]> Git — Sourcephile - sourcephile-nix.git/blob - nixos/defaults.nix
nix: update to latest nixpkgs
[sourcephile-nix.git] / nixos / defaults.nix
1 { inputs, pkgs, lib, config, ... }:
2 let inherit (lib) types;
3 inherit (config.networking) hostName domain;
4 in
5 {
6 imports = [
7 ./modules.nix
8 defaults/predictable-interface-names.nix
9 ];
10 nix = {
11 #binaryCaches = lib.mkForce [];
12 extraOptions = ''
13 '';
14 # Use gc.automatic to keep disk space under control.
15 gc = {
16 automatic = lib.mkDefault true;
17 dates = lib.mkDefault "weekly";
18 options = lib.mkDefault "--delete-older-than 30d";
19 };
20 nixPath = [
21 # WARNING: this is a hack to avoid copying Nixpkgs
22 # a second time into the Nix store.
23 # It makes only sense when Nixpkgs is already in the Nix store,
24 # and is registered.
25 "nixpkgs=/etc/nixpkgs:nixpkgs-overlays=/etc/nixpkgs-overlays/overlays.nix"
26 ];
27 };
28 environment.etc."nixpkgs".source = pkgs.path;
29 environment.etc."nixpkgs-overlays".source = inputs.self + "/nixpkgs";
30
31 nixpkgs = {
32 config = {
33 allowUnfree = false;
34 /*
35 packageOverrides = pkgs: {
36 postfix = pkgs.postfix.override {
37 withLDAP = true;
38 };
39 };
40 */
41 };
42 };
43
44 documentation.nixos = {
45 enable = false; # NOTE: useless on a server, and CPU intensive.
46 };
47
48 time = {
49 timeZone = "Europe/Paris";
50 };
51
52 i18n = {
53 defaultLocale = "fr_FR.UTF-8";
54 };
55
56 console = {
57 font = "Lat2-Terminus16";
58 keyMap = "fr";
59 };
60
61 # Always try to start all the units (default.target)
62 # because systemd's emergency shell does not try to start sshd.
63 # https://wiki.archlinux.org/index.php/systemd#Disable_emergency_mode_on_remote_machine
64 systemd.enableEmergencyMode = false;
65
66 # This is a remote headless server: always reboot on a kernel panic,
67 # to not have to physically go power cycle the apu2e4.
68 # Which happens if the wrong ZFS password is used
69 # but the boot is manually forced to continue.
70 # Using kernelParams instead of kernel.sysctl
71 # sets this up as soon as the initrd.
72 boot.kernelParams = [ "panic=10" ];
73
74 boot.cleanTmpDir = true;
75 boot.tmpOnTmpfs = true;
76
77 networking = {
78 # Fix hostname --fqdn
79 # See: https://github.com/NixOS/nixpkgs/issues/10183#issuecomment-537629621
80 hosts = {
81 "127.0.1.1" = lib.mkForce [ "${hostName}.${domain}" hostName ];
82 "::1" = lib.mkForce [ "${hostName}.${domain}" hostName "localhost" ];
83 };
84 search = [ domain ];
85 };
86
87 services = {
88 openssh = {
89 enable = true;
90 passwordAuthentication = false;
91 extraConfig = ''
92 '';
93 };
94 journald = {
95 extraConfig = ''
96 Compress=true
97 MaxRetentionSec=1month
98 Storage=persistent
99 SystemMaxUse=128M
100 '';
101 };
102 };
103
104 environment.systemPackages = with pkgs; [
105 binutils
106 bmon
107 conntrack-tools
108 #dnsutils
109 dstat
110 gnupg
111 htop
112 inetutils
113 iftop
114 iotop
115 ldns
116 linuxPackages.cpupower
117 lsof
118 mailutils
119 multitail
120 ncdu
121 nethogs
122 nload
123 nmon
124 pv
125 smem
126 swaplist
127 stress
128 tcpdump
129 tmux
130 tree
131 vim
132 which
133 ];
134 environment.variables.SYSTEMD_LESS = "FKMRX";
135 environment.etc."inputrc".text = lib.readFile defaults/readline/inputrc;
136
137 programs = {
138 bash = {
139 interactiveShellInit = ''
140 bind '"\e[A":history-search-backward'
141 bind '"\e[B":history-search-forward'
142
143 # Ignore duplicate commands, ignore commands starting with a space
144 export HISTCONTROL=erasedups:ignorespace
145 export HISTSIZE=42000
146
147 # Append to the history instead of overwriting (good for multiple connections)
148 shopt -s histappend
149
150 # Enable ** file pattern
151 shopt -s globstar
152
153 # Convenient mkdir wrapper
154 mkcd() { mkdir -p "$1" && cd "$1"; }
155 '';
156 shellAliases = {
157 cl = "clear";
158 l = "ls -alh";
159 ll = "ls -al";
160 ls = "ls --color=tty";
161 mem = "ps -e -orss=,user=,args= | sort -b -k1,1n";
162
163 s="sudo systemctl";
164 st="sudo systemctl status";
165 s-u="systemctl --user";
166 j="sudo journalctl -u";
167
168 nixos-clean="sudo nix-collect-garbage -d";
169 nixos-history="sudo nix-env --list-generations --profile /nix/var/nix/profiles/system";
170 nixos-rollback="sudo nixos-rebuild switch --rollback";
171 nixos-update="sudo nix-channel --update";
172 nixos-upgrade="sudo nixos-rebuild switch";
173 nixos-upstream="sudo nix-channel --list";
174 };
175 };
176 gnupg = {
177 agent = {
178 pinentryFlavor = "curses";
179 };
180 };
181 mosh.enable = true;
182 mtr.enable = true;
183 traceroute.enable = true;
184 };
185 }