1 { pkgs, lib, config, ... }:
3 inherit (config) networking;
4 inherit (config.security) gnupg;
7 # This value determines the NixOS release with which your system is to be
8 # compatible, in order to avoid breaking some software such as database servers.
9 # You should change this only after NixOS release notes say you should.
10 system.stateVersion = "19.09"; # Did you read the comment?
12 # Avoid the use of systemd-run --user --scope tmux
13 # and let mosh work smoothly.
14 services.logind.killUserProcesses = false;
16 nix.gc.dates = "weekly";
17 nix.gc.options = "--delete-older-than 7d";
19 secret-key-files = ${gnupg.secrets."nix/binary-cache-key/1".path}
21 security.gnupg.secrets."nix/binary-cache-key/1" = {
23 before = [ "nix-daemon.service" ];
24 wantedBy = [ "nix-daemon.service" ];
28 documentation.nixos = {
29 enable = false; # NOTE: useless on a server, and CPU intensive.
33 # Rotate the consoles anti-clockwise.
37 environment.systemPackages = with pkgs; [
53 #iptables-nftables-compat