diff options
author | Karel Kočí <cynerd@email.cz> | 2022-02-21 21:54:09 +0100 |
---|---|---|
committer | Karel Kočí <cynerd@email.cz> | 2022-06-10 14:05:48 +0200 |
commit | 93b0545d11bf8c7f065203f7f3eaf1d0e3730dce (patch) | |
tree | da93fa5fcd14c493d8ccd86c98f40d26c9697869 /nixos/modules/generic.nix | |
download | nixos-personal-93b0545d11bf8c7f065203f7f3eaf1d0e3730dce.tar.gz nixos-personal-93b0545d11bf8c7f065203f7f3eaf1d0e3730dce.tar.bz2 nixos-personal-93b0545d11bf8c7f065203f7f3eaf1d0e3730dce.zip |
Add initial version
Diffstat (limited to 'nixos/modules/generic.nix')
-rw-r--r-- | nixos/modules/generic.nix | 98 |
1 files changed, 98 insertions, 0 deletions
diff --git a/nixos/modules/generic.nix b/nixos/modules/generic.nix new file mode 100644 index 0000000..31f0829 --- /dev/null +++ b/nixos/modules/generic.nix @@ -0,0 +1,98 @@ +{ config, lib, pkgs, ... }: + +with lib; + +{ + + config = { + system.stateVersion = "22.05"; + + nix = { + extraOptions = "experimental-features = nix-command flakes"; + autoOptimiseStore = true; + registry = { + personal.to = { + type = "git"; + url = "https://git.cynerd.cz/nixos-personal"; + }; + }; + }; + + boot.loader.systemd-boot.enable = mkDefault true; + boot.loader.efi.canTouchEfiVariables = true; + boot.kernelPackages = pkgs.linuxPackages_latest; + boot.kernelParams = ["boot.shell_on_fail"]; + hardware.enableAllFirmware = true; + + + nixpkgs.config.allowUnfree = true; + environment.systemPackages = with pkgs; [ + git # We need git for this repository to even work + # Administration tools + coreutils moreutils psmisc progress lshw + dig + + # NCurses tools + htop iotop glances + mc + screen tmux + ncdu + + # ls tools + tree + mlocate + lsof + strace + + sourceHighlight # Colors for less + unrar p7zip + + # Vim plugins (used for root account) + vimPlugins.vim-nix + vimPlugins.vim-nftables + + # Network + nmap netcat traceroute + iftop nethogs + # TODO add mdns + + lm_sensors + + ] ++ optional (system == "x86_64-linux") ltrace; + + users.mutableUsers = false; + users.groups.cynerd.gid = 1000; + users.users = { + root = { + passwordFile = "/run/secrets/root.pass"; + }; + cynerd = { + uid = 1000; + subUidRanges = [{ count = 65534; startUid = 10000; }]; + subGidRanges = [{ count = 65534; startGid = 10000; }]; + group = "cynerd"; + isNormalUser = true; + createHome = true; + shell = pkgs.zsh.out; + extraGroups = ["users" "wheel"]; + passwordFile = "/run/secrets/cynerd.pass"; + openssh.authorizedKeys.keyFiles = [ + (config.personal-secrets + "/unencrypted/git-private.pub") + ]; + }; + }; + programs.zsh.enable = true; + programs.shellrc.enable = true; + programs.vim.defaultEditor = mkDefault true; + + security.sudo.extraRules = [ + { groups = [ "wheel" ]; commands = [ "ALL" ]; } + ]; + + services.openssh.enable = true; + + time.timeZone = "Europe/Prague"; + i18n.defaultLocale = "en_US.UTF-8"; + }; + +} |