2023-04-14 14:12:45 +03:00
{
config ,
lib ,
pkgs ,
2023-09-12 15:46:44 +03:00
myData ,
2023-04-14 14:12:45 +03:00
. . .
2024-03-04 14:53:50 +02:00
} : let
cfg = config . mj ;
in {
2023-04-14 14:12:45 +03:00
imports = [
2023-07-22 16:05:44 +03:00
./boot
./fileSystems
2023-07-18 12:31:48 +03:00
./snapshot
2023-07-20 06:58:47 +03:00
./sshd
./unitstatus
2023-07-20 15:02:38 +03:00
./users
2023-07-26 13:58:42 +03:00
./zfs
2023-07-19 14:16:56 +03:00
./zfsborg
2023-04-14 14:12:45 +03:00
] ;
2023-07-20 15:02:38 +03:00
options . mj = with lib . types ; {
2023-04-14 14:12:45 +03:00
stateVersion = lib . mkOption {
2023-07-20 15:02:38 +03:00
type = str ;
2023-04-14 14:12:45 +03:00
example = " 2 2 . 1 1 " ;
description = " T h e N i x O S s t a t e v e r s i o n t o u s e f o r t h i s s y s t e m " ;
} ;
2023-07-20 15:02:38 +03:00
2023-04-14 14:12:45 +03:00
timeZone = lib . mkOption {
2023-07-20 15:02:38 +03:00
type = str ;
2023-04-14 14:12:45 +03:00
example = " E u r o p e / V i l n i u s " ;
description = " T i m e z o n e f o r t h i s s y s t e m " ;
} ;
2024-03-04 14:53:50 +02:00
2024-03-06 10:33:48 +02:00
username = lib . mkOption { type = str ; } ;
2023-04-14 14:12:45 +03:00
} ;
config = {
2024-03-06 12:48:27 +02:00
boot = {
# https://github.com/NixOS/nixpkgs/issues/83694#issuecomment-605657381
kernel . sysctl . " k e r n e l . s y s r q " = " 4 3 8 " ;
kernelPackages = lib . mkDefault pkgs . zfs . latestCompatibleLinuxPackages ;
} ;
2024-01-13 23:39:49 +02:00
2024-03-06 12:48:27 +02:00
nixpkgs . config . allowUnfree = true ;
2024-03-06 10:37:59 +02:00
2023-09-14 11:30:14 +03:00
hardware . enableRedistributableFirmware = true ;
2023-09-14 10:53:01 +03:00
2024-03-04 14:53:50 +02:00
time . timeZone = cfg . timeZone ;
2023-04-14 14:12:45 +03:00
2023-09-12 15:46:44 +03:00
mj . services . friendlyport . ports = [
{
2023-09-12 16:08:08 +03:00
subnets = [ myData . subnets . tailscale . cidr ] ;
2023-09-12 15:46:44 +03:00
tcp = [ config . services . iperf3 . port ] ;
2023-10-24 14:46:06 +03:00
udp = [ config . services . iperf3 . port ] ;
2023-09-12 15:46:44 +03:00
}
] ;
2023-09-11 21:59:43 +03:00
2023-04-14 14:12:45 +03:00
i18n = {
2023-12-20 17:07:54 +02:00
defaultLocale = " e n _ U S . U T F - 8 " ;
2024-02-02 15:49:38 +02:00
supportedLocales = [ " a l l " ] ;
2023-04-14 14:12:45 +03:00
} ;
2023-07-20 11:56:08 +03:00
nix = {
gc = {
automatic = true ;
2023-10-02 00:20:40 +03:00
dates = " w e e k l y " ;
options = " - - d e l e t e - o l d e r - t h a n 1 4 d " ;
2023-07-20 11:56:08 +03:00
} ;
settings = {
experimental-features = [ " n i x - c o m m a n d " " f l a k e s " ] ;
2024-03-04 14:53:50 +02:00
trusted-users = [ cfg . username ] ;
2023-07-20 11:56:08 +03:00
} ;
} ;
2023-04-14 14:12:45 +03:00
