Hagia
log in
morj / nixos-configs
overview
files
history
wiki
Viewing at
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running `nixos-help`).

{ config, pkgs, ... }:

{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix

./extraDefs/dwierz.nix
./extraDefs/qbittorrent.nix

./media.nix
./wireguard.nix
];

# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;

boot.kernelModules = ["iwlwifi"];
boot.kernelPackages = pkgs.linuxPackages_latest;

swapDevices = [
{
device = "/.swapfile";
}
];

fileSystems."/media/data" = {
device = "/dev/disk/by-uuid/1471ffef-3931-455a-9baa-4e5d6cefade9";
fsType = "xfs";
};

# Intel drivers are not installed by default?
hardware.graphics.extraPackages = [ pkgs.intel-media-driver ];

hardware.bluetooth.enable = true;
hardware.bluetooth.powerOnBoot = true;

boot.tmp.cleanOnBoot = true;

networking.hostName = "desert";

networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
networking.wireless.networks.LiberteCoffret = {
psk = "jawamzapreszczaju";
};

# Set your time zone.
time.timeZone = "Europe/Paris";

# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
# keyMap = "us";
useXkbConfig = true; # use xkbOptions in tty.
};

# Define a user account. Don't forget to set a password with ‘passwd’.
users.users.morj = {
isNormalUser = true;
home = "/home/morj";
uid = 1000;
extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.

hashedPassword = "$y$j9T$BEGu8zUOrXKy1E85rYdG81$Xbh6MYoubldqtKcmK1d.v8AAJHh3VSSpMtchrnlnli1";

openssh.authorizedKeys.keys = [
''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDL4w7NX9hzjY2EQn/ruxx89781trSoY1y0F0M7iXqA8uif513WupqisD5zY9CCOwCWLlu1FegcR9MKJjsP2EKxk/NWIVjNBQZWg1qgAu0uZGhZ0hDdfDCzARSRrJQHdOFjzoJTBC4ZO6qENbmY9x8KXuamNMsWvDIaMdXycMU5yLku648VwbOYMcZ3srop5gXoX7j/9pys96nRodNl7PXTQU5vm3C2R97/L9aZEg/+TvlvmIhcW/lRJm1JIDTicfDvH0VzIxuxH5srrinfomeQpya5E6djs5ei65H5gtrQUzfmfpCbVBdCsEz7ba7RuXk3J8W/RB7dRP77nkUe+Ga3mIomJtZTRGqlllQPY/bWkj1koZnXc04cEsUW9yDoz99x30qPJU44D2P0v5Mb1uWPwVfnkMIhnRn50RUUSsh2mjzrzsiH6vv8vzQSTuX2Aqk5KQBIJDpQ4wkYn4AjBD11PqrxaEOTGW5dVCtkHPparahYj9UYI9nT7TIqhu5uN/s= morj@ravenous''
''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC05KwRH+jx64JoouieeUlZnIY8FjocY0wBTzWLH+s4hq7zT5sNlNo/8N4z3TlFsLzQtR1L41EyTi+XcYCkQHCksATFCLr/jN35wt5dETBenDOXo/wlohQFSPI+1GBgi3koYzJWbixGz8vby7t5dxrebGqMh40qGaKM51C5jBhYgReYjcL8eW0x97zdIOhK8bXAhJGRCDo5Ng3PLdwNuo6wnJAZpI2rhFyU625z+d+7sI50CTTMoG+sLPouwd9QYFcUEgYJADxiaSH1pP+qXCT9cZzWqQTwSg28a/a1oj30IOMxa5KfL0P4XGblaGHOvNHsv67zkCUy68n+/IP4B8gJhUhVVWS1gaEB+RxViZOk0H6pSLTHc9hxOA9v7TdxqV//ezncwgNled9/YWrXP2zQ9us9Tw1CE//WmR0BM+P09FIRKkv+1EradVINy8YPH4kit4rK37nFETpnlPiBt41a4+xPb0TBm4qt1yEBOa9er6D2rVcLKnOXWvbgLKFk5q0= morj@MacBook-Pro''
];
};

users.groups.morj = {
gid = 1000;
};

environment.systemPackages = with pkgs; [
neovim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
curl
];
programs.neovim.defaultEditor = true;

# List services that you want to enable:

services.openssh.enable = true;
services.avahi = {
enable = true;
openFirewall = true;
nssmdns4 = true;
nssmdns6 = true; # needs testing. Docs says it might cause waiting for timeouts
publish.enable = true;
publish.addresses = true;
publish.domain = true;
publish.userServices = true;
};

# Sound

security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};

# Graphics

services.xserver.enable = false;

# Net services

# NFS shares
services.nfs.server = {
enable = true;
exports = ''
/media/data 192.168.1.0/24(insecure,rw,sync,no_subtree_check)
'';
};

# Firewall
networking.firewall.allowedTCPPorts = [
# port for general sploits
1337
# NFS
2049
# dwierz
80
];

# Remote nixos build

nix.distributedBuilds = true;
nix.buildMachines = [
{
hostName = "ravenous.local";
sshUser = "morj";

system = "x86_64-linux";
protocol = "ssh-ng";
maxJobs = 4;
speedFactor = 16;
supportedFeatures = ["big-parallel" "benchmark"];
}
];
# hopefully fixes a problem with copy-closure and singatures
nix.settings.trusted-users = [ "morj" ];


# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. It's perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.11"; # Did you read the comment?
}