jakalx/nixos-config
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
nixos-config/hosts/dregil/default.nix

173 lines
4.5 KiB
Nix
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{ config, lib, pkgs, ... }:
let extIface = "ens3";
in {
imports = [ # Include the results of the hardware scan.
./hardware-configuration.nix
];
nix.package = pkgs.nixUnstable;
nix.extraOptions = ''
experimental-features = nix-command flakes ca-derivations
'';
#nix.registry.nixpkgs.flake = nixpkgs;
# Binary Cache for Haskell.nix
nix.settings.trusted-public-keys =
[ "hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ=" ];
#nix.binaryCaches = [ "https://hydra.iohk.io" ];
# Use the GRUB 2 boot loader.
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
# boot.loader.grub.efiSupport = true;
# boot.loader.grub.efiInstallAsRemovable = true;
# boot.loader.efi.efiSysMountPoint = "/boot/efi";
# Define on which hard drive you want to install Grub.
boot.loader.grub.device = "/dev/vda"; # or "nodev" for efi only
# boot.loader.systemd-boot.enable = true;
# Set your time zone.
time.timeZone = "Europe/Berlin";
age.secrets = {
# mailPass.file = ../../secrets/mailPass.age;
# wireguard-thrall.file = ../../secrets/wireguard-thrall.age;
};
# The global useDHCP flag is deprecated, therefore explicitly set to false here.
# Per-interface useDHCP will be mandatory in the future, so this generated config
# replicates the default behaviour.
networking = {
hostName = "dregil";
domain = "failco.de";
wireless.enable = true;
useDHCP = true;
enableIPv6 = true;
firewall = {
allowedTCPPorts = [ 22 ];
allowedUDPPorts = [ 42666 ];
};
# wireguard.interfaces = {
# wg0 = {
# ips = [ "10.0.0.1/24" ];
# listenPort = 42666;
#
# privateKeyFile = config.age.secrets.wireguard-thrall.path;
# peers = [
# {
# # my phone
# publicKey = "9EaBSNsJW0W/xPMLJ54zr3UNK3bZ/2ULOmhV1gPfSXk=";
# allowedIPs = [ "10.0.0.2/32" ];
# }
# {
# # my tablet
# publicKey = "NG9y+0RMDTjiG65yC4Z0ymJ0G5fe1mOhl4GyC3xAh1k=";
# allowedIPs = [ "10.0.0.3/32" ];
# }
# ];
# };
# };
};
security.acme = {
acceptTerms = true;
defaults.email = "alex@jakalx.net";
};
security.sudo = {
enable = true;
execWheelOnly = true;
extraRules = [{
groups = [ "wheel" ];
commands = [{
command = "/run/current-system/sw/bin/nixos-rebuild";
options = [ "NOPASSWD" ];
}];
}];
};
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "dvorak";
};
# Define a user account. Don't forget to set a password with passwd.
users.users.alex = {
isNormalUser = true;
extraGroups = [ "wheel" ]; # Enable sudo for the user.
shell = pkgs.zsh;
};
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
wget
rsync
htop
tmux
git
#agenix.defaultPackage.x86_64-linux
restic # fast and secure backup
rclone
];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
programs.neovim = {
enable = true;
defaultEditor = true;
viAlias = true;
vimAlias = true;
};
# enable zsh globally in order to get home.sessionPath to propagate :()
programs.zsh.enable = true;
# List services that you want to enable:
# Enable the OpenSSH daemon.
services.openssh.enable = true;
services.lorri.enable = true;
# configure backup via restic to gdrive
services.restic.backups = { };
services.keybase = { enable = true; };
services.syncthing = {
enable = true;
user = "alex";
dataDir = "/home/alex/sync";
overrideDevices =
true; # overrides any devices added or deleted through the WebUI
overrideFolders =
true; # overrides any folders added or deleted through the WebUI
folders = {
"org" = {
path = "/home/alex/org";
devices = [ "thrall" "redmi" ];
};
"scan" = {
path = "/home/alex/media/scan";
devices = [ "thrall" "redmi" ];
};
};
devices = {
"redmi" = {
id = "C43WITF-2HS2UCD-X6QFM4H-SC7XQJ7-X5F73EB-7FZHMII-KQNSH5D-NMICIAW";
};
};
};
system.stateVersion = "20.09"; # Did you read the comment?
}
Reference in a new issue View git blame Copy permalink