154 lines
3.5 KiB
Nix
154 lines
3.5 KiB
Nix
#
|
|
# Module that is included for all systems and configures basic NixOS setting that we want
|
|
#
|
|
{
|
|
modulesPath,
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
...
|
|
}:
|
|
{
|
|
imports = [
|
|
(modulesPath + "/profiles/qemu-guest.nix")
|
|
];
|
|
|
|
# boot config
|
|
boot.initrd.systemd.enable = true;
|
|
boot.initrd.availableKernelModules = [
|
|
"ahci"
|
|
"xhci_pci"
|
|
"virtio_pci"
|
|
"sr_mod"
|
|
"virtio_blk"
|
|
];
|
|
boot.initrd.kernelModules = [ ];
|
|
|
|
boot.kernelModules = [ "kvm-intel" ];
|
|
boot.extraModulePackages = [ ];
|
|
boot.loader.grub = {
|
|
enable = true;
|
|
device = lib.mkDefault "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0";
|
|
};
|
|
|
|
# partitioning and filesystems
|
|
disko.devices = lib.mkDefault {
|
|
disk = {
|
|
system = {
|
|
type = "disk";
|
|
device = lib.mkDefault "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0";
|
|
content = {
|
|
type = "gpt";
|
|
partitions = {
|
|
mbr = {
|
|
type = "ef02";
|
|
size = "1M";
|
|
};
|
|
swap = {
|
|
size = lib.mkDefault "8G";
|
|
content = {
|
|
type = "swap";
|
|
discardPolicy = "both";
|
|
};
|
|
};
|
|
root = {
|
|
type = "8300";
|
|
size = "100%";
|
|
content = {
|
|
type = "filesystem";
|
|
format = "ext4";
|
|
mountpoint = "/";
|
|
mountOptions = [
|
|
"defaults"
|
|
"noatime"
|
|
];
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
# settings for nix and nixos
|
|
nixpkgs.config.allowUnfree = true;
|
|
nix.settings = {
|
|
tarball-ttl = 60;
|
|
trusted-users = [
|
|
"root"
|
|
"@wheel"
|
|
];
|
|
experimental-features = [
|
|
"nix-command"
|
|
"flakes"
|
|
];
|
|
};
|
|
nix.gc = {
|
|
automatic = true;
|
|
dates = "weekly";
|
|
options = "--delete-older-than 30d";
|
|
};
|
|
|
|
# link flake source into /etc/nixos
|
|
environment.etc."nixos".source = ../.;
|
|
|
|
# locale settings
|
|
time.timeZone = lib.mkDefault "Europe/Berlin";
|
|
i18n = {
|
|
# https://man.archlinux.org/man/locale.7
|
|
defaultLocale = lib.mkDefault "en_US.UTF-8";
|
|
extraLocaleSettings = lib.genAttrs [
|
|
"LC_CTYPE"
|
|
"LC_NUMERIC"
|
|
"LC_TIME"
|
|
"LC_COLLATE"
|
|
"LC_MONETARY"
|
|
"LC_PAPER"
|
|
"LC_NAME"
|
|
"LC_ADDRESS"
|
|
"LC_TELEPHONE"
|
|
"LC_MEASUREMENT"
|
|
"LC_IDENTIFICATION"
|
|
] (key: "de_DE.UTF-8");
|
|
};
|
|
services.xserver.xkb.layout = lib.mkDefault "de";
|
|
|
|
# vconsole
|
|
console = {
|
|
font = lib.mkDefault "${pkgs.terminus_font}/share/consolefonts/ter-u16n.psf.gz";
|
|
packages = lib.mkDefault [ pkgs.terminus_font ];
|
|
keyMap = lib.mkDefault "de";
|
|
useXkbConfig = lib.mkDefault true;
|
|
};
|
|
|
|
# ssh server
|
|
services.openssh = {
|
|
enable = true;
|
|
settings = {
|
|
PermitRootLogin = "no";
|
|
PasswordAuthentication = false;
|
|
};
|
|
};
|
|
|
|
# misc software settings
|
|
home-manager.useGlobalPkgs = lib.mkDefault true;
|
|
programs.command-not-found.enable = false;
|
|
environment.localBinInPath = true;
|
|
services.qemuGuest.enable = true;
|
|
|
|
# derive sops key from ssh key if ssh is enable and configure host sepcific secrets
|
|
sops.age.sshKeyPaths = lib.mkIf config.services.openssh.enable [ "/etc/ssh/ssh_host_ed25519_key" ];
|
|
#sops.defaultSopsFile = ../data/secrets + "/${config.networking.fqdnOrHostName}.yml";
|
|
|
|
# additional apps
|
|
environment.systemPackages = with pkgs; [
|
|
git
|
|
helix
|
|
htop
|
|
];
|
|
|
|
#environment.variables = {
|
|
# EDITOR = "hx";
|
|
# VISUAL = "hx";
|
|
#};
|
|
}
|