tristan/nix
1
0
Fork 0
Code Projects Releases Packages Activity
nix/system/work/system.nix
Tristan 5140dec6bc wowo
2023-05-03 16:11:50 +01:00

92 lines
2.9 KiB
Nix
Raw Blame History

# https://search.nixos.org/options
{ config, pkgs, lib, ... }:
{
networking.hostName = "FCS-Tristan-Nixbook";
services.xserver = {
layout = "gb";
xkbVariant = "dvorak";
xkbOptions = "caps:escape";
};
environment.systemPackages = with pkgs; [
openvpn
openvpn3
];
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
# nonfree vscode required for dev containers
"vscode"
];
networking = {
networkmanager = {
plugins = [ pkgs.networkmanager-openvpn ];
};
};
boot.kernel.sysctl = {
"net.ipv4.ip_unprivileged_port_start" = 53;
};
system.stateVersion = "22.11"; # do not change
security.pki.certificates = [
# mkcert root CA
''
-----BEGIN CERTIFICATE-----
MIIEtTCCAx2gAwIBAgIQJFzbDr6Qu0RdwlB9iBsKjjANBgkqhkiG9w0BAQsFADBz
MR4wHAYDVQQKExVta2NlcnQgZGV2ZWxvcG1lbnQgQ0ExJDAiBgNVBAsMG3RyaXN0
YW5ARkNTLVRyaXN0YW4tTml4Ym9vazErMCkGA1UEAwwibWtjZXJ0IHRyaXN0YW5A
RkNTLVRyaXN0YW4tTml4Ym9vazAeFw0yMzA0MjcwOTA5MDBaFw0zMzA0MjcwOTA5
MDBaMHMxHjAcBgNVBAoTFW1rY2VydCBkZXZlbG9wbWVudCBDQTEkMCIGA1UECwwb
dHJpc3RhbkBGQ1MtVHJpc3Rhbi1OaXhib29rMSswKQYDVQQDDCJta2NlcnQgdHJp
c3RhbkBGQ1MtVHJpc3Rhbi1OaXhib29rMIIBojANBgkqhkiG9w0BAQEFAAOCAY8A
MIIBigKCAYEA0rfztOVR6WnW/y/eSjVYPg9Hukegmj4JiPyYWWGwDU2WDFnZNL3h
g66YIngid/1tK/xau793oL5tSlxASCi/8v+UCu946p71iVnEM6GiI5bmLA2yV6DB
gbb6OQ5WCLfoOwOHW5jchlXpFstMsTGAyck3D8n0ndebQQc6YbOQG4RFyTftwI3g
2oy8Vl8NKyRL2V3NIPx16OkmLDhzo0bKHQAvPc+QUYfKRRn7UlUyfTy/ILwa0ezt
5KcggU/OMT68eFSp3LItUhRu1zSygCDk2zhJq8ieb5BypvSBWj/mSZtucpoasl72
txiRCN7yrGw21Z34KdqVF+mI0bWVEZESu1/93HzsEcy9SUX/tF11t/Zb5WAF3kFH
dk0UMRTayhKZuxCRmGIqjLrItUli2tDy+QTzNU0XZAaUokqk3to5GoXSij9H0MdJ
VRA8Y2Mdp+l16MMgLMG5gR9KVnCyM1bkqFJpR+xt8xyeAljI9hFVTyI4i36nUWoi
ITdpBUkaOSoVAgMBAAGjRTBDMA4GA1UdDwEB/wQEAwICBDASBgNVHRMBAf8ECDAG
AQH/AgEAMB0GA1UdDgQWBBQnpJfEOuRFXN0YJwf3R2EiWtApHDANBgkqhkiG9w0B
AQsFAAOCAYEAQx3kukopMjvybhbKsx/aU7CynjRCIbbONE10dX9fw7AtjQRB8Vcm
hlsW13MmM6DxroY6taWD8KLZxRNJeHoWdjN689sAbIlnaLrry7XDx5wtsBGfZh3j
vtFzSqHumxa1LjEQPUetTFp6YNgqDDyB53pU/Xfahwda8PCEOEqAsEveYyPqu0I1
MxNdPa/exE2HJxXZarWQ4pcqReykIVale+WbdOmSaT9cnA+E82hshhq3X6Aeti5s
DmIzY//L1LuNs0bXD4ECyMHA8Pgu3JyhnCIu8cxAKyOnM63P9iKZq5c9NASbvGgT
DNlxgyFqDQEI5k8Q2INM/6ZlJKcKRlIh1Nxd2PXl68IA0dWftBGydCGPPPcSdGCy
vA3XfPrgbuqdJjuPjQggMyajJsg2Y7b9YBL7XIBcwKqnSCxoDORGRQEy47sTaT8a
/BqBUuDPQbCF8MZcbsfwQP4pj8E/YyiSQCSZwQVpwVbZNBSOvcq28h0TEzDnAoHG
ey1rgb0TA5zi
-----END CERTIFICATE-----
''
];
# dangerous
# users.users.tristan.extraGroups = [ "docker" ];
virtualisation.docker = {
enable = true;
storageDriver = "btrfs";
rootless = {
enable = true;
setSocketVariable = true;
};
};
services.greetd = {
settings = rec {
sway_session = {
command = "sway";
user = "tristan";
};
};
};
}
View git blame Copy permalink