PasswordAuthentication = false;
|
|
|
|
|
KbdInteractiveAuthentication = false;
|
2023-12-13 21:03:02 -05:00
|
|
|
|
PermitRootLogin = "no";
|
2023-08-02 23:20:31 -04:00
|
|
|
|
};
|
|
|
|
|
allowSFTP = false; # Don't set this if you need sftp
|
|
|
|
|
extraConfig = ''
|
|
|
|
|
AllowTcpForwarding yes
|
|
|
|
|
X11Forwarding no
|
|
|
|
|
AllowAgentForwarding no
|
|
|
|
|
AllowStreamLocalForwarding no
|
|
|
|
|
AuthenticationMethods publickey
|
|
|
|
|
'';
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
# Define a user account. Don't forget to set a password with ‘passwd’
|
2023-07-31 00:21:32 -04:00
|
|
|
|
users.users.${user.name} = {
|
|
|
|
|
isNormalUser = true;
|
|
|
|
|
extraGroups = [ "networkmanager" "wheel" ];
|
2023-08-02 23:20:31 -04:00
|
|
|
|
initialPassword = "hunter2";
|
2023-09-13 22:34:02 -04:00
|
|
|
|
packages = with pkgs; [
|
|
|
|
|
eva
|
2023-11-03 23:27:43 -04:00
|
|
|
|
gotop
|
|
|
|
|
links2
|
2023-09-13 22:34:02 -04:00
|
|
|
|
nix-du
|
|
|
|
|
nmap
|
|
|
|
|
ranger
|
|
|
|
|
];
|
2023-07-31 00:21:32 -04:00
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
programs = {
|
|
|
|
|
mtr.enable = true;
|
|
|
|
|
gnupg.agent = {
|
|
|
|
|
enable = true;
|
|
|
|
|
enableSSHSupport = true;
|
|
|
|
|
};
|
2023-08-02 23:20:31 -04:00
|
|
|
|
git = {
|
|
|
|
|
enable = true;
|
|
|
|
|
};
|
2023-07-31 00:21:32 -04:00
|
|
|
|
neovim = {
|
|
|
|
|
enable = true;
|
|
|
|
|
defaultEditor = true;
|
|
|
|
|
viAlias = true;
|
|
|
|
|
vimAlias = true;
|
|
|
|
|
};
|
|
|
|
|
tmux = {
|
|
|
|
|
enable = true;
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
2023-08-02 23:20:31 -04:00
|
|
|
|
# List packages installed in system profile. To search, run:
|
|
|
|
|
# $ nix search wget
|
|
|
|
|
environment = {
|
|
|
|
|
defaultPackages = with pkgs; [
|
|
|
|
|
perl
|
|
|
|
|
rsync
|
|
|
|
|
strace
|
|
|
|
|
];
|
|
|
|
|
systemPackages = with pkgs; [
|
|
|
|
|
curl
|
|
|
|
|
wget
|
|
|
|
|
];
|
2023-07-31 00:21:32 -04:00
|
|
|
|
};
|
|
|
|
|
system = {
|
2024-01-15 01:07:28 -05:00
|
|
|
|
autoUpgrade = {
|
|
|
|
|
enable = true;
|
|
|
|
|
allowReboot = false;
|
|
|
|
|
flake = "https://git.sdf.org/${user.long}/confix.git";
|
|
|
|
|
flags = [
|
|
|
|
|
"--update-input"
|
|
|
|
|
"nixpkgs"
|
|
|
|
|
"--commit-lockfile"
|
|
|
|
|
];
|
|
|
|
|
};
|
2023-07-31 00:21:32 -04:00
|
|
|
|
stateVersion = "22.11";
|
|
|
|
|
};
|
|
|
|
|
}
|