109 lines
2.1 KiB
Nix
109 lines
2.1 KiB
Nix
# https://search.nixos.org/options
|
|
{
|
|
inputs,
|
|
config,
|
|
pkgs,
|
|
lib,
|
|
...
|
|
}: let
|
|
user = config.user;
|
|
in {
|
|
imports = [
|
|
./modules/podman.nix
|
|
];
|
|
|
|
nix = {
|
|
settings = {
|
|
experimental-features = ["nix-command" "flakes"];
|
|
};
|
|
settings.trusted-users = ["root" user];
|
|
|
|
registry.nixpkgs.flake = inputs.nixpkgs;
|
|
};
|
|
|
|
boot.loader.grub = {
|
|
enable = true;
|
|
device = "nodev";
|
|
efiSupport = true;
|
|
};
|
|
boot.loader.efi.canTouchEfiVariables = true;
|
|
|
|
networking.networkmanager.enable = true;
|
|
|
|
# fix nixos-containers
|
|
networking.nat.enable = true;
|
|
networking.nat.internalInterfaces = ["ve-+"];
|
|
networking.nat.externalInterface = "eth0";
|
|
networking.networkmanager.unmanaged = ["interface-name:ve-*"];
|
|
|
|
services.tailscale.enable = true;
|
|
networking.firewall.interfaces.tailscale0 = {
|
|
allowedTCPPortRanges = [
|
|
{
|
|
from = 0;
|
|
to = 65535;
|
|
}
|
|
];
|
|
};
|
|
networking.hosts = {
|
|
"100.65.29.110" = ["zenix"];
|
|
"100.106.241.122" = ["alpine" "tristans.cloud"];
|
|
"100.71.130.111" = ["fcs-tristan-nixbook"];
|
|
"100.69.60.83" = ["google-pixel-8"];
|
|
};
|
|
|
|
time.timeZone = lib.mkDefault "Europe/London";
|
|
|
|
console = {
|
|
font = "Lat2-Terminus16";
|
|
useXkbConfig = true;
|
|
};
|
|
|
|
services.avahi.enable = true;
|
|
|
|
i18n.defaultLocale = lib.mkDefault "en_GB.UTF-8";
|
|
|
|
services.xserver.xkb = {
|
|
layout = lib.mkDefault "gb";
|
|
options = "caps:escape";
|
|
};
|
|
|
|
system.configurationRevision =
|
|
pkgs.lib.mkIf (inputs.self ? rev)
|
|
inputs.self.rev;
|
|
|
|
users.users.${user} = {
|
|
isNormalUser = true;
|
|
extraGroups = ["wheel" "video" "networkmanager" "kvm"];
|
|
initialPassword = "pass";
|
|
shell = pkgs.zsh;
|
|
};
|
|
programs.zsh.enable = true;
|
|
|
|
environment.variables = {
|
|
EDITOR = "nvim";
|
|
VISUAL = "nvim";
|
|
};
|
|
environment.pathsToLink = ["/share/zsh"];
|
|
|
|
services.gvfs.enable = true;
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
tealdeer
|
|
alsa-utils
|
|
trash-cli
|
|
wget
|
|
unzip
|
|
fzf
|
|
sops
|
|
];
|
|
|
|
boot.kernel.sysctl = {
|
|
"net.ipv4.ip_unprivileged_port_start" = 53;
|
|
};
|
|
|
|
services.prometheus.exporters.node = {
|
|
enable = true;
|
|
enabledCollectors = ["systemd"];
|
|
};
|
|
}
|