]> Git — Sourcephile - julm/julm-nix.git/blob - hosts/oignon.nix
sourcephile / git / julm / julm-nix.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
merge home-manager config
[julm/julm-nix.git] / hosts / oignon.nix
1 { config, pkgs, lib, inputs, hostName, ... }:
2 let inherit (config.users) users; in
3 {
4 imports = [
5 ../profiles/dnscrypt-proxy2.nix
6 oignon/hardware.nix
7 oignon/tor.nix
8 ];
9
10 documentation.nixos.enable = true;
11 users.mutableUsers = false;
12 home-manager.users.julm = {
13 imports = [ ../homes/julm.nix ];
14 host.name = hostName;
15 host.hardware = ["ThinkPad" "X201"];
16 };
17 systemd.services.home-manager-julm.preStart = ''
18 ${pkgs.home-manager}/bin/home-manager expire-generations "-7 days"
19 '';
20 users.users.julm = {
21 isNormalUser = true;
22 uid = 1000;
23 # Put the hashedPassword in /nix/store, but it will also be in /etc/passwd
24 # which is already world readable.
25 hashedPassword = lib.readFile ../secrets/julm/hashedPassword;
26 extraGroups = [
27 "adbusers"
28 "lp"
29 "networkmanager"
30 "scanner"
31 "tor"
32 "video"
33 "wheel"
34 "networkmanager"
35 #"vboxusers"
36 ];
37 # If created, zfs-mount.service would require:
38 # zfs set overlay=yes ${hostName}/home
39 createHome = false;
40 };
41
42 nix = {
43 extraOptions = ''
44 auto-optimise-store = true
45 '';
46 gc = {
47 automatic = true;
48 dates = "weekly";
49 options = "--delete-older-than 7d";
50 };
51 nixPath = [
52 "nixpkgs=/etc/nixpkgs"
53 "nixpkgs-overlays=/etc/nixpkgs-overlays/overlays.nix"
54 ];
55 trustedUsers = [ users.julm.name ];
56 };
57 environment.etc."nixpkgs".source = pkgs.path;
58 environment.etc."nixpkgs-overlays".source = inputs.self + "/nixpkgs";
59
60 nixpkgs.config = {
61 allowUnfree = true;
62 };
63
64 time.timeZone = "Europe/Paris";
65 i18n.defaultLocale = "fr_FR.UTF-8";
66 console.font = "Lat2-Terminus16";
67 console.keyMap = "fr";
68
69 networking = {
70 hostName = hostName;
71 domain = "localdomain";
72 search = [ "sourcephile.fr" ];
73 networkmanager = {
74 enable = true;
75 #dhcp = "dhcpcd";
76 logLevel = "INFO";
77 wifi = {
78 #backend = "iwd";
79 #backend = "wpa_supplicant";
80 powersave = false;
81 };
82 };
83 firewall = {
84 enable = true;
85 };
86 };
87
88 sound.enable = true;
89 hardware.pulseaudio.enable = true;
90 hardware.sane.enable = true;
91 hardware.sane.extraBackends = [ pkgs.hplipWithPlugin ];
92
93 environment.variables = {
94 EDITOR = "vim";
95 PAGER = "less -R";
96 SYSTEMD_LESS = "FKMRX";
97 };
98
99 programs = {
100 bash = {
101 interactiveShellInit = ''
102 bind '"\e[A":history-search-backward'
103 bind '"\e[B":history-search-forward'
104
105 # Ignore duplicate commands, ignore commands starting with a space
106 export HISTCONTROL=erasedups:ignorespace
107 export HISTSIZE=42000
108 # Append to the history instead of overwriting (good for multiple connections)
109 shopt -s histappend
110
111 # Utilities
112 mkcd () { mkdir -p "$1"; cd "$1"; }
113 fan () {
114 if [ $# -gt 0 ]
115 then sudo tee /proc/acpi/ibm/fan <<<"level $1"
116 else grep '^\(level\|speed\):' /proc/acpi/ibm/fan
117 fi
118 acpi -t
119 }
120 '';
121 shellAliases = {
122 cl = "clear";
123 grep = "grep --color";
124 l = "ls -alh";
125 ll = "ls -al";
126 ls = "ls --color=tty";
127 mem = "ps -e -orss=,user=,args= | sort -b -k1,1n";
128
129 s="sudo systemctl";
130 st="sudo systemctl status";
131 u="systemctl --user";
132 j="sudo journalctl -u";
133 jb="sudo journalctl -b";
134
135 nix-history="sudo nix-env --list-generations --profile /nix/var/nix/profiles/system";
136 mv = "mv -i";
137 sshfs = "sshfs -o ServerAliveInterval=15 -o reconnect -f";
138 };
139 };
140 dconf.enable = true;
141 mtr.enable = true;
142 };
143
144 services = {
145 avahi = {
146 enable = true;
147 nssmdns = true;
148 };
149 dbus = {
150 packages = [ pkgs.gnome3.dconf ];
151 };
152 gvfs = {
153 enable = true;
154 };
155 journald = {
156 extraConfig = ''
157 Compress=true
158 MaxRetentionSec=1month
159 Storage=persistent
160 SystemMaxUse=100M
161 '';
162 };
163 printing = {
164 enable = true;
165 drivers = [
166 pkgs.gutenprint
167 pkgs.hplip
168 ];
169 };
170 sanoid = {
171 enable = true;
172 extraArgs = [ "--verbose" ];
173 datasets = {
174 "${hostName}/home" = {
175 autosnap = true;
176 autoprune = true;
177 hourly = 12;
178 daily = 7;
179 monthly = 0;
180 yearly = 0;
181 recursive = true;
182 };
183 "${hostName}/var" = {
184 autosnap = true;
185 autoprune = true;
186 hourly = 12;
187 daily = 7;
188 monthly = 0;
189 yearly = 0;
190 recursive = true;
191 };
192 };
193 };
194 udev = {
195 packages = [
196 # Allow members of the "adbusers" group to mount Android devices via MTP
197 pkgs.android-udev-rules
198 ];
199 };
200 xserver = {
201 enable = true;
202 layout = "fr";
203 xkbOptions = "eurosign:e";
204 libinput.enable = true;
205 desktopManager = {
206 session = [
207 # Let the session be generated by home-manager
208 { name = "home-manager";
209 start = ''
210 ${pkgs.runtimeShell} $HOME/.hm-xsession &
211 waitPID=$!
212 '';
213 }
214 ];
215 };
216 displayManager = {
217 defaultSession = "home-manager";
218 #defaultSession = "none+xmonad";
219 autoLogin = {
220 enable = true;
221 user = users.julm.name;
222 };
223 };
224 };
225 };
226
227 # This value determines the NixOS release with which your system is to be
228 # compatible, in order to avoid breaking some software such as database
229 # servers. You should change this only after NixOS release notes say you should.
230 system.stateVersion = "20.09"; # Did you read the comment?
231 }
julm's NixOS and home-manager configs