1 { config, pkgs, lib, inputs, hostName, ... }:
2 let inherit (config.users) users; in
5 ../profiles/dnscrypt-proxy2.nix
6 ../profiles/security.nix
12 home-manager.users.sevy = {
13 imports = [ ../homes/sevy.nix ];
15 host.hardware = ["ThinkPad" "X200"];
17 systemd.services.home-manager-julm.postStart = ''
18 ${pkgs.nix}/bin/nix-env --delete-generations +1 --profile /nix/var/nix/profiles/per-user/sevy/home-manager
20 security.lockKernelModules = false;
21 users.mutableUsers = false;
25 # Put the hashedPassword in /nix/store, but it will also be in /etc/passwd
26 # which is already world readable.
27 hashedPassword = lib.readFile ../private/world/sevy/hashedPassword;
30 config.services.davfs2.davGroup
45 autoOptimiseStore = true;
49 options = "--delete-older-than 7d";
52 "nixpkgs=/etc/nixpkgs"
53 "nixpkgs-overlays=/etc/nixpkgs-overlays/overlays.nix"
55 trustedUsers = [ users.sevy.name ];
57 "https://nix-localcache.sourcephile.fr"
58 #"ssh://nix-ssh@192.168.0.115" # FIXME: use wireguard
60 binaryCachePublicKeys = [
61 "losurdo.sourcephile.fr-1:XGeaIE2AA2mZskSZ5bIDrfx53q+TDDWJOUEpZDX7los="
62 "oignon.sourcephile.fr:slxL7XLsGXlD1r6gvw1imL5uQntW0TTlQgGQt3LBJgQ="
65 services.openssh.passwordAuthentication = false;
70 environment.etc."nixpkgs".source = pkgs.path;
71 environment.etc."nixpkgs-overlays".source = inputs.self + "/nixpkgs";
73 documentation.nixos.enable = true;
74 time.timeZone = "Europe/Paris";
75 i18n.defaultLocale = "fr_FR.UTF-8";
76 console.font = "Lat2-Terminus16";
77 console.keyMap = "fr";
81 domain = "localdomain";
88 #backend = "wpa_supplicant";
96 51413 # transmission-gtk
100 51413 # transmission-gtk
108 hardware.pulseaudio.enable = true;
109 hardware.sane.enable = true;
110 hardware.sane.extraBackends = [ pkgs.hplipWithPlugin ];
112 environment.variables = {
115 SYSTEMD_LESS = "FKMRX";
120 interactiveShellInit = ''
121 bind '"\e[A":history-search-backward'
122 bind '"\e[B":history-search-forward'
124 # Ignore duplicate commands, ignore commands starting with a space
125 export HISTCONTROL=erasedups:ignorespace
126 export HISTSIZE=42000
127 # Append to the history instead of overwriting (good for multiple connections)
131 mkcd () { mkdir -p "$1"; cd "$1"; }
134 then sudo tee /proc/acpi/ibm/fan <<<"level $1"
135 else grep '^\(level\|speed\):' /proc/acpi/ibm/fan
142 grep = "grep --color";
145 ls = "ls --color=tty";
146 mem = "ps -e -orss=,user=,args= | sort -b -k1,1n";
149 st="sudo systemctl status";
150 u="systemctl --user";
151 j="sudo journalctl -u";
152 jb="sudo journalctl -b";
154 nix-history="sudo nix-env --list-generations --profile /nix/var/nix/profiles/system";
156 sshfs = "sshfs -o ServerAliveInterval=15 -o reconnect -f";
166 openFirewall = false;
176 fileSystems."/home/sevy/mnt/ilico/severine" = {
177 device = "https://nuage.ilico.org/remote.php/dav/files/severine/";
180 let conf = pkgs.writeText "davfs2.conf" ''
181 backup_dir /home/sevy/Documents/EnTransfert/ilico/severine
182 cache_dir /home/sevy/.cache/davfs2/ilico/severine
184 [ "conf=${conf}" "user" "noexec" "nosuid" "noauto" ]; # "x-systemd.automount"
187 packages = [ pkgs.gnome3.dconf ];
192 services.journald = {
195 MaxRetentionSec=1month
200 services.physlock = {
203 # NOTE: xfconf-query -c xfce4-session -p /general/LockCommand -s "physlock" --create -t string
205 services.printing = {
214 # Allow members of the "adbusers" group to mount Android devices via MTP
215 pkgs.android-udev-rules
221 xkbOptions = "eurosign:e";
222 libinput.enable = true;
227 #pkgs.xfce.thunar-archive-plugin
230 xterm.enable = false;
233 defaultSession = "xfce";
236 user = users.sevy.name;
241 virtualisation.virtualbox.host.enable = true;
243 # This value determines the NixOS release with which your system is to be
244 # compatible, in order to avoid breaking some software such as database
245 # servers. You should change this only after NixOS release notes say you should.
246 system.stateVersion = "20.03"; # Did you read the comment?