127 lines
2.8 KiB
Nix
127 lines
2.8 KiB
Nix
# Edit this configuration file to define what should be installed on
|
||
# your system. Help is available in the configuration.nix(5) man page
|
||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||
|
||
{ config, lib, pkgs, ... }:
|
||
let
|
||
secrets = config.my.secrets;
|
||
in
|
||
{
|
||
imports =
|
||
[ # Include the results of the hardware scan.
|
||
./hardware-configuration.nix
|
||
|
||
./home.nix
|
||
];
|
||
|
||
# Use the systemd-boot EFI boot loader.
|
||
boot.loader.systemd-boot.enable = true;
|
||
boot.loader.efi.canTouchEfiVariables = true;
|
||
|
||
boot.supportedFilesystems = [
|
||
"btrfs"
|
||
"ntfs"
|
||
];
|
||
|
||
services.btrfs = {
|
||
autoScrub = {
|
||
enable = true;
|
||
fileSystems = [ "/" ];
|
||
};
|
||
};
|
||
|
||
networking.hostName = "boreal"; # Define your hostname.
|
||
networking.domain = "alarsyo.net";
|
||
|
||
# Set your time zone.
|
||
time.timeZone = "Europe/Paris";
|
||
|
||
# The global useDHCP flag is deprecated, therefore explicitly set to false here.
|
||
# Per-interface useDHCP will be mandatory in the future, so this generated config
|
||
# replicates the default behaviour.
|
||
networking.interfaces.enp7s0.useDHCP = true;
|
||
networking.interfaces.wlp3s0.useDHCP = true;
|
||
|
||
# List services that you want to enable:
|
||
my.services = {
|
||
borg-backup = {
|
||
enable = true;
|
||
repo = secrets.borg-backup.boreal-repo;
|
||
# for a workstation, having backups spanning the last month should be
|
||
# enough
|
||
prune = {
|
||
keep = {
|
||
daily = 7;
|
||
weekly = 4;
|
||
};
|
||
};
|
||
paths = [
|
||
"/home/alarsyo"
|
||
];
|
||
exclude = [
|
||
"/home/alarsyo/Downloads"
|
||
|
||
# Rust builds using half my storage capacity
|
||
"/home/alarsyo/*/target"
|
||
|
||
# C build crap
|
||
"*.a"
|
||
"*.o"
|
||
"*.so"
|
||
|
||
# ignore all dotfiles as .config and .cache can become quite big
|
||
"re:^/home/alarsyo/\\."
|
||
];
|
||
};
|
||
|
||
wireguard = {
|
||
enable = false;
|
||
iface = "wg";
|
||
port = 51820;
|
||
|
||
net = {
|
||
v4 = {
|
||
subnet = "10.0.0";
|
||
mask = 24;
|
||
};
|
||
v6 = {
|
||
subnet = "fd42:42:42";
|
||
mask = 64;
|
||
};
|
||
};
|
||
};
|
||
};
|
||
|
||
services = {
|
||
openssh = {
|
||
enable = true;
|
||
permitRootLogin = "no";
|
||
passwordAuthentication = false;
|
||
};
|
||
|
||
xserver = {
|
||
enable = true;
|
||
videoDrivers = [ "nvidia" ];
|
||
windowManager.i3.enable = true;
|
||
layout = "fr";
|
||
xkbVariant = "us";
|
||
};
|
||
};
|
||
my.displayManager.sddm.enable = true;
|
||
|
||
# TODO: remove when https://nixpk.gs/pr-tracker.html?pr=124237 reaches unstable
|
||
nix.sandboxPaths = [ "/bin/sh=${pkgs.bash}/bin/sh" ];
|
||
|
||
sound.enable = true;
|
||
hardware.pulseaudio = {
|
||
enable = true;
|
||
extraModules = [ pkgs.pulseaudio-modules-bt ];
|
||
package = pkgs.pulseaudioFull;
|
||
};
|
||
|
||
hardware.bluetooth = {
|
||
enable = true;
|
||
powerOnBoot = true;
|
||
};
|
||
}
|