default.nix (2205B) - Raw
1 { 2 config, 3 lib, 4 pkgs, 5 ... 6 }: 7 let 8 cfg = config.mj; 9 in 10 { 11 imports = [ 12 ../base 13 ../base/sshd 14 ../base/unitstatus 15 ../base/users 16 ]; 17 18 config = { 19 i18n = { 20 defaultLocale = "en_US.UTF-8"; 21 supportedLocales = [ "all" ]; 22 }; 23 24 boot = { 25 # https://github.com/NixOS/nixpkgs/issues/83694#issuecomment-605657381 26 kernel.sysctl = { 27 "kernel.sysrq" = "438"; 28 "kernel.perf_event_paranoid" = "-1"; 29 "kernel.kptr_restrict" = "0"; 30 }; 31 32 kernelPackages = lib.mkDefault pkgs.linuxPackages; 33 34 supportedFilesystems = [ 35 "btrfs" 36 "ext4" 37 ]; 38 }; 39 40 hardware.enableRedistributableFirmware = true; 41 42 system.stateVersion = cfg.stateVersion; 43 44 nix.gc.dates = "weekly"; 45 46 security = { 47 sudo = { 48 wheelNeedsPassword = false; 49 execWheelOnly = true; 50 }; 51 }; 52 53 environment.systemPackages = with pkgs; [ 54 btdu 55 lshw 56 iotop 57 below 58 mdadm 59 parted 60 dhcpcd 61 procps 62 usbtop 63 sysstat 64 ethtool 65 keyutils 66 libkcapi 67 cryptsetup 68 lm_sensors 69 inotify-info 70 inotify-tools 71 compsize 72 bsdgames 73 ghostty.terminfo 74 ipset 75 bridge-utils 76 77 perf 78 config.boot.kernelPackages.vm-tools 79 ]; 80 81 programs = { 82 nano.enable = false; 83 84 tmux = { 85 enable = true; 86 keyMode = "vi"; 87 historyLimit = 1000000; 88 }; 89 90 neovim = { 91 enable = true; 92 vimAlias = true; 93 defaultEditor = true; 94 }; 95 }; 96 programs.mtr.enable = true; 97 programs.bcc.enable = true; 98 99 networking.firewall.logRefusedConnections = false; 100 101 systemd.services.dbus = { 102 restartIfChanged = false; 103 reloadIfChanged = lib.mkForce false; 104 }; 105 106 services = { 107 iperf3.enable = true; 108 atd.enable = true; 109 110 chrony = { 111 enable = true; 112 servers = [ "time.cloudflare.com" ]; 113 initstepslew.threshold = 1; 114 extraConfig = '' 115 makestep 1 -1 116 ''; 117 }; 118 119 locate = { 120 enable = true; 121 package = pkgs.plocate; 122 prunePaths = [ "/home/.btrfs" ]; 123 }; 124 }; 125 }; 126 }