C3D2
/
nix-config
Watch 14
Star 4
Fork 2
Code Issues 0 Pull Requests 2 Releases 0 Wiki Activity
configurations of hq services
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
383 Commits
5 Branches
Tree: 7ce33808f2
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '7ce33808f2'
${ noResults }
nix-config/hosts/glotzbert/configuration.nix

configuration.nix 4.0KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150 
  1. { config, pkgs, ... }:

  2. 

  3. {

  4.   imports = [ ./hardware-configuration.nix ../../lib ];

  5. 

  6.   c3d2 = {

  7.     users.k-ot = true;

  8.     isInHq = true;

  9.     hq.interface = "eno1";

  10.     hq.enableBinaryCache = false;

  11.     enableHail = false;

  12.   };

  13. 

  14.   nixpkgs.config.allowUnfree = true;

  15.   nix = {

  16.     useSandbox = true;

  17.     buildCores = 4;

  18.     maxJobs = 4;

  19.   };

  20. 

  21.   # Use the systemd-boot EFI boot loader.

  22.   boot.loader.systemd-boot.enable = true;

  23.   boot.loader.efi.canTouchEfiVariables = true;

  24.   boot.kernelPackages = pkgs.linuxPackages_latest;

  25. 

  26.   networking.hostName = "glotzbert"; # Define your hostname.

  27.   # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.

  28.   networking.interfaces.eno1.useDHCP = true;

  29. 

  30.   # Configure network proxy if necessary

  31.   # networking.proxy.default = "http://user:password@proxy:port/";

  32.   # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";

  33. 

  34.   # Select internationalisation properties.

  35.   console = {

  36.     font = "${pkgs.terminus_font}/share/consolefonts/ter-u28n.psf.gz";

  37.     keyMap = "de";

  38.   };

  39.   i18n.defaultLocale = "en_US.UTF-8";

  40. 

  41.   # Set your time zone.

  42.   time.timeZone = "Europe/Berlin";

  43. 

  44.   # List packages installed in system profile. To search, run:

  45.   # $ nix search wget

  46.   environment.systemPackages = with pkgs; [

  47.     wget vim git tmux screen

  48.     chromium firefox

  49.     mpv kodi

  50.   ];

  51. 

  52.   systemd.user.services.x11vnc = {

  53.     description = "X11 VNC server";

  54.     wantedBy = [ "graphical-session.target" ];

  55.     partOf = [ "graphical-session.target" ];

  56.     serviceConfig = {

  57.       ExecStart = ''

  58.         ${pkgs.x11vnc}/bin/x11vnc -shared -forever -passwd k-ot

  59.       '';

  60.       RestartSec = 3;

  61.       Restart = "always";

  62.     };

  63.   };

  64. 

  65.   # Some programs need SUID wrappers, can be configured further or are

  66.   # started in user sessions.

  67.   # programs.mtr.enable = true;

  68.   # programs.gnupg.agent = { enable = true; enableSSHSupport = true; };

  69. 

  70.   # List services that you want to enable:

  71. 

  72.   # Enable the OpenSSH daemon.

  73.   services.openssh.enable = true;

  74. 

  75.   # Open ports in the firewall.

  76.   # networking.firewall.allowedTCPPorts = [ ... ];

  77.   # networking.firewall.allowedUDPPorts = [ ... ];

  78.   # Or disable the firewall altogether.

  79.   networking.firewall.enable = false;

  80. 

  81.   # Enable CUPS to print documents.

  82.   # services.printing.enable = true;

  83. 

  84.   # Enable sound.

  85.   sound.enable = true;

  86.   hardware.pulseaudio = {

  87.     enable = true;

  88.     # Users must be in "audio" group

  89.     systemWide = true;

  90.     support32Bit = true;

  91.     zeroconf.discovery.enable = true;

  92.     zeroconf.publish.enable = true;

  93.     tcp = {

  94.       enable = true;

  95.       anonymousClients.allowAll = true;

  96.     };

  97.     extraConfig = ''

  98.       load-module module-tunnel-sink server=pulsebert.hq.c3d2.de

  99.     '';

  100.     extraClientConf = ''

  101.       default-server = pulsebert.hq.c3d2.de

  102.     '';

  103.   };

  104. 

  105.   # Enable the X11 windowing system.

  106.   services.xserver.enable = true;

  107.   services.xserver.layout = "de";

  108.   services.xserver.xkbOptions = "eurosign:e";

  109. 

  110.   services.xserver.displayManager = {

  111.     lightdm = {

  112.       enable = true;

  113.       autoLogin = {

  114.         enable = true;

  115.         user = "k-ot";

  116.       };

  117.     };

  118.     defaultSession = "gnome-xorg";

  119.   };

  120.   services.xserver.desktopManager = {

  121.     gnome3.enable = true;

  122.     kodi.enable = true;

  123.   };

  124. 

  125.   security.sudo = {

  126.     enable = true;

  127.     wheelNeedsPassword = false;

  128.   };

  129. 

  130.   # Define a user account. Don't forget to set a password with ‘passwd’.

  131.   users.groups."k-ot" = { gid = 1000; };

  132.   users.users."k-ot" = {

  133.     isNormalUser = true;

  134.     uid = 1000;

  135.     group = "k-ot";

  136.     extraGroups = [ "wheel" "networkmanager" "audio" "video" ];

  137.     openssh.authorizedKeys.keys = [

  138.       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGJJTSJdpDh82486uPiMhhyhnci4tScp5uUe7156MBC8 astro"

  139.     ];

  140.   };

  141. 

  142.   users.users.emery.cryptHomeLuks = "/home/emery.luks.img";

  143. 

  144.   # This value determines the NixOS release with which your system is to be

  145.   # compatible, in order to avoid breaking some software such as database

  146.   # servers. You should change this only after NixOS release notes say you

  147.   # should.

  148.   system.stateVersion = "18.09"; # Did you read the comment?

  149. 

  150. }