]> Git — Sourcephile - sourcephile-nix.git/blob - defaults.nix
losurdo: boot on SD and root on NVMe
[sourcephile-nix.git] / defaults.nix
1 { pkgs, lib, config, ... }:
2 let inherit (lib) types;
3 in
4 {
5 imports = [
6 ./modules.nix
7 defaults/predictable-interface-names.nix
8 ];
9
10 nix = {
11 #binaryCaches = lib.mkForce [];
12 extraOptions = ''
13 '';
14 # Use gc.automatic to keep disk space under control.
15 gc = {
16 automatic = true;
17 dates = "weekly";
18 options = "--delete-older-than 30d";
19 };
20 nixPath = [
21 ("nixpkgs=" + toString pkgs.path)
22 ];
23 };
24
25 nixpkgs = {
26 config = {
27 allowUnfree = false;
28 /*
29 packageOverrides = pkgs: {
30 postfix = pkgs.postfix.override {
31 withLDAP = true;
32 };
33 };
34 */
35 };
36 overlays = import ./overlays.nix;
37 };
38
39 documentation.nixos = {
40 enable = false; # NOTE: useless on a server, and CPU intensive.
41 };
42
43 time = {
44 timeZone = "Europe/Paris";
45 };
46
47 i18n = {
48 defaultLocale = "fr_FR.UTF-8";
49 };
50
51 console = {
52 font = "Lat2-Terminus16";
53 keyMap = "fr";
54 };
55
56 # Always try to start all the units (default.target)
57 # because systemd's emergency shell does not try to start sshd.
58 # https://wiki.archlinux.org/index.php/systemd#Disable_emergency_mode_on_remote_machine
59 systemd.enableEmergencyMode = false;
60
61 # This is a remote headless server: always reboot on a kernel panic,
62 # to not have to physically go power cycle the apu2e4.
63 # Which happens if the wrong ZFS password is used
64 # but the boot is manually forced to continue.
65 # Using kernelParams instead of kernel.sysctl
66 # sets this up as soon as the initrd.
67 boot.kernelParams = [ "panic=10" ];
68
69 boot.cleanTmpDir = true;
70 boot.tmpOnTmpfs = true;
71
72 services = {
73 openssh = {
74 enable = true;
75 passwordAuthentication = false;
76 extraConfig = ''
77 '';
78 };
79 journald = {
80 extraConfig = ''
81 SystemMaxUse=50M
82 '';
83 };
84 };
85
86 environment = {
87 #checkConfigurationOptions = false;
88 systemPackages = with pkgs; [
89 binutils
90 #dnsutils
91 dstat
92 htop
93 inetutils
94 iotop
95 lsof
96 mailutils
97 multitail
98 ncdu
99 pv
100 swaplist
101 tcpdump
102 tmux
103 tree
104 vim
105 which
106 pkgs.linuxPackages.cpupower
107 ];
108
109 etc."inputrc".text = lib.readFile defaults/readline/inputrc;
110 };
111
112 programs = {
113 bash = {
114 interactiveShellInit = ''
115 bind '"\e[A":history-search-backward'
116 bind '"\e[B":history-search-forward'
117
118 # Ignore duplicate commands, ignore commands starting with a space
119 export HISTCONTROL=erasedups:ignorespace
120 export HISTSIZE=42000
121
122 # Append to the history instead of overwriting (good for multiple connections)
123 shopt -s histappend
124 '';
125 shellAliases = {
126 cl = "clear";
127 l = "ls -alh";
128 ll = "ls -l";
129 ls = "ls --color=tty";
130 mem = "ps -e -orss=,user=,args= | sort -b -k1,1n";
131
132 s="sudo systemctl";
133 s-u="systemctl --user";
134
135 nixos-clean="sudo nix-collect-garbage -d";
136 nixos-history="sudo nix-env --list-generations --profile /nix/var/nix/profiles/system";
137 nixos-rollback="sudo nixos-rebuild switch --rollback";
138 nixos-update="sudo nix-channel --update";
139 nixos-upgrade="sudo nixos-rebuild switch";
140 nixos-upstream="sudo nix-channel --list";
141 };
142 };
143 gnupg = {
144 agent = {
145 pinentryFlavor = "curses";
146 };
147 };
148 mosh.enable = true;
149 mtr.enable = true;
150 };
151 }