configurations of hq services
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

configuration.nix 4.0KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150
  1. { config, pkgs, ... }:
  2. {
  3. imports = [ ./hardware-configuration.nix ../../lib ];
  4. c3d2 = {
  5. users.k-ot = true;
  6. isInHq = true;
  7. hq.interface = "eno1";
  8. hq.enableBinaryCache = false;
  9. enableHail = false;
  10. };
  11. nixpkgs.config.allowUnfree = true;
  12. nix = {
  13. useSandbox = true;
  14. buildCores = 4;
  15. maxJobs = 4;
  16. };
  17. # Use the systemd-boot EFI boot loader.
  18. boot.loader.systemd-boot.enable = true;
  19. boot.loader.efi.canTouchEfiVariables = true;
  20. boot.kernelPackages = pkgs.linuxPackages_latest;
  21. networking.hostName = "glotzbert"; # Define your hostname.
  22. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
  23. networking.interfaces.eno1.useDHCP = true;
  24. # Configure network proxy if necessary
  25. # networking.proxy.default = "http://user:password@proxy:port/";
  26. # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
  27. # Select internationalisation properties.
  28. console = {
  29. font = "${pkgs.terminus_font}/share/consolefonts/ter-u28n.psf.gz";
  30. keyMap = "de";
  31. };
  32. i18n.defaultLocale = "en_US.UTF-8";
  33. # Set your time zone.
  34. time.timeZone = "Europe/Berlin";
  35. # List packages installed in system profile. To search, run:
  36. # $ nix search wget
  37. environment.systemPackages = with pkgs; [
  38. wget vim git tmux screen
  39. chromium firefox
  40. mpv kodi
  41. ];
  42. systemd.user.services.x11vnc = {
  43. description = "X11 VNC server";
  44. wantedBy = [ "graphical-session.target" ];
  45. partOf = [ "graphical-session.target" ];
  46. serviceConfig = {
  47. ExecStart = ''
  48. ${pkgs.x11vnc}/bin/x11vnc -shared -forever -passwd k-ot
  49. '';
  50. RestartSec = 3;
  51. Restart = "always";
  52. };
  53. };
  54. # Some programs need SUID wrappers, can be configured further or are
  55. # started in user sessions.
  56. # programs.mtr.enable = true;
  57. # programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
  58. # List services that you want to enable:
  59. # Enable the OpenSSH daemon.
  60. services.openssh.enable = true;
  61. # Open ports in the firewall.
  62. # networking.firewall.allowedTCPPorts = [ ... ];
  63. # networking.firewall.allowedUDPPorts = [ ... ];
  64. # Or disable the firewall altogether.
  65. networking.firewall.enable = false;
  66. # Enable CUPS to print documents.
  67. # services.printing.enable = true;
  68. # Enable sound.
  69. sound.enable = true;
  70. hardware.pulseaudio = {
  71. enable = true;
  72. # Users must be in "audio" group
  73. systemWide = true;
  74. support32Bit = true;
  75. zeroconf.discovery.enable = true;
  76. zeroconf.publish.enable = true;
  77. tcp = {
  78. enable = true;
  79. anonymousClients.allowAll = true;
  80. };
  81. extraConfig = ''
  82. load-module module-tunnel-sink server=pulsebert.hq.c3d2.de
  83. '';
  84. extraClientConf = ''
  85. default-server = pulsebert.hq.c3d2.de
  86. '';
  87. };
  88. # Enable the X11 windowing system.
  89. services.xserver.enable = true;
  90. services.xserver.layout = "de";
  91. services.xserver.xkbOptions = "eurosign:e";
  92. services.xserver.displayManager = {
  93. lightdm = {
  94. enable = true;
  95. autoLogin = {
  96. enable = true;
  97. user = "k-ot";
  98. };
  99. };
  100. defaultSession = "gnome-xorg";
  101. };
  102. services.xserver.desktopManager = {
  103. gnome3.enable = true;
  104. kodi.enable = true;
  105. };
  106. security.sudo = {
  107. enable = true;
  108. wheelNeedsPassword = false;
  109. };
  110. # Define a user account. Don't forget to set a password with ‘passwd’.
  111. users.groups."k-ot" = { gid = 1000; };
  112. users.users."k-ot" = {
  113. isNormalUser = true;
  114. uid = 1000;
  115. group = "k-ot";
  116. extraGroups = [ "wheel" "networkmanager" "audio" "video" ];
  117. openssh.authorizedKeys.keys = [
  118. "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGJJTSJdpDh82486uPiMhhyhnci4tScp5uUe7156MBC8 astro"
  119. ];
  120. };
  121. users.users.emery.cryptHomeLuks = "/home/emery.luks.img";
  122. # This value determines the NixOS release with which your system is to be
  123. # compatible, in order to avoid breaking some software such as database
  124. # servers. You should change this only after NixOS release notes say you
  125. # should.
  126. system.stateVersion = "18.09"; # Did you read the comment?
  127. }