Toast/nix-stuff
1
0
Fork 0
Code Issues Pull requests Projects 1 Wiki Activity
nix-stuff/roles/common/configuration.nix

173 lines
4.4 KiB
Nix
Executable file
Raw Blame History

{
config,
lib,
pkgs,
flakeSelf,
...
}: {
imports = [flakeSelf.inputs.nur.modules.nixos.default];
environment = {
# As of the 1st of May 2023, the default packages are nano, perl, rsync and strace
# I don't need any of them, so I just empty the list
defaultPackages = [];
};
# Set up /tmp
boot.tmp = {
useTmpfs = false;
# Cleaning out /tmp at boot if it's a tmpfs is quite stupid
cleanOnBoot = !config.boot.tmp.useTmpfs;
};
# Set up zram
zramSwap = {
enable = true;
priority = 100;
memoryPercent = 60;
# zstd my beloved <3
algorithm = "zstd";
};
# zswap with zram is not a good idea
boot.kernelParams = ["zswap.enabled=0"];
# Set up keyboard layout
services.xserver.xkb.layout = "es";
# Set up console
console = {
packages = [pkgs.terminus_font];
earlySetup = true;
# mkDefault has 1000 priority, so that way I don't conflict with nixos-hardware
font = lib.mkOverride 999 "ter-i16n";
# Make the console use X's keyboard configuration
useXkbConfig = true;
};
boot.supportedFilesystems = ["nfs"];
security.pki.certificates = [
# Caddy
''
-----BEGIN CERTIFICATE-----
MIIBqTCCAU+gAwIBAgIQceh0ZUBNrOmqLVsDr+2HBjAKBggqhkjOPQQDAjAzMTEw
LwYDVQQDEyhDYWRkeSAoRXZlcmVzdCkgbG9jYWwgQ0EgLSAyMDI0IEVDQyBSb290
MB4XDTI0MDcxODAwMDEwM1oXDTM0MDUyNzAwMDEwM1owMzExMC8GA1UEAxMoQ2Fk
ZHkgKEV2ZXJlc3QpIGxvY2FsIENBIC0gMjAyNCBFQ0MgUm9vdDBZMBMGByqGSM49
AgEGCCqGSM49AwEHA0IABJjrY8x6iDXncxG8exwLyaEq8N0XnCIbga8PVYiz3VLS
07++i0Dey9k68ag6KUZICfc8dX1uZ6/ozUZb4YO3xCSjRTBDMA4GA1UdDwEB/wQE
AwIBBjASBgNVHRMBAf8ECDAGAQH/AgEBMB0GA1UdDgQWBBTQAqZS9KeiAr9mSPV9
RIJbSvRsTzAKBggqhkjOPQQDAgNIADBFAiBIgHrD2cUfNEctVx0WzHb0cLAsrK4Q
3QbyxPLyenR+dAIhAMOIAyxlKKKvAJMOzAg0r+csSVRdP1YHsHiE7U1GeHWx
-----END CERTIFICATE-----
''
];
# Set up localisation
i18n = {
defaultLocale = "en_US.UTF-8";
supportedLocales = [
"es_US.UTF-8/UTF-8"
"es_ES.UTF-8/UTF-8"
"en_US.UTF-8/UTF-8"
];
extraLocaleSettings = {
LC_NUMERIC = "es_ES.UTF-8";
# am/pm is nice but mm/dd/yy is yucky
LC_TIME = "es_US.UTF-8";
LC_MONETARY = "es_ES.UTF-8";
LC_MEASUREMENT = "es_ES.UTF-8";
LC_PAPER = "es_ES.UTF-8";
LC_ADDRESS = "es_US.UTF-8";
LC_NAME = "es_ES.UTF-8";
LC_TELEPHONE = "es_ES.UTF-8";
};
};
services = {
fstrim.enable = true;
fwupd.enable = true;
};
# Set up my user
users.users.toast = {
isNormalUser = true;
description = "Toast";
extraGroups = ["wheel"];
};
# Set up time zone.
time.timeZone = "Europe/Madrid";
nixpkgs.overlays = [
(
final: prev: {
catppuccin = prev.catppuccin.override {
accent = "mauve";
variant = "mocha";
themeList = [
"bat"
"btop"
"starship"
"grub"
];
};
}
)
];
catppuccin = {
flavor = "mocha";
accent = "mauve";
};
programs.iotop.enable = true;
home-manager = {
backupFileExtension = "hm-backup";
useGlobalPkgs = true;
verbose = true;
sharedModules = [flakeSelf.inputs.catppuccin.homeManagerModules.catppuccin];
users.toast = {osConfig, ...}: {
catppuccin.flavor = osConfig.catppuccin.flavor;
catppuccin.accent = osConfig.catppuccin.accent;
home.stateVersion = "24.11";
manual = {
manpages.enable = true;
html.enable = true;
};
xdg = {
enable = true;
userDirs = {
enable = true;
createDirectories = true;
publicShare = null; # Disable the public folder
};
};
systemd.user.startServices = true;
};
};
# Set up secrets
age = {
identityPaths = [
"/persist/id_host"
];
};
boot.loader.grub.catppuccin.enable = true;
/*
I used to keep the host keys in the repo as a secret, but since I use the
host keys for decrypting too I'm not sure encrypting a key with itself
is a good idea. Now the host keys will need to be placed manually where they are needed
For first time installs they are generated by services.openssh.hostKeys on servers, and
manually on everything else
*/
system = {
stateVersion = "24.11";
# Nix on nixos 23.05 does not have dirtyRev
configurationRevision = flakeSelf.sourceInfo.rev or flakeSelf.sourceInfo.dirtyRev or "dirty";
nixos.variant_id = lib.strings.toLower config.networking.hostName;
};
}
Reference in a new issue View git blame Copy permalink