1 { config, pkgs, lib, inputs, private, hostName, ... }:
3 inherit (config.users) users;
4 inherit (config.services) davfs2;
8 ../profiles/dnscrypt-proxy2.nix
9 ../profiles/security.nix
17 home-manager.users.julm = {
18 imports = [ ../homes/julm.nix ];
20 host.hardware = ["ThinkPad" "X201"];
22 systemd.services.home-manager-julm.postStart = ''
23 ${pkgs.nix}/bin/nix-env --delete-generations +1 --profile /nix/var/nix/profiles/per-user/julm/home-manager
25 users.mutableUsers = false;
29 # Put the hashedPassword in /nix/store, but it will also be in /etc/passwd
30 # which is already world readable.
31 hashedPassword = lib.readFile ../private/world/julm/hashedPassword;
44 # If created, zfs-mount.service would require:
45 # zfs set overlay=yes ${hostName}/home
51 auto-optimise-store = true
52 secret-key-files = ${private}/${hostName}/nix/binary-cache/priv.pem
57 options = "--delete-older-than 7d";
60 "nixpkgs=/etc/nixpkgs"
61 "nixpkgs-overlays=/etc/nixpkgs-overlays/overlays.nix"
63 trustedUsers = [ users.julm.name ];
64 binaryCaches = [ "https://nix-localcache.sourcephile.fr" ];
65 binaryCachePublicKeys = [ "losurdo.sourcephile.fr-1:XGeaIE2AA2mZskSZ5bIDrfx53q+TDDWJOUEpZDX7los=" ];
69 keys = [ (lib.readFile ../private/world/julm/losurdo/ssh.pub) ];
71 users.users.julm.openssh.authorizedKeys.keys = [
72 (lib.readFile ../private/world/julm/losurdo/ssh.pub)
74 services.openssh.openFirewall = false;
75 services.openssh.forwardX11 = true;
76 services.openssh.passwordAuthentication = false;
78 nixpkgs.config.allowUnfree = true;
79 environment.etc."nixpkgs".source = pkgs.path;
80 environment.etc."nixpkgs-overlays".source = inputs.self + "/nixpkgs";
82 documentation.nixos.enable = true;
83 time.timeZone = "Europe/Paris";
84 i18n.defaultLocale = "fr_FR.UTF-8";
85 console.font = "Lat2-Terminus16";
86 console.keyMap = "fr";
90 domain = "localdomain";
91 search = [ "sourcephile.fr" ];
98 #backend = "wpa_supplicant";
109 hardware.pulseaudio.enable = true;
110 hardware.sane.enable = true;
111 hardware.sane.extraBackends = [ pkgs.hplipWithPlugin ];
113 environment.variables = {
116 SYSTEMD_LESS = "FKMRX";
118 environment.systemPackages = [
125 interactiveShellInit = ''
126 bind '"\e[A":history-search-backward'
127 bind '"\e[B":history-search-forward'
129 # Ignore duplicate commands, ignore commands starting with a space
130 export HISTCONTROL=erasedups:ignorespace
131 export HISTSIZE=42000
132 # Append to the history instead of overwriting (good for multiple connections)
136 mkcd () { mkdir -p "$1"; cd "$1"; }
139 then sudo tee /proc/acpi/ibm/fan <<<"level $1"
140 else grep '^\(level\|speed\):' /proc/acpi/ibm/fan
147 grep = "grep --color";
150 ls = "ls --color=tty";
151 mem = "ps -e -orss=,user=,args= | sort -b -k1,1n";
154 st="sudo systemctl status";
155 u="systemctl --user";
156 j="sudo journalctl -u";
157 jb="sudo journalctl -b";
159 nix-history="sudo nix-env --list-generations --profile /nix/var/nix/profiles/system";
161 sshfs = "sshfs -o ServerAliveInterval=15 -o reconnect -f";
171 openFirewall = false;
181 fileSystems."/home/julm/mnt/ilico/severine" = {
182 device = "https://nuage.ilico.org/remote.php/dav/files/severine/";
185 let conf = pkgs.writeText "davfs2.conf" ''
186 backup_dir /home/julm/documents/backup/ilico/severine
187 cache_dir /home/julm/.cache/davfs2/ilico/severine
189 [ "conf=${conf}" "user" "noexec" "nosuid" "noauto" ]; # "x-systemd.automount"
192 packages = [ pkgs.gnome3.dconf ];
199 defaultMode = "online";
202 localDiscovery = false;
204 Datastore.StorageMax = "10GB";
205 Discovery.MDNS.Enabled = false;
208 #Swarm.AddrFilters = null;
210 startWhenNeeded = true;
212 services.journald = {
215 MaxRetentionSec=1month
220 services.printing = {
229 # Allow members of the "adbusers" group to mount Android devices via MTP
230 pkgs.android-udev-rules
236 xkbOptions = "eurosign:e";
237 libinput.enable = true;
240 # Let the session be generated by home-manager
241 { name = "home-manager";
243 ${pkgs.runtimeShell} $HOME/.hm-xsession &
250 defaultSession = "home-manager";
251 #defaultSession = "none+xmonad";
254 user = users.julm.name;
259 systemd.coredump.enable = true;
260 #environment.enableDebugInfo = true;
262 # This value determines the NixOS release with which your system is to be
263 # compatible, in order to avoid breaking some software such as database
264 # servers. You should change this only after NixOS release notes say you should.
265 system.stateVersion = "20.09"; # Did you read the comment?