]> Git — Sourcephile - sourcephile-nix.git/blob - defaults.nix
nix: remove upstreamed PR patches
[sourcephile-nix.git] / defaults.nix
1 { pkgs, lib, config, ... }:
2 let inherit (lib) types;
3 in
4 {
5 imports = [
6 ./modules.nix
7 defaults/predictable-interface-names.nix
8 ];
9
10 nix = {
11 #binaryCaches = lib.mkForce [];
12 extraOptions = ''
13 '';
14 # Use gc.automatic to keep disk space under control.
15 gc = {
16 automatic = true;
17 dates = "weekly";
18 options = "--delete-older-than 30d";
19 };
20 nixPath = [
21 # WARNING: this is a hack to avoid copying Nixpkgs
22 # a second time into the Nix store.
23 # It makes only sense when Nixpkgs is already in the Nix store,
24 # and is registered.
25 "nixpkgs=${toString pkgs.path}"
26 ];
27 };
28
29 nixpkgs = {
30 config = {
31 allowUnfree = false;
32 /*
33 packageOverrides = pkgs: {
34 postfix = pkgs.postfix.override {
35 withLDAP = true;
36 };
37 };
38 */
39 };
40 overlays = import ./overlays.nix;
41 };
42
43 documentation.nixos = {
44 enable = false; # NOTE: useless on a server, and CPU intensive.
45 };
46
47 time = {
48 timeZone = "Europe/Paris";
49 };
50
51 i18n = {
52 defaultLocale = "fr_FR.UTF-8";
53 };
54
55 console = {
56 font = "Lat2-Terminus16";
57 keyMap = "fr";
58 };
59
60 # Always try to start all the units (default.target)
61 # because systemd's emergency shell does not try to start sshd.
62 # https://wiki.archlinux.org/index.php/systemd#Disable_emergency_mode_on_remote_machine
63 systemd.enableEmergencyMode = false;
64
65 # This is a remote headless server: always reboot on a kernel panic,
66 # to not have to physically go power cycle the apu2e4.
67 # Which happens if the wrong ZFS password is used
68 # but the boot is manually forced to continue.
69 # Using kernelParams instead of kernel.sysctl
70 # sets this up as soon as the initrd.
71 boot.kernelParams = [ "panic=10" ];
72
73 boot.cleanTmpDir = true;
74 boot.tmpOnTmpfs = true;
75
76 services = {
77 openssh = {
78 enable = true;
79 passwordAuthentication = false;
80 extraConfig = ''
81 '';
82 };
83 journald = {
84 extraConfig = ''
85 SystemMaxUse=50M
86 '';
87 };
88 };
89
90 environment = {
91 #checkConfigurationOptions = false;
92 #etc.nixpkgs.source = (pkgs.runCommandLocal "pkgs.path" {propagatedBuildInputs=[pkgs.path]; buildInputs=[pkgs.path];} "mkdir $out");
93 systemPackages = with pkgs; [
94 pkgs.path # WARNING: this is a hack to register the path to Nixpkgs. See nix.nixPath.
95 binutils
96 #dnsutils
97 dstat
98 htop
99 inetutils
100 iotop
101 lsof
102 mailutils
103 multitail
104 ncdu
105 pv
106 swaplist
107 tcpdump
108 tmux
109 tree
110 vim
111 which
112 linuxPackages.cpupower
113 ];
114
115 etc."inputrc".text = lib.readFile defaults/readline/inputrc;
116 };
117
118 programs = {
119 bash = {
120 interactiveShellInit = ''
121 bind '"\e[A":history-search-backward'
122 bind '"\e[B":history-search-forward'
123
124 # Ignore duplicate commands, ignore commands starting with a space
125 export HISTCONTROL=erasedups:ignorespace
126 export HISTSIZE=42000
127
128 # Append to the history instead of overwriting (good for multiple connections)
129 shopt -s histappend
130
131 # Enable ** file pattern
132 shopt -s globstar
133
134 # Convenient mkdir wrapper
135 mkcd() { mkdir -p "$1" && cd "$1"; }
136 '';
137 shellAliases = {
138 cl = "clear";
139 l = "ls -alh";
140 ll = "ls -al";
141 ls = "ls --color=tty";
142 mem = "ps -e -orss=,user=,args= | sort -b -k1,1n";
143
144 s="sudo systemctl";
145 s-u="systemctl --user";
146
147 nixos-clean="sudo nix-collect-garbage -d";
148 nixos-history="sudo nix-env --list-generations --profile /nix/var/nix/profiles/system";
149 nixos-rollback="sudo nixos-rebuild switch --rollback";
150 nixos-update="sudo nix-channel --update";
151 nixos-upgrade="sudo nixos-rebuild switch";
152 nixos-upstream="sudo nix-channel --list";
153 };
154 };
155 gnupg = {
156 agent = {
157 pinentryFlavor = "curses";
158 };
159 };
160 mosh.enable = true;
161 mtr.enable = true;
162 };
163 }