]> Git — Sourcephile - sourcephile-nix.git/blob - defaults.nix
nix: split configuration.nix into alternative toplevels
[sourcephile-nix.git] / defaults.nix
1 { pkgs, lib, config, ... }:
2 let inherit (lib) types;
3 in
4 {
5 imports = [
6 ./modules.nix
7 defaults/predictable-interface-names.nix
8 ];
9 options = {
10 /*
11 deployment.name = lib.mkOption {
12 type = types.enum ["production"];
13 default = "production";
14 };
15 */
16 };
17 config = {
18 nix = {
19 #binaryCaches = lib.mkForce [];
20 extraOptions = ''
21 '';
22 # Use gc.automatic to keep disk space under control.
23 gc = {
24 automatic = true;
25 dates = "weekly";
26 options = "--delete-older-than 30d";
27 };
28 nixPath = [
29 # WARNING: this is a hack to avoid copying Nixpkgs
30 # a second time into the Nix store.
31 # It makes only sense when Nixpkgs is already in the Nix store,
32 # and is registered.
33 "nixpkgs=${toString pkgs.path}"
34 ];
35 };
36
37 nixpkgs = {
38 config = {
39 allowUnfree = false;
40 /*
41 packageOverrides = pkgs: {
42 postfix = pkgs.postfix.override {
43 withLDAP = true;
44 };
45 };
46 */
47 };
48 overlays = import ./overlays.nix;
49 };
50
51 documentation.nixos = {
52 enable = false; # NOTE: useless on a server, and CPU intensive.
53 };
54
55 time = {
56 timeZone = "Europe/Paris";
57 };
58
59 i18n = {
60 defaultLocale = "fr_FR.UTF-8";
61 };
62
63 console = {
64 font = "Lat2-Terminus16";
65 keyMap = "fr";
66 };
67
68 # Always try to start all the units (default.target)
69 # because systemd's emergency shell does not try to start sshd.
70 # https://wiki.archlinux.org/index.php/systemd#Disable_emergency_mode_on_remote_machine
71 systemd.enableEmergencyMode = false;
72
73 # This is a remote headless server: always reboot on a kernel panic,
74 # to not have to physically go power cycle the apu2e4.
75 # Which happens if the wrong ZFS password is used
76 # but the boot is manually forced to continue.
77 # Using kernelParams instead of kernel.sysctl
78 # sets this up as soon as the initrd.
79 boot.kernelParams = [ "panic=10" ];
80
81 boot.cleanTmpDir = true;
82 boot.tmpOnTmpfs = true;
83
84 services = {
85 openssh = {
86 enable = true;
87 passwordAuthentication = false;
88 extraConfig = ''
89 '';
90 };
91 journald = {
92 extraConfig = ''
93 SystemMaxUse=50M
94 '';
95 };
96 };
97
98 environment = {
99 #checkConfigurationOptions = false;
100 #etc.nixpkgs.source = (pkgs.runCommandLocal "pkgs.path" {propagatedBuildInputs=[pkgs.path]; buildInputs=[pkgs.path];} "mkdir $out");
101 systemPackages = with pkgs; [
102 pkgs.path # WARNING: this is a hack to register the path to Nixpkgs. See nix.nixPath.
103 binutils
104 #dnsutils
105 dstat
106 htop
107 inetutils
108 iotop
109 lsof
110 mailutils
111 multitail
112 ncdu
113 pv
114 swaplist
115 tcpdump
116 tmux
117 tree
118 vim
119 which
120 linuxPackages.cpupower
121 ];
122
123 etc."inputrc".text = lib.readFile defaults/readline/inputrc;
124 };
125
126 programs = {
127 bash = {
128 interactiveShellInit = ''
129 bind '"\e[A":history-search-backward'
130 bind '"\e[B":history-search-forward'
131
132 # Ignore duplicate commands, ignore commands starting with a space
133 export HISTCONTROL=erasedups:ignorespace
134 export HISTSIZE=42000
135
136 # Append to the history instead of overwriting (good for multiple connections)
137 shopt -s histappend
138
139 # Enable ** file pattern
140 shopt -s globstar
141
142 # Convenient mkdir wrapper
143 mkcd() { mkdir -p "$1" && cd "$1"; }
144 '';
145 shellAliases = {
146 cl = "clear";
147 l = "ls -alh";
148 ll = "ls -al";
149 ls = "ls --color=tty";
150 mem = "ps -e -orss=,user=,args= | sort -b -k1,1n";
151
152 s="sudo systemctl";
153 s-u="systemctl --user";
154
155 nixos-clean="sudo nix-collect-garbage -d";
156 nixos-history="sudo nix-env --list-generations --profile /nix/var/nix/profiles/system";
157 nixos-rollback="sudo nixos-rebuild switch --rollback";
158 nixos-update="sudo nix-channel --update";
159 nixos-upgrade="sudo nixos-rebuild switch";
160 nixos-upstream="sudo nix-channel --list";
161 };
162 };
163 gnupg = {
164 agent = {
165 pinentryFlavor = "curses";
166 };
167 };
168 mosh.enable = true;
169 mtr.enable = true;
170 };
171 };
172 }