config/modules/base/default.nix

222 lines
4.5 KiB
Nix
Raw Normal View History

2023-04-14 14:12:45 +03:00
{
config,
lib,
pkgs,
2023-09-12 15:46:44 +03:00
myData,
2023-04-14 14:12:45 +03:00
...
2024-03-04 14:53:50 +02:00
}: let
cfg = config.mj;
in {
2023-04-14 14:12:45 +03:00
imports = [
2023-07-22 16:05:44 +03:00
./boot
./fileSystems
2023-07-18 12:31:48 +03:00
./snapshot
2023-07-20 06:58:47 +03:00
./sshd
./unitstatus
2023-07-20 15:02:38 +03:00
./users
./zfs
2023-07-19 14:16:56 +03:00
./zfsborg
2023-04-14 14:12:45 +03:00
];
2023-07-20 15:02:38 +03:00
options.mj = with lib.types; {
2023-04-14 14:12:45 +03:00
stateVersion = lib.mkOption {
2023-07-20 15:02:38 +03:00
type = str;
2023-04-14 14:12:45 +03:00
example = "22.11";
description = "The NixOS state version to use for this system";
};
2023-07-20 15:02:38 +03:00
2023-04-14 14:12:45 +03:00
timeZone = lib.mkOption {
2023-07-20 15:02:38 +03:00
type = str;
2023-04-14 14:12:45 +03:00
example = "Europe/Vilnius";
description = "Time zone for this system";
};
2024-03-04 14:53:50 +02:00
username = lib.mkOption {type = str;};
skipPerf = lib.mkOption {
type = bool;
default = false;
};
2023-04-14 14:12:45 +03:00
};
config = {
2024-03-06 12:48:27 +02:00
boot = {
# https://github.com/NixOS/nixpkgs/issues/83694#issuecomment-605657381
2024-03-13 14:32:34 +02:00
kernel.sysctl = {
"kernel.sysrq" = "438";
"kernel.perf_event_paranoid" = "-1";
2024-03-13 14:37:04 +02:00
"kernel.kptr_restrict" = "0";
2024-03-13 14:32:34 +02:00
};
2024-03-06 12:48:27 +02:00
kernelPackages = lib.mkDefault pkgs.zfs.latestCompatibleLinuxPackages;
2024-03-13 15:04:04 +02:00
supportedFilesystems = ["zfs" "btrfs"];
2024-03-06 12:48:27 +02:00
};
2024-01-13 23:39:49 +02:00
2024-03-06 12:48:27 +02:00
nixpkgs.config.allowUnfree = true;
2024-03-06 10:37:59 +02:00
hardware.enableRedistributableFirmware = true;
2023-09-14 10:53:01 +03:00
2024-03-04 14:53:50 +02:00
time.timeZone = cfg.timeZone;
2023-04-14 14:12:45 +03:00
2023-09-12 15:46:44 +03:00
mj.services.friendlyport.ports = [
{
2023-09-12 16:08:08 +03:00
subnets = [myData.subnets.tailscale.cidr];
2023-09-12 15:46:44 +03:00
tcp = [config.services.iperf3.port];
2023-10-24 14:46:06 +03:00
udp = [config.services.iperf3.port];
2023-09-12 15:46:44 +03:00
}
];
2023-04-14 14:12:45 +03:00
i18n = {
defaultLocale = "en_US.UTF-8";
2024-02-02 15:49:38 +02:00
supportedLocales = ["all"];
2023-04-14 14:12:45 +03:00
};
2023-07-20 11:56:08 +03:00
nix = {
gc = {
automatic = true;
2023-10-02 00:20:40 +03:00
dates = "weekly";
options = "--delete-older-than 14d";
2023-07-20 11:56:08 +03:00
};
settings = {
experimental-features = ["nix-command" "flakes"];
2024-03-04 14:53:50 +02:00
trusted-users = [cfg.username];
2023-07-20 11:56:08 +03:00
};
};
2023-04-14 14:12:45 +03:00
2024-03-04 14:53:50 +02:00
system.stateVersion = cfg.stateVersion;
2023-04-14 14:12:45 +03:00
security = {
sudo = {
wheelNeedsPassword = false;
execWheelOnly = true;
};
};
environment = {
systemPackages = with pkgs;
lib.mkMerge [
[
jc # parse different formats and command outputs to json
jq # parse, format and query json documents
pv # pipe viewer for progressbars in pipes
bat # "bat - cat with wings", cat|less with language highlight
duf # nice disk usage output
git
htop
file # file duh
host # look up host info
tree # tree duh
lsof # lsof yay
rage # encrypt-decrypt
ncdu # disk usage navigator
lshw
entr
cloc
poop # hopefully poof some day
tokei
sshfs
pwgen
parted
bloaty
sqlite
dhcpcd
hdparm
sdparm
procps
vimv-rs
sysstat
ripgrep
ethtool
gettext
keyutils
2024-03-07 14:18:17 +02:00
libkcapi
usbutils
pciutils
bsdgames
parallel
yamllint
binutils
hyperfine
stress-ng
dmidecode
moreutils
cryptsetup
lm_sensors
smartmontools
unixtools.xxd
bcachefs-tools
# networking
wol
dig
nmap
# broken on aarch64-linux
#wrk2
wget
curl
btop
ngrep
iftop
whois
ipset
iperf3
jnettop
openssl
tcpdump
testssl
dnsutils
bandwhich
speedtest-cli
nix-output-monitor
# compression/decompression
xz
pigz
zstd
p7zip
zopfli
brotli
2024-03-11 21:35:30 +02:00
config.boot.kernelPackages.cpupower
]
2024-03-07 14:19:29 +02:00
(lib.mkIf (!cfg.skipPerf) [config.boot.kernelPackages.perf])
];
2023-04-14 14:12:45 +03:00
};
programs = {
mtr.enable = true;
2023-11-22 18:09:15 +02:00
bcc.enable = true;
2023-08-15 07:09:11 +03:00
2023-08-18 23:45:13 +03:00
tmux = {
enable = true;
keyMode = "vi";
2023-10-09 09:42:11 +03:00
historyLimit = 1000000;
2023-08-18 23:45:13 +03:00
};
2023-08-18 23:33:56 +03:00
neovim = {
enable = true;
vimAlias = true;
defaultEditor = true;
};
2023-04-14 14:12:45 +03:00
};
2023-07-26 14:10:22 +03:00
2023-08-24 23:49:21 +03:00
networking.firewall.logRefusedConnections = false;
2023-07-26 14:10:22 +03:00
services = {
2023-10-24 14:30:48 +03:00
iperf3.enable = true;
2023-08-24 17:14:57 +03:00
chrony = {
enable = true;
servers = ["time.cloudflare.com"];
};
2023-07-26 14:10:22 +03:00
locate = {
enable = true;
2023-11-27 17:54:44 +02:00
package = pkgs.plocate;
2023-07-26 14:10:22 +03:00
localuser = null;
};
};
2023-04-14 14:12:45 +03:00
};
}