mio-ops/hosts/dionach.nix

219 lines
6.6 KiB
Nix
Raw Normal View History

2020-05-05 15:21:17 +00:00
# NixOps configuration for dionach
{ config, pkgs, ... }:
{
imports = [
2021-11-16 04:57:23 +00:00
../hardware/purism_librem_15.nix # Include results of the hardware scan.
../profiles/android.nix # Provide an Android dev environment
../profiles/cron-craige.nix # Provide Craige's cron jobs
../profiles/daedalus.nix # The open source cryptocurrency wallet for ADA
../profiles/desktop-feeds.nix # Tools for news feeds and podcasts
../profiles/desktopCraige.nix # Craige's desktop tools and apps
2021-12-14 23:01:51 +00:00
../profiles/haskell-dev.nix # Haskell dev environment
2021-11-16 04:57:23 +00:00
../profiles/host_common.nix # Common host configuration options
../profiles/iohk.nix # IOHK environment
2021-05-20 23:46:22 +00:00
../profiles/keyboard.nix
2021-11-16 04:57:23 +00:00
../profiles/neomutt.nix # Neomutt email
../profiles/nix-community.nix # Nix community aarch64 tooling
../profiles/nix-mio-ops.nix # mio-ops Nix tooling
../profiles/nixpkgs-dev.nix # Nix pkgs dev tools
../profiles/openssh.nix # Enable and configure openssh
../profiles/powerManagement.nix # Power management for laptops
../profiles/qemu.nix # Qemu virtualisation
../profiles/typingTutor.nix # Typing tutorials
../profiles/weechat.nix # Weechat environment
../profiles/xmonad.nix # Xmonad desktop environment
../profiles/yubikey.nix # Yubikey tooling
../secrets/craige.nix # Ssshhhhh!
../secrets/root.nix # Ssshhhhh!
../secrets/wireless.nix # Hey look! A squirrel!
2020-05-05 15:21:17 +00:00
];
2020-06-23 00:49:45 +00:00
deployment.targetHost = "localhost";
2020-05-05 15:21:17 +00:00
nixpkgs.config = {
allowUnfree = true;
2021-11-16 04:57:23 +00:00
permittedInsecurePackages = [ "openssl-1.0.2u" "minecraft" ];
2020-05-05 15:21:17 +00:00
};
# Use the GRUB 2 boot loader.
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
boot.loader.grub.device = "/dev/nvme0n1"; # or "nodev" for efi only
2020-05-05 15:21:17 +00:00
boot.kernel.sysctl."net.ipv4.ip_forward" = "1";
boot.extraModprobeConfig = "options kvm_intel nested=1";
networking = {
2021-11-16 04:57:23 +00:00
hostName = "dionach"; # Define your hostname.
2020-05-05 15:21:17 +00:00
};
fonts.fonts = with pkgs; [
2021-11-16 04:57:23 +00:00
dejavu_fonts # A typeface family based on the Bitstream Vera fonts
fira-code # Monospace font with programming ligatures
#monoid # Customisable coding font with alternates, ligatures and contextual positioning
2021-11-16 04:57:23 +00:00
nerdfonts # Iconic font aggregator, collection, & patcher
xkcd-font # Font based handwriting in xkcd comics
];
2020-05-05 15:21:17 +00:00
# List packages installed in system profile. To search, run:
environment.systemPackages = with pkgs; [
bash
binutils
bluez-tools
2021-11-16 04:57:23 +00:00
brave # Privacy-oriented browser
bridge-utils # for brctl
2020-05-05 15:21:17 +00:00
chromium
clang
ddrescue
2021-11-16 04:57:23 +00:00
docutils # Python Documentation Utilities
electrum # Bitcoin wallet
element-desktop # A feature-rich client for Matrix.org
2020-05-05 15:21:17 +00:00
evince
2021-11-16 04:57:23 +00:00
exiftool # A tool to read, write and edit EXIF meta information
ffmpeg-full # record, convert and stream audio and video
2020-05-05 15:21:17 +00:00
file
firefox
gcc
gimp
gnome2.gvfs
gnumake
gnused
2021-11-16 04:57:23 +00:00
google-authenticator # 2FA
google-chrome # A freeware web browser developed by Google
googleearth # A world sphere viewer
graphviz # Graph visualization tools
2020-05-05 15:21:17 +00:00
gvfs
imagemagick
2021-11-16 04:57:23 +00:00
inetutils # Common network utilies
2020-12-31 01:58:58 +00:00
inotify-tools
2021-11-16 04:57:23 +00:00
iptables # iptables
2020-05-05 15:21:17 +00:00
libmtp
libgphoto2
2021-11-16 04:57:23 +00:00
libreoffice-fresh # Libreoffice - fresh version
2020-05-05 15:21:17 +00:00
lxmenu-data
minecraft
2020-05-05 15:21:17 +00:00
mkpasswd
2021-11-16 04:57:23 +00:00
mp3info # MP3 tag editor / query tool
2020-05-05 15:21:17 +00:00
