]> Git — Sourcephile - sourcephile-nix.git/blob - defaults.nix
knot+nginx: add lemoutona5pattes.sourcephile.fr for helping Cadine
[sourcephile-nix.git] / defaults.nix
1 { pkgs, lib, config, ... }:
2 let inherit (lib) types;
3 in
4 {
5 imports = [
6 ./modules.nix
7 defaults/predictable-interface-names.nix
8 ];
9
10 nix = {
11 #binaryCaches = lib.mkForce [];
12 extraOptions = ''
13 '';
14 # Use gc.automatic to keep disk space under control.
15 gc = {
16 automatic = true;
17 dates = "weekly";
18 options = "--delete-older-than 30d";
19 };
20 nixPath = [
21 # WARNING: this is a hack to avoid copying Nixpkgs
22 # a second time into the Nix store.
23 # It makes only sense when Nixpkgs is already in the Nix store,
24 # and is registered.
25 "nixpkgs=${toString pkgs.path}"
26 ];
27 };
28
29 nixpkgs = {
30 config = {
31 allowUnfree = false;
32 /*
33 packageOverrides = pkgs: {
34 postfix = pkgs.postfix.override {
35 withLDAP = true;
36 };
37 };
38 */
39 };
40 overlays = import ./overlays.nix;
41 };
42
43 documentation.nixos = {
44 enable = false; # NOTE: useless on a server, and CPU intensive.
45 };
46
47 time = {
48 timeZone = "Europe/Paris";
49 };
50
51 i18n = {
52 defaultLocale = "fr_FR.UTF-8";
53 };
54
55 console = {
56 font = "Lat2-Terminus16";
57 keyMap = "fr";
58 };
59
60 # Always try to start all the units (default.target)
61 # because systemd's emergency shell does not try to start sshd.
62 # https://wiki.archlinux.org/index.php/systemd#Disable_emergency_mode_on_remote_machine
63 systemd.enableEmergencyMode = false;
64
65 # This is a remote headless server: always reboot on a kernel panic,
66 # to not have to physically go power cycle the apu2e4.
67 # Which happens if the wrong ZFS password is used
68 # but the boot is manually forced to continue.
69 # Using kernelParams instead of kernel.sysctl
70 # sets this up as soon as the initrd.
71 boot.kernelParams = [ "panic=10" ];
72
73 boot.cleanTmpDir = true;
74 boot.tmpOnTmpfs = true;
75
76 services = {
77 openssh = {
78 enable = true;
79 passwordAuthentication = false;
80 extraConfig = ''
81 '';
82 };
83 journald = {
84 extraConfig = ''
85 SystemMaxUse=50M
86 '';
87 };
88 };
89
90 environment = {
91 #checkConfigurationOptions = false;
92 #etc.nixpkgs.source = (pkgs.runCommandLocal "pkgs.path" {propagatedBuildInputs=[pkgs.path]; buildInputs=[pkgs.path];} "mkdir $out");
93 systemPackages = with pkgs; [
94 pkgs.path # WARNING: this is a hack to register the path to Nixpkgs. See nix.nixPath.
95 binutils
96 pkgs.neofetch
97 #dnsutils
98 dstat
99 htop
100 inetutils
101 iotop
102 lsof
103 mailutils
104 multitail
105 ncdu
106 pv
107 swaplist
108 tcpdump
109 tmux
110 tree
111 vim
112 which
113 pkgs.linuxPackages.cpupower
114 ];
115
116 etc."inputrc".text = lib.readFile defaults/readline/inputrc;
117 };
118
119 programs = {
120 bash = {
121 interactiveShellInit = ''
122 bind '"\e[A":history-search-backward'
123 bind '"\e[B":history-search-forward'
124
125 # Ignore duplicate commands, ignore commands starting with a space
126 export HISTCONTROL=erasedups:ignorespace
127 export HISTSIZE=42000
128
129 # Append to the history instead of overwriting (good for multiple connections)
130 shopt -s histappend
131
132 # Enable ** file pattern
133 shopt -s globstar
134
135 # Convenient mkdir wrapper
136 mkcd() { mkdir -p "$1" && cd "$1"; }
137 '';
138 shellAliases = {
139 cl = "clear";
140 l = "ls -alh";
141 ll = "ls -al";
142 ls = "ls --color=tty";
143 mem = "ps -e -orss=,user=,args= | sort -b -k1,1n";
144
145 s="sudo systemctl";
146 s-u="systemctl --user";
147
148 nixos-clean="sudo nix-collect-garbage -d";
149 nixos-history="sudo nix-env --list-generations --profile /nix/var/nix/profiles/system";
150 nixos-rollback="sudo nixos-rebuild switch --rollback";
151 nixos-update="sudo nix-channel --update";
152 nixos-upgrade="sudo nixos-rebuild switch";
153 nixos-upstream="sudo nix-channel --list";
154 };
155 };
156 gnupg = {
157 agent = {
158 pinentryFlavor = "curses";
159 };
160 };
161 mosh.enable = true;
162 mtr.enable = true;
163 };
164 }