nixfiles/config/common/default.nix

110 lines
2.7 KiB
Nix

{ config, lib, pkgs, ... }:
with lib; {
imports = [
./kernel.nix
./networking.nix
./openssh.nix
./users
../../modules
];
environment.systemPackages = with pkgs; [
bat
dig
htop
ripgrep
uutils-coreutils
git
bmon
bottom
man-pages
man-pages-posix
unzip
zip
figlet
] ++ lib.optionals (!config.kyouma.machine-type.container) [
kitty.terminfo
];
programs = {
mtr.enable = true;
fish.enable = true;
};
kyouma.deployment = {
tags = [ "all" ];
auto-upgrade.enable = true;
};
security.dhparams.defaultBitSize = 4096;
system.activationScripts.motd.text = let
cfg = config.system.nixos;
in ''
root=/var/lib/deployment
mkdir -p $root
date "+%s" > $root/date
cat << EOF > $root/motd
Welcome to ${cfg.distroName} ${cfg.release} ("${cfg.codeName}") on
$(${pkgs.figlet}/bin/figlet -lt -f slant ${config.networking.hostName} | ${pkgs.gnused}/bin/sed -e 's/[[:space:]]*$//').${config.networking.domain}
Last deployed on $(date "+%F %T %Z" -d @$(cat "$root/date"))
EOF
'';
users.motdFile = "/var/lib/deployment/motd";
nix.package = pkgs.nixVersions.latest;
nix.gc.automatic = true;
nix.gc.options = "--delete-older-than 7d";
nix.optimise.automatic = true;
nix.registry.nixpkgs.to = lib.mkIf (!config.kyouma.machine-type.container) {
type = "path";
path = pkgs.path;
};
nix.settings = {
experimental-features = [ "nix-command" "flakes" "pipe-operators" ];
trusted-users = [ "root" "@wheel" ];
substituters = [ "https://cache.kyouma.net" ];
trusted-public-keys = [ "cache.kyouma.net:Frjwu4q1rnwE/MnSTmX9yx86GNA/z3p/oElGvucLiZg=" ];
};
nix.extraOptions = ''
builders-use-substitutes = true
'';
nixpkgs.config.allowUnfree = true;
boot.tmp.cleanOnBoot = mkDefault true;
services.journald.extraConfig = "SystemMaxUse=256M";
security.sudo = {
enable = true;
execWheelOnly = true;
wheelNeedsPassword = false;
};
security.sudo-rs = {
enable = false;
execWheelOnly = true;
wheelNeedsPassword = false;
};
users.mutableUsers = mkDefault false;
i18n.defaultLocale = mkDefault "en_EU.UTF-8";
i18n.glibcLocales = (pkgs.glibcLocales.overrideAttrs (orig: {
postPatch = orig.postPatch + ''
cp "${../files/en_EU}" localedata/locales/en_EU
echo 'en_EU.UTF-8/UTF-8 \' >>localedata/SUPPORTED
'';
}));
services.xserver.xkb = {
layout = "de";
variant = "neo_qwerty";
};
console.useXkbConfig = true;
console.earlySetup = true;
services.fprintd.enable = config.kyouma.machine-type.graphical;
system.stateVersion = "23.11";
time.timeZone = mkDefault "CET";
}