]> Git — Sourcephile - sourcephile-nix.git/blob - nixos/defaults.nix
sanoid: backup public-inbox
[sourcephile-nix.git] / nixos / defaults.nix
1 { pkgs, lib, config, ... }:
2 let inherit (lib) types;
3 in
4 {
5 imports = [
6 ./modules.nix
7 defaults/predictable-interface-names.nix
8 ];
9 options = {
10 };
11 config = {
12 nix = {
13 #binaryCaches = lib.mkForce [];
14 extraOptions = ''
15 '';
16 # Use gc.automatic to keep disk space under control.
17 gc = {
18 automatic = true;
19 dates = "weekly";
20 options = "--delete-older-than 30d";
21 };
22 nixPath = [
23 # WARNING: this is a hack to avoid copying Nixpkgs
24 # a second time into the Nix store.
25 # It makes only sense when Nixpkgs is already in the Nix store,
26 # and is registered.
27 "nixpkgs=${toString pkgs.path}:nixpkgs-overlays=${../nixpkgs}/overlays.nix"
28 ];
29 };
30
31 nixpkgs = {
32 config = {
33 allowUnfree = false;
34 /*
35 packageOverrides = pkgs: {
36 postfix = pkgs.postfix.override {
37 withLDAP = true;
38 };
39 };
40 */
41 };
42 overlays = import ../nixpkgs/overlays.nix;
43 };
44
45 documentation.nixos = {
46 enable = false; # NOTE: useless on a server, and CPU intensive.
47 };
48
49 time = {
50 timeZone = "Europe/Paris";
51 };
52
53 i18n = {
54 defaultLocale = "fr_FR.UTF-8";
55 };
56
57 console = {
58 font = "Lat2-Terminus16";
59 keyMap = "fr";
60 };
61
62 # Always try to start all the units (default.target)
63 # because systemd's emergency shell does not try to start sshd.
64 # https://wiki.archlinux.org/index.php/systemd#Disable_emergency_mode_on_remote_machine
65 systemd.enableEmergencyMode = false;
66
67 # This is a remote headless server: always reboot on a kernel panic,
68 # to not have to physically go power cycle the apu2e4.
69 # Which happens if the wrong ZFS password is used
70 # but the boot is manually forced to continue.
71 # Using kernelParams instead of kernel.sysctl
72 # sets this up as soon as the initrd.
73 boot.kernelParams = [ "panic=10" ];
74
75 boot.cleanTmpDir = true;
76 boot.tmpOnTmpfs = true;
77
78 services = {
79 openssh = {
80 enable = true;
81 passwordAuthentication = false;
82 extraConfig = ''
83 '';
84 };
85 journald = {
86 extraConfig = ''
87 SystemMaxUse=50M
88 '';
89 };
90 };
91
92 environment = {
93 #checkConfigurationOptions = false;
94 #etc.nixpkgs.source = (pkgs.runCommandLocal "pkgs.path" {propagatedBuildInputs=[pkgs.path]; buildInputs=[pkgs.path];} "mkdir $out");
95 systemPackages = with pkgs; [
96 pkgs.path # WARNING: this is a hack to register the path to Nixpkgs. See nix.nixPath.
97 binutils
98 #dnsutils
99 dstat
100 htop
101 inetutils
102 iotop
103 lsof
104 mailutils
105 multitail
106 ncdu
107 pv
108 swaplist
109 tcpdump
110 tmux
111 tree
112 vim
113 which
114 linuxPackages.cpupower
115 ];
116
117 etc."inputrc".text = lib.readFile defaults/readline/inputrc;
118 };
119
120 programs = {
121 bash = {
122 interactiveShellInit = ''
123 bind '"\e[A":history-search-backward'
124 bind '"\e[B":history-search-forward'
125
126 # Ignore duplicate commands, ignore commands starting with a space
127 export HISTCONTROL=erasedups:ignorespace
128 export HISTSIZE=42000
129
130 # Append to the history instead of overwriting (good for multiple connections)
131 shopt -s histappend
132
133 # Enable ** file pattern
134 shopt -s globstar
135
136 # Convenient mkdir wrapper
137 mkcd() { mkdir -p "$1" && cd "$1"; }
138 '';
139 shellAliases = {
140 cl = "clear";
141 l = "ls -alh";
142 ll = "ls -al";
143 ls = "ls --color=tty";
144 mem = "ps -e -orss=,user=,args= | sort -b -k1,1n";
145
146 s="sudo systemctl";
147 s-u="systemctl --user";
148
149 nixos-clean="sudo nix-collect-garbage -d";
150 nixos-history="sudo nix-env --list-generations --profile /nix/var/nix/profiles/system";
151 nixos-rollback="sudo nixos-rebuild switch --rollback";
152 nixos-update="sudo nix-channel --update";
153 nixos-upgrade="sudo nixos-rebuild switch";
154 nixos-upstream="sudo nix-channel --list";
155 };
156 };
157 gnupg = {
158 agent = {
159 pinentryFlavor = "curses";
160 };
161 };
162 mosh.enable = true;
163 mtr.enable = true;
164 };
165 };
166 }