diff options
Diffstat (limited to '')
-rw-r--r-- | common/cachix.nix | 13 | ||||
-rw-r--r-- | common/cachix/nix-community.nix | 11 | ||||
-rw-r--r-- | common/cachix/veloren-nix.nix | 12 | ||||
-rw-r--r-- | common/common.nix | 16 | ||||
-rw-r--r-- | common/desktop.nix | 62 | ||||
-rw-r--r-- | common/headless.nix (renamed from common/default.nix) | 24 |
6 files changed, 120 insertions, 18 deletions
diff --git a/common/cachix.nix b/common/cachix.nix new file mode 100644 index 0000000..88b2f08 --- /dev/null +++ b/common/cachix.nix @@ -0,0 +1,13 @@ + +# WARN: this file will get overwritten by $ cachix use <name> +{ pkgs, lib, ... }: + +let + folder = ./cachix; + toImport = name: value: folder + ("/" + name); + filterCaches = key: value: value == "regular" && lib.hasSuffix ".nix" key; + imports = lib.mapAttrsToList toImport (lib.filterAttrs filterCaches (builtins.readDir folder)); +in { + inherit imports; + nix.binaryCaches = ["https://cache.nixos.org/"]; +} diff --git a/common/cachix/nix-community.nix b/common/cachix/nix-community.nix new file mode 100644 index 0000000..427a518 --- /dev/null +++ b/common/cachix/nix-community.nix @@ -0,0 +1,11 @@ + +{ + nix = { + binaryCaches = [ + "https://nix-community.cachix.org" + ]; + binaryCachePublicKeys = [ + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + ]; + }; +} diff --git a/common/cachix/veloren-nix.nix b/common/cachix/veloren-nix.nix new file mode 100644 index 0000000..37fb947 --- /dev/null +++ b/common/cachix/veloren-nix.nix @@ -0,0 +1,12 @@ + +{ + nix = { + binaryCaches = [ + "https://veloren-nix.cachix.org" + ]; + binaryCachePublicKeys = [ + "veloren-nix.cachix.org-1:zokfKJqVsNV6kI/oJdLF6TYBdNPYGSb+diMVQPn/5Rc=" + ]; + }; +} +
\ No newline at end of file diff --git a/common/common.nix b/common/common.nix new file mode 100644 index 0000000..b0aeb26 --- /dev/null +++ b/common/common.nix @@ -0,0 +1,16 @@ +{ config, lib, pkgs, ... }: + +{ + + services.journald.extraConfig = "MaxRetentionSec=48h"; + + + i18n.defaultLocale = "en_US.UTF-8"; + time.timeZone = "Europe/Amsterdam"; + + environment.systemPackages = with pkgs; [ + wget vim htop dnsutils inetutils iftop manpages + ]; + + +} diff --git a/common/desktop.nix b/common/desktop.nix new file mode 100644 index 0000000..eb94b6e --- /dev/null +++ b/common/desktop.nix @@ -0,0 +1,62 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ + ./common.nix + ./cachix.nix + ]; + + nix.package = pkgs.nix_2_4; + nix.extraOptions = '' + netrc-file = /home/stuebinm/Dokumente/.netrc + experimental-features = nix-command flakes + ''; + + virtualisation.podman.enable = true; + + # Select internationalisation properties. + console = { + font = "Lat2-Terminus16"; + keyMap = "de"; + }; + + # Enable CUPS to print documents. + services.printing = { + enable = true; + drivers = [ pkgs.epson-escpr2 pkgs.epson-escpr ]; + }; + + + # Enable sound. + sound.enable = true; + hardware.pulseaudio.enable = true; + + # Enable the X11 windowing system. + services.xserver.enable = true; + services.xserver.layout = "de"; + services.xserver.xkbOptions = "eurosign:e,caps:escape"; + + users.mutableUsers = false; + users.defaultUserShell = pkgs.fish; + users.users.stuebinm = { + isNormalUser = true; + extraGroups = [ "docker" "wheel" ]; # Enable ‘sudo’ for the user. + home = "/home/stuebinm"; + hashedPassword = "$6$IULsCnY7HjDHAJWs$05DYuwXsfWWKj6m3KTWCPp5k9HuQikIamNBzn2GihMG8oeEf5c8YkXlwuO6uTnX8ZFmyAQdhXfO5yYNEM/YTm0"; + useDefaultShell = true; + }; + + + services.syncthing = { + enable = true; + user = "stuebinm"; + guiAddress = "syncthing.localhost:3000"; + dataDir = "/home/stuebinm/syncthing"; + configDir = "/home/stuebinm/syncthing/.config/syncthing"; + }; + + networking.hosts = { + "127.0.0.1" = [ "syncthing.localhost" ]; + }; + +} diff --git a/common/default.nix b/common/headless.nix index 1b87571..6c4127e 100644 --- a/common/default.nix +++ b/common/headless.nix @@ -1,32 +1,19 @@ { config, lib, pkgs, ... }: -let - sources = import ../nix/sources.nix; -in { - imports = [ - ../modules - ]; +{ + imports = [ ./common.nix ]; networking.domain = lib.mkDefault "stuebinm.eu"; - - services.journald.extraConfig = "MaxRetentionSec=48h"; + nix.gc = { automatic = lib.mkDefault true; options = lib.mkDefault "--delete-older-than 1w"; }; - - - i18n.defaultLocale = "en_US.UTF-8"; - time.timeZone = "Europe/Amsterdam"; - - environment.systemPackages = with pkgs; [ - wget vim htop dnsutils inetutils iftop manpages - ]; users.users.root.openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCTeuG1alKNNqoT2d5nUAlH0Otsk0NHM7nmkYC5Yfk8qcLsgY4v2dXlyrMzieajYgDjndEApgO3/S/V0EQGhvHc0UugC6LU84jHPwsgYVABRmFS74v/ww8NigaNIAevwWl+DxlnK4nnWdB1lo4xS69ooQdvoAjbubk16dP04LsAbH8Z+3cPB5WKAaayNx62DUwObzDSpztqCagCZzlqpwKG1UGJngrqEhk7B5Q0v9iCk91gqVkLSPllsB00+bqIimgkMVIZnoLLh7pcEgOvbG0yP2EG3ttDNN3jPpqE6mu+znfLq+ua/MwJy5hjmY5R54yPlcvFdsIU34jrdMCDvWqpV49VrLwVvkFN3lRZln/9eifkXXJciP4Ber3xEl8JltysV1PE5iJunWfbcOy0fwsYvBChDeyR5G3CLG2c25jKL9f1Iq95QBBMVYgIxq/dpGy0tjB+24w1JzsorvElsmz5etXLXCydLP07ic9PfSu1Wmwu7F0tweIk52x97sra6ePhtY+TTRffjjDz0DEho1bWDfrPV0xfPPAWXWTKYisVO4VVmMQsJbtXrfxUJbappM5vIXcJ+2JpT2Oh7Kiy3rjm+pd7rukgoCp7yN5z8v+2vuOfHqBuKUwlaRg/XNMyPrbnGGzVR1xzUuhwdOnjAyMmAr95Ne9hRBPwfVo2NR/ZZw==" ]; - + services.openssh = { enable = true; permitRootLogin = "prohibit-password"; @@ -34,7 +21,8 @@ in { }; security.sudo.enable = false; - + + security.acme = { acceptTerms = true; email = "stuebinm@disroot.org"; |