mio-ops/hosts/sanganto/default.nix
2024-12-04 15:30:47 +10:00

113 lines
3.4 KiB
Nix

# NixOS configuration for ŝanĝanto
{
config,
pkgs,
...
}: {
imports = [
../../hardware/system76_thelioMira.nix # Include results of the hardware scan.
../../profiles/cron-craige.nix # Provide Craige's cron jobs
../../profiles/haskell-dev.nix # Haskell dev environment
../../profiles/host_common.nix # Common host configuration options
../../profiles/iog.nix # IOHK environment
../../profiles/keyboard.nix
../../profiles/neomutt.nix # Neomutt email
../../profiles/nix-community.nix # Nix community aarch64 tooling
../../profiles/nixpkgs-dev.nix # Nix pkgs dev tools
../../profiles/openssh.nix # Enable and configure openssh
../../profiles/pipewire.nix # Enable and pipewire audio system
../../profiles/xmonad.nix # Xmonad desktop environment
../../profiles/yubikey.nix # Yubikey tooling
../../profiles/users-ops.nix # MIO Ops users
];
nixpkgs = {
config = {
allowUnfree = true;
permittedInsecurePackages = [
"openssl-1.0.2u"
];
};
overlays = [(import ../../overlays/ncmpcpp.nix)];
};
boot = {
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
kernel.sysctl."net.ipv4.ip_forward" = "1";
extraModprobeConfig = "options kvm_intel nested=1";
};
networking = {
hostName = "sanganto"; # Define your hostname.
networkmanager.enable = true; # Enables network support via NetworkManager.
};
fonts.packages = with pkgs; [
anonymousPro
cascadia-code # onospaced font that includes programming ligatures
dejavu_fonts # A typeface family based on the Bitstream Vera fonts
fira-code # Monospace font with programming ligaturess
font-awesome
hack-font # A typeface designed for source code
iosevka # Versatile typeface for code, from code
jetbrains-mono
open-sans # Used in in my polybar configuration
xkcd-font # Font based handwriting in xkcd comics
];
# List packages installed in system profile. To search, run:
environment.systemPackages = with pkgs; [
];
services = {
acpid.enable = true;
blueman.enable = true;
gvfs.enable = true; # required by pcmanfm
kbfs.enable = true;
};
networking.firewall = {
enable = true;
checkReversePath = false; # Needed for libvirtd
allowedTCPPorts = [15000];
};
# Virtualisation configuration:
virtualisation = {
libvirtd = {
enable = true; # Enable libvirtd
qemu = {
#package = pkgs.qemu_kvm; # Enable guest only for the same arch
package = pkgs.qemu; # Enable full emulation
verbatimConfig = ''
user = "craige"
group = "libvirtd"
'';
};
onShutdown = "shutdown"; # Set gust VMs to shutdown on host shutdown
extraConfig = ''
disk_bus = "virtio"
'';
};
};
# The below pair are set to overcome flakey connections / busy servers that
# fail to respond to ssh keep alive requests, sometimes triggering:
# client_loop: send disconnect: Broken pipe
programs.ssh.extraConfig = ''
ServerAliveInterval 20
TCPKeepAlive no
'';
users.groups = {lp.members = ["messagebus"];};
# This value determines the NixOS release with which your system is to be
# compatible, in order to avoid breaking some software such as database
# servers. You should change this only after NixOS release notes say you
# should.
system.stateVersion = "23.05"; # Did you read the comment?
}