bootstrap/mermet/etc/nixos/configuration.nix

   1 # Edit this configuration file to define what should be installed on
   2 # your system.  Help is available in the configuration.nix(5) man page
   3 # and in the NixOS manual (accessible by running ‘nixos-help’).
   4
   5 { config, lib, pkgs, ... }:
   6
   7 {
   8   imports =
   9     [ ./hardware-configuration.nix
  10       ./zfs-configuration.nix
  11     ];
  12
  13   nix = {
  14     autoOptimiseStore = true;
  15     extraOptions = ''
  16     '';
  17     # Use gc.automatic to keep disk space under control.
  18     gc = {
  19       automatic = true;
  20       dates = "weekly";
  21       options = "--delete-older-than 30d";
  22     };
  23   };
  24
  25   nixpkgs = {
  26     config = {
  27       allowUnfree = false;
  28       /*
  29       packageOverrides = pkgs: {
  30         postfix = pkgs.postfix.override {
  31           withLDAP = true;
  32         };
  33       };
  34       */
  35     };
  36     #overlays = import ../overlays.nix;
  37   };
  38
  39   time = {
  40     timeZone = "Europe/Paris";
  41   };
  42
  43   i18n = {
  44     consoleFont   = "Lat2-Terminus16";
  45     consoleKeyMap = "fr";
  46     defaultLocale = "fr_FR.UTF-8";
  47   };
  48
  49   networking = {
  50     hostName = "mermet";
  51     wireless.enable = false;
  52     interfaces.enp1s0.useDHCP = true;
  53     interfaces.enp2s0.useDHCP = true;
  54     interfaces.enp3s0.useDHCP = true;
  55   };
  56
  57   users = {
  58     mutableUsers = false;
  59     users = {
  60         root = {
  61           initialPassword = "toor";
  62           password        = "toor";
  63           openssh.authorizedKeys.keys = [
  64             # julm
  65             "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQD5FtR++UPEg/5wFeyb2JSS09idTaDb4tMIRf1yxCsyIJEp5LQMif/fIptDeHoYc55lwy8vnWWN9PJpb6PS8YSaLLFV5tn8esR8Ml+evNCAD52Tdu1kPRXGLCSF5kSVnbAMoxqiNi8vRRKXwAzGgXmIUzDAE4QTsq3EwZM6cBnDx5O79wBIZ9va2TObL52qv+Vpi+QyINuslKKc+Osu92pdwceIGZUcwA6Y8aH6lavaTyDUQdSjMRMTAiXSPRjmHf1q+V7wENXT/TKXuuahN8NnJShX3Qf9hwNEIU46SOENsrRFQ5eYahAmqUIK4GbsERS2KRDxbvSOl7rKh2sauBxyKfkW/gxQ4LAyywxuumpI0pO7XmdINCGWdXS9gD216lcGuH/TC0KboiOVExh65eRIOeEFTec0VJQEqqnFul7u8YNPmbBpLnM+SQ3TAkdQmfasKgPIazFNCAnC8I9hKlGYpLk/Dgi/sVbwFeoOUQcaTBRnWKUCedX4v4kmPIHuHSNPV2C/0770gH2iJ1N1XEO3YDGiixuHHiLlCV8Ko950CoTh1PwDNCd3Qy/jR/QhE2waVPliFwl2+H6IkIxkUO8A9ktLCJUeaZJN3snoV+9hvpT1E2TrEccsTVx5BaGAJCUkvO2XYlEsNceIIitkrbhidjZvfZ4/czGUKoN1wSSpMw== GnuPG pub=F2E027182397AC0775714F2AD15AF7F467E8299B sub=7819E44BAEEDE91683811BB00E1AAADBE227DDAA"
  66           ];
  67         };
  68     };
  69     groups = {
  70     };
  71   };
  72
  73   documentation.nixos = {
  74     enable = false; # NOTE: useless on this machine, and CPU intensive.
