]> Git — Sourcephile - julm/julm-nix.git/blob - machines/oignon.nix
init
[julm/julm-nix.git] / machines / oignon.nix
1 { config, pkgs, inputs, machineName, ... }:
2 let
3 inherit (config.users) users;
4 in
5 {
6 imports = [
7 oignon/hardware.nix
8 ];
9
10 users.mutableUsers = false;
11 users.users.julm = {
12 isNormalUser = true;
13 uid = 1000;
14 # Put the hashedPassword in /nix/store, but it will also be in /etc/passwd
15 # which is already world readable.
16 hashedPassword = builtins.readFile ../secrets/julm/hashedPassword;
17 extraGroups = [
18 "wheel"
19 "networkmanager"
20 #"vboxusers"
21 ];
22 # If created, zfs-mount.service would require:
23 # zfs set overlay=yes ${machineName}/home
24 createHome = false;
25 };
26
27 nix = {
28 extraOptions = ''
29 auto-optimise-store = true
30 '';
31 gc = {
32 automatic = true;
33 dates = "weekly";
34 options = "--delete-older-than 7d";
35 };
36 nixPath = [
37 "nixpkgs=/etc/nixpkgs"
38 "nixpkgs-overlays=/etc/nixpkgs-overlays/overlays.nix"
39 ];
40 trustedUsers = [ users.julm.name ];
41 };
42 environment.etc."nixpkgs".source = pkgs.path;
43 environment.etc."nixpkgs-overlays".source = inputs.self + "/nixpkgs";
44
45 nixpkgs.config = {
46 allowUnfree = false;
47 };
48
49 time.timeZone = "Europe/Paris";
50 i18n.defaultLocale = "fr_FR.UTF-8";
51 console.font = "Lat2-Terminus16";
52 console.keyMap = "fr";
53
54 networking = {
55 hostName = machineName;
56 domain = "localdomain";
57 networkmanager = {
58 enable = true;
59 #dhcp = "dhcpcd";
60 logLevel = "INFO";
61 wifi = {
62 #backend = "iwd";
63 #backend = "wpa_supplicant";
64 powersave = false;
65 };
66 };
67 firewall = {
68 enable = true;
69 };
70 };
71
72 sound.enable = true;
73 hardware.pulseaudio.enable = true;
74
75 environment.variables = {
76 EDITOR = "gvim";
77 PAGER = "less -R";
78 SYSTEMD_LESS = "FKMRX";
79 };
80 environment.systemPackages = with pkgs; [
81 acpi
82 binutils
83 bmon
84 coreutils
85 cryptsetup
86 curl
87 direnv
88 dstat
89 e2fsprogs
90 file
91 glib # gio
92 gvfs
93 gnumake
94 gnupg
95 gparted
96 hicolor-icon-theme
97 home-manager
98 htop
99 less
100 libfaketime
101 lsof
102 man
103 miniupnpc
104 mosh
105 ncdu
106 ncurses
107 nmon
108 ntfs3g
109 pasystray
110 pavucontrol
111 pciutils
112 powertop
113 procps
114 python
115 sudo
116 tig
117 tmux
118 tree
119 utillinux
120 vim
121 wget
122 which
123 xdg_utils
124 xsel
125 zfs
126 ];
127
128 programs = {
129 bash = {
130 interactiveShellInit = ''
131 bind '"\e[A":history-search-backward'
132 bind '"\e[B":history-search-forward'
133
134 # Ignore duplicate commands, ignore commands starting with a space
135 export HISTCONTROL=erasedups:ignorespace
136 export HISTSIZE=42000
137 # Append to the history instead of overwriting (good for multiple connections)
138 shopt -s histappend
139 fan () {
140 if [ $# -gt 0 ]
141 then sudo tee /proc/acpi/ibm/fan <<<"level $1"
142 else grep '^\(level\|speed\):' /proc/acpi/ibm/fan
143 fi
144 acpi -t
145 }
146 '';
147 shellAliases = {
148 cl = "clear";
149 l = "ls -alh";
150 ll = "ls -al";
151 ls = "ls --color=tty";
152 mem = "ps -e -orss=,user=,args= | sort -b -k1,1n";
153
154 s="sudo systemctl";
155 st="sudo systemctl status";
156 s-u="systemctl --user";
157 j="sudo journalctl -u";
158
159 nix-clean="sudo nix-collect-garbage -d";
160 nix-catalog="sudo nix-channel --list";
161 nix-history="sudo nix-env --list-generations --profile /nix/var/nix/profiles/system";
162 nix-rollback="sudo nixos-rebuild switch --rollback";
163 nix-update="sudo nix-channel --update";
164 nix-upgrade="sudo nixos-rebuild switch";
165 nix-upstream="sudo nix-channel --list";
166 nix-config="gvim ~/.config/nixos/*.nix";
167 };
168 };
169 dconf.enable = true;
170 gnupg.agent = {
171 enable = true;
172 enableSSHSupport = true;
173 };
174 mtr.enable = true;
175 };
176
177 services = {
178 avahi = {
179 enable = true;
180 nssmdns = true;
181 };
182 dbus = {
183 packages = [ pkgs.gnome3.dconf ];
184 };
185 gvfs = {
186 enable = true;
187 };
188 journald = {
189 extraConfig = ''
190 Compress=true
191 MaxRetentionSec=1month
192 Storage=persistent
193 SystemMaxUse=100M
194 '';
195 };
196 physlock = {
197 enable = true;
198 allowAnyUser = true;
199 # NOTE: xfconf-query -c xfce4-session -p /general/LockCommand -s "physlock" --create -t string
200 };
201 printing = {
202 enable = true;
203 drivers = [
204 pkgs.gutenprint
205 pkgs.hplip
206 ];
207 };
208 sanoid = {
209 enable = true;
210 extraArgs = [ "--verbose" ];
211 datasets = {
212 "${machineName}/home" = {
213 autosnap = true;
214 autoprune = true;
215 hourly = 12;
216 daily = 7;
217 monthly = 0;
218 yearly = 0;
219 recursive = true;
220 };
221 "${machineName}/var" = {
222 autosnap = true;
223 autoprune = true;
224 hourly = 12;
225 daily = 7;
226 monthly = 0;
227 yearly = 0;
228 recursive = true;
229 };
230 };
231 };
232 xserver = {
233 enable = true;
234 layout = "fr";
235 xkbOptions = "eurosign:e";
236 libinput.enable = true;
237 desktopManager = {
238 session = [
239 # Let the session be generated by home-manager
240 { name = "home-manager";
241 start = ''
242 ${pkgs.runtimeShell} $HOME/.hm-xsession &
243 waitPID=$!
244 '';
245 }
246 ];
247 xfce = {
248 enable = false;
249 /*
250 thunarPlugins = [
251 pkgs.xfce.thunar-archive-plugin
252 ];
253 */
254 };
255 xterm.enable = false;
256 };
257 displayManager = {
258 defaultSession = "home-manager";
259 #defaultSession = "none+xmonad";
260 autoLogin = {
261 enable = true;
262 user = users.julm.name;
263 };
264 };
265 };
266 };
267
268 #virtualisation.virtualbox.host.enable = true;
269
270 # This value determines the NixOS release with which your system is to be
271 # compatible, in order to avoid breaking some software such as database
272 # servers. You should change this only after NixOS release notes say you should.
273 system.stateVersion = "20.09"; # Did you read the comment?
274 }