]> Git — Sourcephile - julm/julm-nix.git/blob - machines/oignon.nix
sourcephile / git / julm / julm-nix.git / blob
? search:


2d323029ed50e300af2fd64747d894ac554b9cca
[julm/julm-nix.git] / machines / oignon.nix
1 { config, pkgs, inputs, machineName, ... }:
2 let
3 inherit (config.users) users;
4 in
5 {
6 imports = [
7 oignon/hardware.nix
8 ];
9
10 users.mutableUsers = false;
11 users.users.julm = {
12 isNormalUser = true;
13 uid = 1000;
14 # Put the hashedPassword in /nix/store, but it will also be in /etc/passwd
15 # which is already world readable.
16 hashedPassword = builtins.readFile ../secrets/julm/hashedPassword;
17 extraGroups = [
18 "wheel"
19 "networkmanager"
20 "video"
21 #"vboxusers"
22 ];
23 # If created, zfs-mount.service would require:
24 # zfs set overlay=yes ${machineName}/home
25 createHome = false;
26 };
27
28 nix = {
29 extraOptions = ''
30 auto-optimise-store = true
31 '';
32 gc = {
33 automatic = true;
34 dates = "weekly";
35 options = "--delete-older-than 7d";
36 };
37 nixPath = [
38 "nixpkgs=/etc/nixpkgs"
39 "nixpkgs-overlays=/etc/nixpkgs-overlays/overlays.nix"
40 ];
41 trustedUsers = [ users.julm.name ];
42 };
43 environment.etc."nixpkgs".source = pkgs.path;
44 environment.etc."nixpkgs-overlays".source = inputs.self + "/nixpkgs";
45
46 nixpkgs.config = {
47 allowUnfree = false;
48 };
49
50 time.timeZone = "Europe/Paris";
51 i18n.defaultLocale = "fr_FR.UTF-8";
52 console.font = "Lat2-Terminus16";
53 console.keyMap = "fr";
54
55 networking = {
56 hostName = machineName;
57 domain = "localdomain";
58 networkmanager = {
59 enable = true;
60 #dhcp = "dhcpcd";
61 logLevel = "INFO";
62 wifi = {
63 #backend = "iwd";
64 #backend = "wpa_supplicant";
65 powersave = false;
66 };
67 };
68 firewall = {
69 enable = true;
70 };
71 };
72
73 sound.enable = true;
74 hardware.pulseaudio.enable = true;
75
76 environment.variables = {
77 EDITOR = "vim";
78 PAGER = "less -R";
79 SYSTEMD_LESS = "FKMRX";
80 };
81 environment.systemPackages = with pkgs; [
82 acpi
83 binutils
84 bmon
85 coreutils
86 cryptsetup
87 curl
88 direnv
89 dstat
90 e2fsprogs
91 file
92 glib # gio
93 gvfs
94 gnumake
95 gnupg
96 gparted
97 hicolor-icon-theme
98 home-manager
99 htop
100 less
101 libfaketime
102 lsof
103 man
104 miniupnpc
105 mosh
106 ncdu
107 ncurses
108 nmon
109 ntfs3g
110 pasystray
111 pavucontrol
112 pciutils
113 powertop
114 procps
115 python
116 sudo
117 tig
118 tmux
119 tree
120 utillinux
121 vim
122 wget
123 which
124 xdg_utils
125 xsel
126 zfs
127 ];
128
129 programs = {
130 bash = {
131 interactiveShellInit = ''
132 bind '"\e[A":history-search-backward'
133 bind '"\e[B":history-search-forward'
134
135 # Ignore duplicate commands, ignore commands starting with a space
136 export HISTCONTROL=erasedups:ignorespace
137 export HISTSIZE=42000
138 # Append to the history instead of overwriting (good for multiple connections)
139 shopt -s histappend
140
141 # Utilities
142 mkcd () { mkdir -p "$1"; cd "$1"; }
143 '';
144 shellAliases = {
145 cl = "clear";
146 l = "ls -alh";
147 ll = "ls -al";
148 ls = "ls --color=tty";
149 mem = "ps -e -orss=,user=,args= | sort -b -k1,1n";
150
151 s="sudo systemctl";
152 st="sudo systemctl status";
153 s-u="systemctl --user";
154 j="sudo journalctl -u";
155
156 nix-history="sudo nix-env --list-generations --profile /nix/var/nix/profiles/system";
157 };
158 };
159 dconf.enable = true;
160 gnupg.agent = {
161 enable = true;
162 enableSSHSupport = true;
163 };
164 mtr.enable = true;
165 };
166
167 services = {
168 avahi = {
169 enable = true;
170 nssmdns = true;
171 };
172 dbus = {
173 packages = [ pkgs.gnome3.dconf ];
174 };
175 gvfs = {
176 enable = true;
177 };
178 journald = {
179 extraConfig = ''
180 Compress=true
181 MaxRetentionSec=1month
182 Storage=persistent
183 SystemMaxUse=100M
184 '';
185 };
186 physlock = {
187 enable = true;
188 allowAnyUser = true;
189 # NOTE: xfconf-query -c xfce4-session -p /general/LockCommand -s "physlock" --create -t string
190 };
191 printing = {
192 enable = true;
193 drivers = [
194 pkgs.gutenprint
195 pkgs.hplip
196 ];
197 };
198 sanoid = {
199 enable = true;
200 extraArgs = [ "--verbose" ];
201 datasets = {
202 "${machineName}/home" = {
203 autosnap = true;
204 autoprune = true;
205 hourly = 12;
206 daily = 7;
207 monthly = 0;
208 yearly = 0;
209 recursive = true;
210 };
211 "${machineName}/var" = {
212 autosnap = true;
213 autoprune = true;
214 hourly = 12;
215 daily = 7;
216 monthly = 0;
217 yearly = 0;
218 recursive = true;
219 };
220 };
221 };
222 xserver = {
223 enable = true;
224 layout = "fr";
225 xkbOptions = "eurosign:e";
226 libinput.enable = true;
227 desktopManager = {
228 session = [
229 # Let the session be generated by home-manager
230 { name = "home-manager";
231 start = ''
232 ${pkgs.runtimeShell} $HOME/.hm-xsession &
233 waitPID=$!
234 '';
235 }
236 ];
237 xfce = {
238 enable = false;
239 /*
240 thunarPlugins = [
241 pkgs.xfce.thunar-archive-plugin
242 ];
243 */
244 };
245 xterm.enable = false;
246 };
247 displayManager = {
248 defaultSession = "home-manager";
249 #defaultSession = "none+xmonad";
250 autoLogin = {
251 enable = true;
252 user = users.julm.name;
253 };
254 };
255 };
256 };
257
258 #virtualisation.virtualbox.host.enable = true;
259
260 # This value determines the NixOS release with which your system is to be
261 # compatible, in order to avoid breaking some software such as database
262 # servers. You should change this only after NixOS release notes say you should.
263 system.stateVersion = "20.09"; # Did you read the comment?
264 }
julm's NixOS and home-manager configs