  75   };
  76
  77   services = {
  78     openssh = {
  79       enable = true;
  80       extraConfig = ''
  81       '';
  82     };
  83     journald = {
  84       extraConfig = ''
  85         SystemMaxUse=50M
  86       '';
  87     };
  88   };
  89
  90   environment = {
  91     systemPackages = with pkgs; [
  92       htop
  93       tree
  94       vim
  95       tcpdump
  96       cryptsetup
  97       multitail
  98       dnsutils
  99       inetutils
 100       binutils
 101       mailutils
 102       ncdu
 103       tmux
 104       socat
 105       which
 106       zfs
 107     ];
 108
 109     etc."inputrc".text = ''
 110       # /etc/inputrc - global inputrc for libreadline
 111       # See readline(3readline) and `info rluserman' for more information.
 112
 113       # Be 8 bit clean.
 114       set input-meta on
 115       set output-meta on
 116
 117       # To allow the use of 8bit-characters like the german umlauts, uncomment
 118       # the line below. However this makes the meta key not work as a meta key,
 119       # which is annoying to those which don't need to type in 8-bit characters.
 120
 121       # set convert-meta off
 122
 123       # try to enable the application keypad when it is called.  Some systems
 124       # need this to enable the arrow keys.
 125       # set enable-keypad on
 126
 127       # see /usr/share/doc/bash/inputrc.arrows for other codes of arrow keys
 128
 129       # do not bell on tab-completion
 130       # set bell-style none
 131       # set bell-style visible
 132
 133       # some defaults / modifications for the emacs mode
 134       $if mode=emacs
 135
 136       # allow the use of the Home/End keys
 137       "\e[1~": beginning-of-line
 138       "\e[4~": end-of-line
 139
 140       # allow the use of the Delete/Insert keys
 141       "\e[3~": delete-char
 142       "\e[2~": quoted-insert
 143
 144       # mappings for "page up" and "page down" to step to the beginning/end
 145       # of the history
 146       # "\e[5~": beginning-of-history
 147       # "\e[6~": end-of-history
 148
 149       # alternate mappings for "page up" and "page down" to search the history
 150       # "\e[5~": history-search-backward
 151       # "\e[6~": history-search-forward
 152
 153       # mappings for Ctrl-left-arrow and Ctrl-right-arrow for word moving
 154       "\e[1;5C": forward-word
 155       "\e[1;5D": backward-word
 156       "\e[5C": forward-word
 157       "\e[5D": backward-word
 158       "\e\e[C": forward-word
 159       "\e\e[D": backward-word
 160
 161       $if term=rxvt
 162       "\e[7~": beginning-of-line
 163       "\e[8~": end-of-line
 164       "\eOc": forward-word
 165       "\eOd": backward-word
 166       $endif
 167
 168       # for non RH/Debian xterm, can't hurt for RH/Debian xterm
 169       # "\eOH": beginning-of-line
 170       # "\eOF": end-of-line
 171
 172       # for freebsd console
 173       # "\e[H": beginning-of-line
 174       # "\e[F": end-of-line
 175
 176       $endif
 177     '';
 178   };
 179
 180   programs = {
 181     bash = {
 182       interactiveShellInit = ''
 183         bind '"\e[A":history-search-backward'
 184         bind '"\e[B":history-search-forward'
 185
 186         # Ignore duplicate commands, ignore commands starting with a space
 187         export HISTCONTROL=erasedups:ignorespace
 188         export HISTSIZE=42000
 189         # Append to the history instead of overwriting (good for multiple connections)
 190         shopt -s histappend
 191       '';
 192       shellAliases = {
 193         cl = "clear";
 194         l  = "ls -alh";
 195         ll = "ls -l";
 196         ls = "ls --color=tty";
 197
 198         s="sudo systemctl";
 199         s-u="systemctl --user";
 200
 201         nixos-clean="sudo nix-collect-garbage -d";
 202         nixos-history="sudo nix-env --list-generations --profile /nix/var/nix/profiles/system";
 203         nixos-rollback="sudo nixos-rebuild switch --rollback";
 204         nixos-update="sudo nix-channel --update";
 205         nixos-upgrade="sudo nixos-rebuild switch";
 206         nixos-upstream="sudo nix-channel --list";
 207       };
 208     };
 209     mtr.enable = true;
 210   };
 211
 212   # This value determines the NixOS release with which your system is to be
 213   # compatible, in order to avoid breaking some software such as database
 214   # servers. You should change this only after NixOS release notes say you
 215   # should.
 216   system.stateVersion = "19.09"; # Did you read the comment?
 217 }