mpd
mplayer
mtpfs
multimc
ncmpcpp
nextcloud-client
2021-11-16 04:57:23 +00:00
nvme-cli # NVM-Express user space tooling for Linux
obs-studio # Free and open source software for video recording and live streaming
2020-05-05 15:21:17 +00:00
openjdk8
2021-11-16 04:57:23 +00:00
openssl # A cryptographic library that implements the SSL and TLS protocols
2020-05-05 15:21:17 +00:00
p7zip
pandoc
pavucontrol
pcmanfm
2021-11-16 04:57:23 +00:00
pstree # Show the set of running processes as a tree
2020-05-05 15:21:17 +00:00
pwgen
2021-09-28 01:17:31 +00:00
python38Packages.pygments
2020-05-05 15:21:17 +00:00
pythonFull
2021-11-16 04:57:23 +00:00
python38Packages.restview # ReStructuredText viewer
python38Packages.sphinx # A tool that makes it easy to create intelligent and beautifulul documentation for Python projects
radiotray-ng # Internet radio player
rdiff-backup # External backups
2020-05-05 15:21:17 +00:00
shared_mime_info
shotwell
signal-desktop
2021-11-16 04:57:23 +00:00
smartmontools # Tools for monitoring the health of hard drives
2020-05-05 15:21:17 +00:00
sshfs
2021-11-16 04:57:23 +00:00
taskwarrior # Highly flexible command-line tool to manage TODO lists
tcpdump # tcpdump
2020-05-05 15:21:17 +00:00
tectonic
2021-11-16 04:57:23 +00:00
tdesktop # Telegram Desktop messaging app
2020-05-05 15:21:17 +00:00
termonad-with-packages
texlive.combined.scheme-full
2021-11-16 04:57:23 +00:00
tmate # Instant Terminal Sharing
2020-05-05 15:21:17 +00:00
tpm-tools
#tor-browser-bundle-bin
2021-11-16 04:57:23 +00:00
tree # Command to produce a depth indented directory listing
2020-05-05 15:21:17 +00:00
udevil
unrar
unzip
vcsh
2021-11-16 04:57:23 +00:00
vgo2nix # Required for packaging Golang applications
2020-05-05 15:21:17 +00:00
wget
2021-11-16 04:57:23 +00:00
wesnoth # Turn-based strategy game
2020-05-05 15:21:17 +00:00
xorg.xev
youtube-dl
2021-11-16 04:57:23 +00:00
zip # zip all the zip's
2020-05-05 15:21:17 +00:00
zlib
zlib.dev
];
environment.variables = {
GIO_EXTRA_MODULES = [ "${pkgs.gvfs}/lib/gio/modules" ];
};
services.acpid.enable = true;
services.blueman.enable = true;
services.kbfs.enable = true;
services.xserver.desktopManager.enlightenment.enable = true;
networking.firewall = {
enable = true;
2021-11-16 04:57:23 +00:00
checkReversePath = false; # Needed for libvirtd
2020-05-05 15:21:17 +00:00
allowedTCPPorts = [ 15000 ];
};
# Virtualisation configuration:
virtualisation = {
libvirtd = {
2021-11-16 04:57:23 +00:00
enable = true; # Enable libvirtd
2021-12-30 00:58:37 +00:00
qemu = {
#package = pkgs.qemu_kvm; # Enable guest only for the same arch
package = pkgs.qemu; # Enable full emulation
2022-01-13 22:21:33 +00:00
verbatimConfig = ''
user = "craige"
group = "libvirtd"
'';
2021-12-30 00:58:37 +00:00
};
2021-11-16 04:57:23 +00:00
onShutdown = "shutdown"; # Set gust VMs to shutdown on host shutdown
2020-05-05 15:21:17 +00:00
extraConfig = ''
disk_bus = "virtio"
'';
};
};
# Enable sound.
sound.enable = true;
hardware = {
pulseaudio = {
enable = true;
systemWide = false;
extraModules = [ pkgs.pulseaudio-modules-bt ];
package = pkgs.pulseaudioFull;
};
bluetooth = {
enable = true;
2021-07-28 00:28:19 +00:00
hsphfpd.enable = true;
2022-01-13 22:26:32 +00:00
settings = { Policy = { AutoEnable = "true"; }; };
2020-05-05 15:21:17 +00:00
};
opengl.enable = true;
};
# The below pair are set to overcome flakey connections / busy servers that
# fail to respond to ssh keep alive requests, sometimes triggering:
# client_loop: send disconnect: Broken pipe
programs.ssh.extraConfig = ''
ServerAliveInterval 20
TCPKeepAlive no
'';
2021-11-16 04:57:23 +00:00
users.groups = { lp.members = [ "messagebus" ]; };
2020-05-05 15:21:17 +00:00
# This value determines the NixOS release with which your system is to be
# compatible, in order to avoid breaking some software such as database
# servers. You should change this only after NixOS release notes say you
# should.
system.stateVersion = "20.03"; # Did you read the comment?
2020-05-05 15:21:17 +00:00
}