nixos-config/hosts/boreal/default.nix

109 lines
2.5 KiB
Nix
Raw Normal View History

2021-04-16 21:33:48 +02:00
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, lib, pkgs, ... }:
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
2021-04-19 14:29:38 +02:00
./home.nix
./secrets.nix
2021-04-16 21:33:48 +02:00
];
boot.kernelPackages = pkgs.linuxPackages_latest;
2021-04-16 21:33:48 +02:00
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
2021-04-27 18:17:06 +02:00
boot.supportedFilesystems = [
"btrfs"
"ntfs"
];
2021-04-16 21:33:48 +02:00
services.btrfs = {
autoScrub = {
enable = true;
fileSystems = [ "/" ];
};
};
networking.hostName = "boreal"; # Define your hostname.
networking.domain = "alarsyo.net";
# Set your time zone.
time.timeZone = "Europe/Paris";
# The global useDHCP flag is deprecated, therefore explicitly set to false here.
# Per-interface useDHCP will be mandatory in the future, so this generated config
# replicates the default behaviour.
2021-07-01 22:19:51 +02:00
networking.interfaces.enp8s0.useDHCP = true;
networking.interfaces.wlp4s0.useDHCP = true;
2021-04-16 21:33:48 +02:00
# List services that you want to enable:
my.services = {
restic-backup = {
2021-04-23 20:38:22 +02:00
enable = true;
repo = "b2:boreal-backup";
passwordFile = config.age.secrets."restic-backup/boreal-password".path;
environmentFile = config.age.secrets."restic-backup/boreal-credentials".path;
2021-04-23 20:38:22 +02:00
paths = [
"/home/alarsyo"
];
exclude = [
"/home/alarsyo/Downloads"
# Rust builds using half my storage capacity
2022-01-17 23:39:45 +01:00
"/home/alarsyo/**/target"
"/home/alarsyo/work/rust/build"
2021-04-23 20:38:22 +02:00
2021-06-17 10:58:24 +02:00
# don't backup nixpkgs
"/home/alarsyo/work/nixpkgs"
2021-04-23 20:38:22 +02:00
# C build crap
"*.a"
"*.o"
"*.so"
# ignore all dotfiles as .config and .cache can become quite big
2021-08-13 18:39:20 +02:00
"/home/alarsyo/.*"
2021-04-23 20:38:22 +02:00
];
};
2021-05-26 00:33:52 +02:00
pipewire.enable = true;
2021-07-13 23:48:41 +02:00
tailscale.enable = true;
2021-04-16 21:33:48 +02:00
};
services = {
openssh = {
enable = true;
permitRootLogin = "no";
passwordAuthentication = false;
};
};
my.gui = {
enable = true;
isNvidia = true;
};
2021-04-22 14:22:55 +02:00
2021-08-21 12:00:56 +02:00
my.wakeonwlan.interfaces.phy0.methods = [
"magic-packet"
"disconnect"
"gtk-rekey-failure"
"eap-identity-request"
"rfkill-release"
];
2022-01-11 16:08:21 +01:00
services.udev.packages = [ pkgs.packages.kaleidoscope-udev-rules ];
2021-04-17 03:15:44 +02:00
hardware.bluetooth = {
enable = true;
powerOnBoot = false;
2021-04-17 03:15:44 +02:00
};
2021-04-16 21:33:48 +02:00
}