]> Git — Sourcephile - julm/julm-nix.git/blob - hosts/patate.nix
sourcephile / git / julm / julm-nix.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
merge home-manager config
[julm/julm-nix.git] / hosts / patate.nix
1 { config, pkgs, lib, inputs, hostName, ... }:
2 let
3 inherit (config.users) users;
4 in
5 {
6 imports = [
7 ../profiles/dnscrypt-proxy2.nix
8 patate/hardware.nix
9 ];
10
11 users.mutableUsers = false;
12 home-manager.users.julm = {
13 imports = [ ../homes/sevy.nix ];
14 host.name = hostName;
15 host.hardware = ["ThinkPad" "X200"];
16 };
17 systemd.services.home-manager-julm.preStart = ''
18 ${pkgs.home-manager}/bin/home-manager expire-generations "-7 days"
19 '';
20 users.users.sevy = {
21 isNormalUser = true;
22 uid = 1000;
23 # Put the hashedPassword in /nix/store, but it will also be in /etc/passwd
24 # which is already world readable.
25 hashedPassword = lib.readFile ../secrets/sevy/hashedPassword;
26 extraGroups = [
27 "adbusers"
28 "lp"
29 "networkmanager"
30 "scanner"
31 "tor"
32 "video"
33 "wheel"
34 "networkmanager"
35 "vboxusers"
36 ];
37 };
38
39 nix = {
40 extraOptions = ''
41 auto-optimise-store = true
42 '';
43 gc = {
44 automatic = true;
45 dates = "weekly";
46 options = "--delete-older-than 7d";
47 };
48 nixPath = [
49 "nixpkgs=/etc/nixpkgs"
50 "nixpkgs-overlays=/etc/nixpkgs-overlays/overlays.nix"
51 ];
52 trustedUsers = [ users.sevy.name ];
53 };
54 environment.etc."nixpkgs".source = pkgs.path;
55 environment.etc."nixpkgs-overlays".source = inputs.self + "/nixpkgs";
56
57 nixpkgs.config = {
58 allowUnfree = true;
59 };
60
61 time.timeZone = "Europe/Paris";
62 i18n.defaultLocale = "fr_FR.UTF-8";
63 console.font = "Lat2-Terminus16";
64 console.keyMap = "fr";
65
66 networking = {
67 hostName = hostName;
68 domain = "localdomain";
69 networkmanager = {
70 enable = true;
71 #dhcp = "dhcpcd";
72 logLevel = "INFO";
73 wifi = {
74 #backend = "iwd";
75 #backend = "wpa_supplicant";
76 powersave = false;
77 };
78 };
79 firewall = {
80 enable = true;
81 allowedTCPPorts = [
82 51413 # transmission-gtk
83 4662 # edonkey
84 ];
85 allowedUDPPorts = [
86 51413 # transmission-gtk
87 4667 # edonkey
88 4672 # edonkey
89 ];
90 };
91 };
92
93 sound.enable = true;
94 hardware.pulseaudio.enable = true;
95 hardware.sane.enable = true;
96 hardware.sane.extraBackends = [ pkgs.hplipWithPlugin ];
97
98 environment.variables = {
99 EDITOR = "vim -g";
100 PAGER = "less -R";
101 SYSTEMD_LESS = "FKMRX";
102 };
103
104 programs = {
105 bash = {
106 interactiveShellInit = ''
107 bind '"\e[A":history-search-backward'
108 bind '"\e[B":history-search-forward'
109
110 # Ignore duplicate commands, ignore commands starting with a space
111 export HISTCONTROL=erasedups:ignorespace
112 export HISTSIZE=42000
113 # Append to the history instead of overwriting (good for multiple connections)
114 shopt -s histappend
115
116 # Utilities
117 mkcd () { mkdir -p "$1"; cd "$1"; }
118 fan () {
119 if [ $# -gt 0 ]
120 then sudo tee /proc/acpi/ibm/fan <<<"level $1"
121 else grep '^\(level\|speed\):' /proc/acpi/ibm/fan
122 fi
123 acpi -t
124 }
125 '';
126 shellAliases = {
127 cl = "clear";
128 grep = "grep --color";
129 l = "ls -alh";
130 ll = "ls -al";
131 ls = "ls --color=tty";
132 mem = "ps -e -orss=,user=,args= | sort -b -k1,1n";
133
134 s="sudo systemctl";
135 st="sudo systemctl status";
136 u="systemctl --user";
137 j="sudo journalctl -u";
138 jb="sudo journalctl -b";
139
140 nix-history="sudo nix-env --list-generations --profile /nix/var/nix/profiles/system";
141 mv = "mv -i";
142 sshfs = "sshfs -o ServerAliveInterval=15 -o reconnect -f";
143 };
144 };
145 dconf.enable = true;
146 mtr.enable = true;
147 };
148
149 services = {
150 avahi = {
151 enable = true;
152 nssmdns = true;
153 };
154 dbus = {
155 packages = [ pkgs.gnome3.dconf ];
156 };
157 gvfs = {
158 enable = true;
159 };
160 journald = {
161 extraConfig = ''
162 Compress=true
163 MaxRetentionSec=1month
164 Storage=persistent
165 SystemMaxUse=100M
166 '';
167 };
168 physlock = {
169 enable = true;
170 allowAnyUser = true;
171 # NOTE: xfconf-query -c xfce4-session -p /general/LockCommand -s "physlock" --create -t string
172 };
173 printing = {
174 enable = true;
175 drivers = [
176 pkgs.gutenprint
177 pkgs.hplip
178 ];
179 };
180 sanoid = {
181 enable = true;
182 extraArgs = [ "--verbose" ];
183 datasets = {
184 "${hostName}/home/documents" = {
185 autosnap = true;
186 autoprune = true;
187 hourly = 12;
188 daily = 31;
189 monthly = 0;
190 yearly = 0;
191 };
192 };
193 };
194 udev = {
195 packages = [
196 # Allow members of the "adbusers" group to mount Android devices via MTP
197 pkgs.android-udev-rules
198 ];
199 };
200 xserver = {
201 enable = true;
202 layout = "fr";
203 xkbOptions = "eurosign:e";
204 libinput.enable = true;
205
206 displayManager = {
207 defaultSession = "xfce";
208 lightdm = {
209 autoLogin = {
210 enable = true;
211 user = users.sevy.name;
212 };
213 };
214 };
215 desktopManager = {
216 xfce = {
217 enable = true;
218 thunarPlugins = [
219 pkgs.xfce.thunar-archive-plugin
220 ];
221 };
222 xterm.enable = false;
223 };
224 };
225 };
226
227 virtualisation.virtualbox.host.enable = true;
228
229 # This value determines the NixOS release with which your system is to be
230 # compatible, in order to avoid breaking some software such as database
231 # servers. You should change this only after NixOS release notes say you should.
232 system.stateVersion = "20.03"; # Did you read the comment?
233 }
julm's NixOS and home-manager configs