2024-03-04 14:53:50 +02:00
system . stateVersion = cfg . stateVersion ;
2023-04-14 14:12:45 +03:00
security = {
sudo = {
wheelNeedsPassword = false ;
execWheelOnly = true ;
} ;
} ;
environment = {
systemPackages = with pkgs ; [
jc # parse different formats and command outputs to json
jq # parse, format and query json documents
pv # pipe viewer for progressbars in pipes
bat # "bat - cat with wings", cat|less with language highlight
duf # nice disk usage output
2023-07-20 11:56:08 +03:00
git
htop
2023-04-14 14:12:45 +03:00
file # file duh
host # look up host info
tree # tree duh
lsof # lsof yay
rage # encrypt-decrypt
2023-07-20 11:56:08 +03:00
ncdu # disk usage navigator
2023-09-12 11:17:50 +03:00
lshw
2023-10-01 22:57:18 +03:00
entr
2023-10-01 23:16:42 +03:00
cloc
2023-12-20 20:21:42 +02:00
poop # hopefully poof some day
2023-10-01 23:16:42 +03:00
tokei
2024-03-03 15:36:19 +02:00
sshfs
2023-04-14 14:12:45 +03:00
pwgen
2023-07-20 11:56:08 +03:00
parted
2024-02-07 11:24:04 +02:00
bloaty
2023-04-14 14:12:45 +03:00
sqlite
2023-10-08 16:12:59 +03:00
dhcpcd
2023-10-04 07:15:00 +03:00
hdparm
sdparm
2023-07-26 11:06:28 +03:00
procps
2023-04-14 14:12:45 +03:00
vimv-rs
2023-07-26 11:09:52 +03:00
sysstat
2024-01-26 09:20:44 +02:00
ripgrep
2024-01-14 18:25:55 +02:00
ethtool
2024-02-27 10:55:09 +02:00
gettext
2023-10-03 21:53:21 +03:00
usbutils
2023-09-16 08:53:23 +03:00
pciutils
2023-07-20 11:56:08 +03:00
bsdgames
2023-09-15 12:51:10 +03:00
parallel
2024-02-07 13:53:02 +02:00
yamllint
2023-04-14 14:12:45 +03:00
binutils
2023-09-17 06:46:34 +03:00
hyperfine
2023-12-19 14:54:36 +02:00
stress-ng
2023-09-17 06:46:34 +03:00
dmidecode
2023-04-14 14:12:45 +03:00
moreutils
2023-12-19 14:55:29 +02:00
lm_sensors
2023-09-13 13:29:06 +03:00
smartmontools
2023-04-14 14:12:45 +03:00
unixtools . xxd
# networking
2024-03-03 15:00:52 +02:00
wol
2023-04-14 14:12:45 +03:00
dig
nmap
2024-01-17 09:54:01 +02:00
# broken on aarch64-linux
#wrk2
2023-04-14 14:12:45 +03:00
wget
curl
2023-07-26 15:42:10 +03:00
btop
2024-01-17 00:47:57 +02:00
ngrep
2023-07-26 15:42:10 +03:00
iftop
2023-04-14 14:12:45 +03:00
whois
ipset
2023-09-11 21:43:34 +03:00
iperf3
2023-07-26 15:42:10 +03:00
jnettop
2023-07-20 11:56:08 +03:00
openssl
tcpdump
2023-04-14 14:12:45 +03:00
testssl
dnsutils
2024-01-26 09:20:44 +02:00
bandwhich
2023-04-14 14:12:45 +03:00
speedtest-cli
2024-02-14 15:54:42 +02:00
nix-output-monitor
2023-12-04 16:39:55 +02:00
config . boot . kernelPackages . perf
2023-04-14 14:12:45 +03:00
# compression/decompression
xz
pigz
zstd
p7zip
zopfli
2024-01-26 09:20:44 +02:00
brotli
2023-04-14 14:12:45 +03:00
] ;
} ;
programs = {
mtr . enable = true ;
2023-11-22 18:09:15 +02:00
bcc . enable = true ;
2023-08-15 07:09:11 +03:00
