diff --git a/hosts/dionach.nix b/hosts/dionach.nix new file mode 100644 index 0000000..dab9142 --- /dev/null +++ b/hosts/dionach.nix @@ -0,0 +1,214 @@ +# NixOps configuration for dionach + +{ config, pkgs, ... }: + +{ + + imports = [ + ../hardware/purism_librem_15.nix # Include the results of the hardware scan. + ../roles/android.nix # Provide an Android dev environment + ../roles/desktop-feeds.nix # Tools for news feeds and podcasts + ../roles/haskell-dev.nix # Haskel dev environment + ../roles/host_common.nix # Common host configuration options + ../roles/iohk.nix # IOHK environment + ../roles/neomutt.nix # Neomutt email + ../roles/nix-community.nix # Nix community aarch64 tooling + ../roles/nix-mio-ops.nix # mio-ops Nix tooling + ../roles/qemu.nix # Qemu virtualisation + ../roles/xmonad.nix # Xmonad desktop environment + ../roles/yubikey.nix # Yubikey tooling + ../secrets/craige.nix # Ssshhhhh! + ../secrets/wireless.nix # Hey look! A squirrel! + ]; + + nixpkgs.config = { + allowUnfree = true; + permittedInsecurePackages = [ + "openssl-1.0.2u" + ]; + }; + + nix.nixPath = [ + "nixpkgs=https://nixos.org/channels/nixos-20.03/nixexprs.tar.xz" + "nixos-config=/etc/nixos/configuration.nix" + ]; + + # Use the GRUB 2 boot loader. + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only + boot.kernel.sysctl."net.ipv4.ip_forward" = "1"; + boot.extraModprobeConfig = "options kvm_intel nested=1"; + + networking = { + hostName = "dionach"; # Define your hostname. + }; + + # List packages installed in system profile. To search, run: + environment.systemPackages = with pkgs; [ + aspell # Required for spell checking in weechat + aspellDicts.en # Required for spell checking in weechat + aspellDicts.en-computers # Required for spell checking in weechat + aspellDicts.en-science # Required for spell checking in weechat + bash + binutils + bluez-tools + brave # Privacy-oriented browser + bridge-utils # for brctl + chromium + clang + ddrescue + dejavu_fonts + docutils # Python Documentation Utilities + electrum # Bitcoin wallet + emacs25-nox # Emacs, no X11 + evince + exiftool # A tool to read, write and edit EXIF meta information + ffmpeg-full # record, convert and stream audio and video + file + fira-code # Monospace font with programming ligatures + firefox + gcc + gimp + gnome2.gvfs + gnumake + gnused + google-authenticator # 2FA + google-chrome # A freeware web browser developed by Google + gphoto2 + gphoto2fs + gvfs + imagemagick + iptables # iptables + libmtp + libgphoto2 + libreoffice-fresh # Libreoffice - fresh version + lxmenu-data + mkpasswd + monoid # Customisable coding font with alternates, ligatures and contextual positioning + mosh + mp3info # MP3 tag editor / query tool + mpd + mplayer + mtpfs + multimc + ncmpcpp + nextcloud-client + obs-studio # Free and open source software for video recording and live streaming + openjdk8 + p7zip + pandoc + pavucontrol + pcmanfm + pstree # Show the set of running processes as a tree + pwgen + pythonFull + python27Packages.restview # ReStructuredText viewer + python37Packages.websocket_client # Used by Slack plugin for weechat + python37Packages.sphinx # A tool that makes it easy to create intelligent and beautifulul documentation for Python projects + radiotray-ng # Internet radio player + rdiff-backup # External backups + riot-desktop # A feature-rich client for Matrix.org + shared_mime_info + shotwell + signal-desktop + sshfs + taskwarrior # Highly flexible command-line tool to manage TODO lists + tcpdump # tcpdump + tectonic + termonad-with-packages + texlive.combined.scheme-full + tpm-tools + tor-browser-bundle-bin + udevil + unrar + unzip + vcsh + vgo2nix # Required for packaging Golang applications + weechat # Preferred instant messaging client + weechat-matrix-bridge # Matrix plugin for weechat + wget + xorg.xev + youtube-dl + zip # zip all the zip's + zlib + zlib.dev + ( + import /home/craige/Forge/mio-ops/roles/vim.nix + ) + ]; + + environment.variables = { + GIO_EXTRA_MODULES = [ "${pkgs.gvfs}/lib/gio/modules" ]; + }; + + # Enable cron service + services.cron = { + enable = true; + systemCronJobs = [ + "*/5 * * * * root date >> /tmp/cron.log" + "*/5 * * * * craige /run/current-system/sw/bin/task sync >> /home/craige/.tasksync.log 2>&1" + "*/5 * * * * craige /run/current-system/sw/bin/task rc:~/.taskrc_obair sync >> /home/craige/.tasksync_obair.log 2>&1" + ]; + }; + services.acpid.enable = true; + services.blueman.enable = true; + services.kbfs.enable = true; + + services.xserver.desktopManager.enlightenment.enable = true; + + networking.firewall = { + enable = true; + checkReversePath = false; # Needed for libvirtd + allowedTCPPorts = [ 15000 ]; + }; + + # Virtualisation configuration: + virtualisation = { + libvirtd = { + enable = true; # Enable libvirtd + #qemuPackage = pkgs.qemu_kvm; # Enable guest only for the same arch + qemuPackage = pkgs.qemu; # Enable full emulation + onShutdown = "shutdown"; # Set gust VMs to shutdown on host shutdown + extraConfig = '' + disk_bus = "virtio" + ''; + qemuVerbatimConfig = '' + user = "craige" + group = "libvirtd" + ''; + }; + }; + + # Enable sound. + sound.enable = true; + hardware = { + pulseaudio = { + enable = true; + systemWide = false; + extraModules = [ pkgs.pulseaudio-modules-bt ]; + package = pkgs.pulseaudioFull; + }; + bluetooth = { + enable = true; + config = { + General = { + Enable = "Source,Sink,Media,Socket"; + }; + Policy = { + AutoEnable = "true"; + }; + }; + }; + opengl.enable = true; + }; + + # This value determines the NixOS release with which your system is to be + # compatible, in order to avoid breaking some software such as database + # servers. You should change this only after NixOS release notes say you + # should. + system.stateVersion = "18.03"; # Did you read the comment? + system.autoUpgrade.enable = true; + system.autoUpgrade.channel = https://nixos.org/channels/nixos-20.03; + +}