defaults.nix

   1 { pkgs, lib, config, ... }:
   2 let inherit (lib) types;
   3 in
   4 {
   5 imports = [
   6   ./modules.nix
   7   defaults/predictable-interface-names.nix
   8 ];
   9
  10 nix = {
  11   #binaryCaches = lib.mkForce [];
  12   extraOptions = ''
  13   '';
  14   # Use gc.automatic to keep disk space under control.
  15   gc = {
  16     automatic = true;
  17     dates = "weekly";
  18     options = "--delete-older-than 30d";
  19   };
  20   nixPath = [
  21     ("nixpkgs=" + toString pkgs.path)
  22   ];
  23 };
  24
  25 nixpkgs = {
  26   config = {
  27     allowUnfree = false;
  28     /*
  29     packageOverrides = pkgs: {
  30       postfix = pkgs.postfix.override {
  31         withLDAP = true;
  32       };
  33     };
  34     */
  35   };
  36   overlays = import ./overlays.nix;
  37 };
  38
  39 documentation.nixos = {
  40   enable = false; # NOTE: useless on a server, and CPU intensive.
  41 };
  42
  43 # Clean /tmp automatically on boot.
  44 boot.cleanTmpDir = true;
  45
  46 time = {
  47   timeZone = "Europe/Paris";
  48 };
  49
  50 i18n = {
  51   defaultLocale = "fr_FR.UTF-8";
  52 };
  53
  54 console = {
  55   font   = "Lat2-Terminus16";
  56   keyMap = "fr";
  57 };
  58
  59 # Always try to start all the units (default.target)
  60 # because systemd's emergency shell does not try to start sshd.
  61 # https://wiki.archlinux.org/index.php/systemd#Disable_emergency_mode_on_remote_machine
  62 systemd.enableEmergencyMode = false;
  63
  64 # This is a remote headless server: always reboot on a kernel panic,
  65 # to not have to physically go power cycle the apu2e4.
  66 # Which happens if the wrong ZFS password is used
  67 # but the boot is manually forced to continue.
  68 # Using kernelParams instead of kernel.sysctl
  69 # sets this up as soon as the initrd.
  70 boot.kernelParams = [ "panic=10" ];
  71
  72 services = {
  73   openssh = {
  74     enable = true;
  75     passwordAuthentication = false;
  76     extraConfig = ''
  77     '';
  78   };
  79   journald = {
  80     extraConfig = ''
  81       SystemMaxUse=50M
  82     '';
  83   };
  84 };
  85
  86 environment = {
  87   #checkConfigurationOptions = false;
  88   systemPackages = with pkgs; [
  89     binutils
  90     #dnsutils
  91     dstat
  92     htop
  93     inetutils
  94     iotop
  95     lsof
  96     mailutils
  97     multitail
  98     ncdu
  99     pv
 100     swaplist
 101     tcpdump
 102     tmux
 103     tree
 104     vim
 105     which
 106   ];
 107
 108   etc."inputrc".text = lib.readFile defaults/readline/inputrc;
 109 };
 110
 111 programs = {
 112   bash = {
 113     interactiveShellInit = ''
 114       bind '"\e[A":history-search-backward'
 115       bind '"\e[B":history-search-forward'
 116
 117       # Ignore duplicate commands, ignore commands starting with a space
 118       export HISTCONTROL=erasedups:ignorespace
 119       export HISTSIZE=42000
 120
 121       # Append to the history instead of overwriting (good for multiple connections)
 122       shopt -s histappend
 123     '';
 124     shellAliases = {
 125       cl = "clear";
 126       l  = "ls -alh";
 127       ll = "ls -l";
 128       ls = "ls --color=tty";
 129       mem = "ps -e -orss=,user=,args= | sort -b -k1,1n";
 130
 131       s="sudo systemctl";
 132       s-u="systemctl --user";
 133
 134       nixos-clean="sudo nix-collect-garbage -d";
 135       nixos-history="sudo nix-env --list-generations --profile /nix/var/nix/profiles/system";
 136       nixos-rollback="sudo nixos-rebuild switch --rollback";
 137       nixos-update="sudo nix-channel --update";
 138       nixos-upgrade="sudo nixos-rebuild switch";
 139       nixos-upstream="sudo nix-channel --list";
 140     };
 141   };
 142   gnupg = {
 143     agent = {
 144       pinentryFlavor = "curses";
 145     };
 146   };
 147   mosh.enable = true;
 148   mtr.enable = true;
 149 };
 150 }