2023-08-18 23:45:13 +03:00
tmux = {
enable = true ;
keyMode = " v i " ;
2023-10-09 09:42:11 +03:00
historyLimit = 1000000 ;
2023-08-18 23:45:13 +03:00
} ;
2023-08-18 23:33:56 +03:00
neovim = {
enable = true ;
vimAlias = true ;
defaultEditor = true ;
} ;
2023-11-30 07:04:36 +02:00
# TODO
# error: builder for '/nix/store/3d6dl3p6vh6q167f476g0jd5k9lf40vx-sysdig-0.33.1.drv' failed with exit code 2;
# last 10 log lines:
# > make[4]: *** [/nix/store/dx2530rhfk0wpwwvqjxb5bsxjqwrlmv2-linux-6.6.2-dev/lib/modules/6.6.2/source/Makefile:234: __sub-make] Error 2
# > make[3]: *** [Makefile:16: all] Error 2
# > make[2]: *** [driver/CMakeFiles/driver.dir/build.make:70: driver/CMakeFiles/driver] Error 2
# > make[1]: *** [CMakeFiles/Makefile2:602: driver/CMakeFiles/driver.dir/all] Error 2
# > make[1]: *** Waiting for unfinished jobs....
# > [ 32%] Linking CXX static library libcri_v1alpha2.a
# > [ 32%] Built target cri_v1alpha2
# > [ 33%] Linking CXX static library libcri_v1.a
# > [ 33%] Built target cri_v1
# > make: *** [Makefile:156: all] Error 2
# For full logs, run 'nix log /nix/store/3d6dl3p6vh6q167f476g0jd5k9lf40vx-sysdig-0.33.1.drv'.
# error: 1 dependencies of derivation '/nix/store/lya9lrjxyfx1pql568d88x3j9kqsndar-kernel-modules.drv' failed to build
# error: 1 dependencies of derivation '/nix/store/08xhqi0rmd4i9i7qm4r559mqmv1k4iff-linux-6.6.2-modules.drv' failed to build
# error: 1 dependencies of derivation '/nix/store/hy9c4szjba6mxn9bwa4yxjiv9vbnp657-nixos-system-vno1-oh2-23.11.20231128.7c4c205.drv' failed to build
# error: 1 dependencies of derivation '/nix/store/p7rx1li894pfyc6s6nz5f6jdcdjvl3xi-activatable-nixos-system-vno1-oh2-23.11.20231128.7c4c205.drv' failed to build
# error: 1 dependencies of derivation '/nix/store/r0szq7sqarjk5mrhhb3w8vn9li8c43lz-deploy-rs-check-activate.drv' failed to build
# error: build of '/nix/store/gwc35cfp7ndxyz4vs7i9r123hmbr90r3-jsonschema-deploy-system.drv', '/nix/store/r0szq7sqarjk5mrhhb3w8vn9li8c43lz-deploy-rs-check-activate.drv' failed
# 🚀 ❌ [deploy] [ERROR] Failed to check deployment: Nix checking command resulted in a bad exit code: Some(1)
#sysdig.enable = pkgs.stdenv.hostPlatform.system == "x86_64-linux";
2023-04-14 14:12:45 +03:00
} ;
2023-07-26 14:10:22 +03:00
2023-08-24 23:49:21 +03:00
networking . firewall . logRefusedConnections = false ;
2023-07-26 14:10:22 +03:00
services = {
2023-10-24 14:30:48 +03:00
iperf3 . enable = true ;
2023-08-24 17:14:57 +03:00
chrony = {
enable = true ;
servers = [ " t i m e . c l o u d f l a r e . c o m " ] ;
} ;
2023-07-26 14:10:22 +03:00
locate = {
enable = true ;
2023-11-27 17:54:44 +02:00
package = pkgs . plocate ;
2023-07-26 14:10:22 +03:00
localuser = null ;
} ;
} ;
2023-04-14 14:12:45 +03:00
} ;
}