1 {pkgs, lib, config, system, ...}:
2 let inherit (builtins.extraBuiltins) pass;
4 inherit (config) networking;
5 inherit (config.services) dovecot2;
6 userPass = name: pass "${networking.domainBase}/${networking.hostName}/login/${name}";
9 <nixpkgs-commonsoft/install/modules.nix>
10 ../overlays/tools/networking/shorewall/service.nix
11 ../overlays/tools/networking/shorewall6/service.nix
26 enable = lib.mkEnableOption "friot";
27 networking.domainBase = lib.mkOption {
29 description = "Base network name.";
32 networking.domainAliases = lib.mkOption {
33 type = types.listOf types.str;
34 description = "Domain aliases.";
35 example = [ "example.org" "example.net" ];
37 networking.zones = lib.mkOption {
38 type = types.attrsOf (types.submodule ({name, options, config, ...}: {
40 iface = lib.mkOption {
42 description = "Interface name.";
47 description = "Static IPv4 address of the machine.";
52 description = "Static IPv6 address of the machine.";
62 auto-optimise-store = true
67 options = "--delete-older-than 30d";
75 overlays = import ../overlays.nix;
79 timeZone = "Europe/Paris";
83 consoleFont = "Lat2-Terminus16";
85 defaultLocale = "fr_FR.UTF-8";
89 domainBase = "commonsoft";
90 domain = "${networking.domainBase}.org";
92 "${networking.domainBase}.net"
93 "${networking.domainBase}.coop"
100 root.initialPassword = userPass "root";
101 root.password = config.users.users.root.initialPassword;
104 extraGroups = [ "sudo" ];
105 description = "Julien Moutinho";
107 shell = lib.mkDefault config.users.defaultUserShell;
108 group = "julm"; # FIXME: unknown group
109 initialPassword = userPass "julm";
110 password = config.users.users.julm.initialPassword;
115 gid = config.users.users.julm.uid;
122 enable = config.deployment.targetEnv != "virtualbox";
125 authorizedKeys = [ (pass "${networking.domain}/ssh/pub/julm") ];
132 enable = false; # NOTE: useless on this machine, and CPU intensive.
162 (dom: map (sub: "${sub}.${dom}")
163 ["www" "git" "mail"])
164 ([networking.domain] ++ networking.domainAliases)
165 ++ networking.domainAliases;
168 # "root@${networking.domain}" = [ "test@${networking.domain}" ];
169 # "postmaster@${networking.domain}" = [ "test@${networking.domain}" ];
170 # "abuse@${networking.domain}" = [ "test@${networking.domain}" ];
172 #dovecot2.domains = {
173 # "${networking.domain}" = {
176 # password = pass "${networking.domain}/mail/julm";
177 # # "${networking.domain}/dovecot2/julm";
178 # # "{SSHA512}uyjL1KYx4z7HpfNvnKzuVxpMLD2KVueGGBvOcj7AF1EZCTVhT++IIKUVOC4xpZtWdqVD0OVmZqgYr2qpn/3t3Aj4oU0=";
179 # aliases = ["julien.moutinho@${networking.domain}"];
183 # password = pass "${networking.domain}/mail/test";
184 # # "${networking.domain}/dovecot2/test";
185 # # "{SSHA512}uyjL1KYx4z7HpfNvnKzuVxpMLD2KVueGGBvOcj7AF1EZCTVhT++IIKUVOC4xpZtWdqVD0OVmZqgYr2qpn/3t3Aj4oU0=";
186 # aliases = ["test-alias@${networking.domain}"];
195 systemPackages = with pkgs; [
229 etc."inputrc".text = ''
230 # /etc/inputrc - global inputrc for libreadline
231 # See readline(3readline) and `info rluserman' for more information.
237 # To allow the use of 8bit-characters like the german umlauts, uncomment
238 # the line below. However this makes the meta key not work as a meta key,
239 # which is annoying to those which don't need to type in 8-bit characters.
241 # set convert-meta off
243 # try to enable the application keypad when it is called. Some systems
244 # need this to enable the arrow keys.
245 # set enable-keypad on
247 # see /usr/share/doc/bash/inputrc.arrows for other codes of arrow keys
249 # do not bell on tab-completion
250 # set bell-style none
251 # set bell-style visible
253 # some defaults / modifications for the emacs mode
256 # allow the use of the Home/End keys
257 "\e[1~": beginning-of-line
260 # allow the use of the Delete/Insert keys
262 "\e[2~": quoted-insert
264 # mappings for "page up" and "page down" to step to the beginning/end
266 # "\e[5~": beginning-of-history
267 # "\e[6~": end-of-history
269 # alternate mappings for "page up" and "page down" to search the history
270 # "\e[5~": history-search-backward
271 # "\e[6~": history-search-forward
273 # mappings for Ctrl-left-arrow and Ctrl-right-arrow for word moving
274 "\e[1;5C": forward-word
275 "\e[1;5D": backward-word
276 "\e[5C": forward-word
277 "\e[5D": backward-word
278 "\e\e[C": forward-word
279 "\e\e[D": backward-word
282 "\e[7~": beginning-of-line
285 "\eOd": backward-word
288 # for non RH/Debian xterm, can't hurt for RH/Debian xterm
289 # "\eOH": beginning-of-line
290 # "\eOF": end-of-line
292 # for freebsd console
293 # "\e[H": beginning-of-line
294 # "\e[F": end-of-line
302 interactiveShellInit = ''
303 bind '"\e[A":history-search-backward'
304 bind '"\e[B":history-search-forward'
306 # Ignore duplicate commands, ignore commands starting with a space
307 export HISTCONTROL=erasedups:ignorespace
308 export HISTSIZE=42000
309 # Append to the history instead of overwriting (good for multiple connections)
316 ls = "ls --color=tty";
319 s-u="systemctl --user";
321 nix-clean="sudo nix-collect-garbage -d";
322 nix-history="sudo nix-env --list-generations --profile /nix/var/nix/profiles/system";
323 nix-rollback="sudo nixos-rebuild switch --rollback";
324 nix-update="sudo nix-channel --update";
325 nix-upgrade="sudo nixos-rebuild switch";
326 nix-upstream="sudo nix-channel --list";
327 nix-config="gvim ~/.config/nixos/*.nix";
336 enableSSHSupport = true;
sourcephile / git / sourcephile-nix.git / blob