inherit (lib) types;
inherit (config) networking;
inherit (config.services) dovecot2;
- userPass = name: pass "${networking.domain}/${networking.hostName}/${name}/pass";
+ userPass = name: pass "${networking.domainBase}/${networking.hostName}/login/${name}";
in {
imports = [
- <nixpkgs-commonsoft/install/modules.nix>
+ <nixpkgs-plurasoft/install/modules.nix>
+ ../overlays/tools/networking/shorewall/service.nix
+ ../overlays/tools/networking/shorewall6/service.nix
+ ../overlays/servers/mail/rspamd/service.nix
friot/dovecot.nix
friot/gitolite.nix
friot/nginx.nix
friot/postfix.nix
friot/postgrey.nix
friot/postgresql.nix
- friot/rmilter.nix
- friot/redmine.nix
+ #friot/rmilter.nix
+ friot/rspamd.nix
+ #friot/redmine.nix
friot/shorewall.nix
friot/openldap.nix
#friot/discourse.nix
};
};
config = {
- nixpkgs.overlays = import ../overlays.nix;
+ nix = {
+ extraOptions = ''
+ auto-optimise-store = true
+ '';
+ gc = {
+ automatic = true;
+ dates = "weekly";
+ options = "--delete-older-than 30d";
+ };
+ };
+
+ nixpkgs = {
+ config = {
+ allowUnfree = false;
+ packageOverrides = pkgs: {
+ postfix = pkgs.postfix.override {
+ withLDAP = true;
+ };
+ };
+ };
+ overlays = import ../overlays.nix;
+ };
+
+ boot = {
+ initrd = {
+ network = {
+ enable = config.deployment.targetEnv != "virtualbox";
+ ssh = {
+ enable = true;
+ authorizedKeys = [ (pass "${networking.domain}/ssh/pub/julm") ];
+ };
+ };
+ };
+ kernel = {
+ sysctl = {
+ "vm.swappiness" = 10;
+ "vm.vfs_cache_pressure" = 50;
+ };
+ };
+ };
+
+ time = {
+ timeZone = "Europe/Paris";
+ };
+
+ i18n = {
+ consoleFont = "Lat2-Terminus16";
+ consoleKeyMap = "fr";
+ defaultLocale = "fr_FR.UTF-8";
+ };
+
networking = {
- domainBase = "commonsoft";
- domain = "${networking.domainBase}.org";
+ domainBase = "plurasoft";
+ domain = "${networking.domainBase}.fr";
domainAliases = [
+ "plura.fr"
+ "${networking.domainBase}.org"
"${networking.domainBase}.net"
"${networking.domainBase}.coop"
];
};
- users.mutableUsers = false;
- users.users = {
- root.initialPassword = userPass "root";
- root.password = config.users.users.root.initialPassword;
+
+ users = {
+ mutableUsers = false;
+ users = {
+ root.initialPassword = userPass "root";
+ root.password = config.users.users.root.initialPassword;
+ julm = {
+ uid = 1000;
+ extraGroups = [ "sudo" ];
+ description = "Julien Moutinho";
+ home = "/home/julm";
+ shell = lib.mkDefault config.users.defaultUserShell;
+ group = "users"; # FIXME: unknown group
+ initialPassword = userPass "julm";
+ password = config.users.users.julm.initialPassword;
+ };
+ };
+ groups = {
julm = {
- uid = 1000;
- extraGroups = [ "sudo" ];
- description = "Julien Moutinho";
- home = "/home/julm";
- shell = lib.mkDefault config.users.defaultUserShell;
- group = "julm"; # FIXME: unknown group
- initialPassword = userPass "julm";
- password = config.users.users.julm.initialPassword;
+ gid = config.users.users.julm.uid;
};
- };
- users.groups = {
- julm = {
- gid = config.users.users.julm.uid;
};
};
- boot.initrd = {
- network = {
- enable = config.deployment.targetEnv != "virtualbox";
- ssh = {
- enable = true;
- authorizedKeys = [ (pass "${networking.domain}/${networking.hostName}/julm/ssh.pub") ];
- };
- };
+ documentation.nixos = {
+ enable = false; # NOTE: useless on this machine, and CPU intensive.
};
services = {
- nixosManual = {
- enable = false; # NOTE: useless on this machine, and CPU intensive.
- };
redis = {
enable = true;
};
# };
#};
};
+
environment = {
systemPackages = with pkgs; [
htop
ncdu
cgit
#sssd
- docker
+ #docker
#nss_ldap
#nss_pam_ldapd
+ tmux
socat
users-init
which
$endif
'';
};
+
+ programs = {
+ bash = {
+ interactiveShellInit = ''
+ bind '"\e[A":history-search-backward'
+ bind '"\e[B":history-search-forward'
+
+ # Ignore duplicate commands, ignore commands starting with a space
+ export HISTCONTROL=erasedups:ignorespace
+ export HISTSIZE=42000
+ # Append to the history instead of overwriting (good for multiple connections)
+ shopt -s histappend
+ '';
+ shellAliases = {
+ cl = "clear";
+ l = "ls -alh";
+ ll = "ls -l";
+ ls = "ls --color=tty";
+
+ s="sudo systemctl";
+ s-u="systemctl --user";
+
+ nix-clean="sudo nix-collect-garbage -d";
+ nix-history="sudo nix-env --list-generations --profile /nix/var/nix/profiles/system";
+ nix-rollback="sudo nixos-rebuild switch --rollback";
+ nix-update="sudo nix-channel --update";
+ nix-upgrade="sudo nixos-rebuild switch";
+ nix-upstream="sudo nix-channel --list";
+ nix-config="gvim ~/.config/nixos/*.nix";
+ };
+ };
+
+ /*
+ dconf.enable = true;
+
+ gnupg.agent = {
+ enable = true;
+ enableSSHSupport = true;
+ };
+ */
+
+ mtr.enable = true;
+ };
};
}
sourcephile / git / sourcephile-nix.git / blobdiff