dev/nixfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
f3ac3cd67f
nixfiles/nixos/modules/common.nix
Jack O'Sullivan 2cdb98e898
All checks were successful
CI / Check, build and cache nixfiles (push) Successful in 53m0s
Details
nixos/common: Disable channels
2024-12-12 12:38:01 +00:00

253 lines
6.8 KiB
Nix
Raw Blame History

{ lib, pkgsFlake, pkgs, pkgs', self, inputs, config, ... }:
let
inherit (lib) mkIf mkDefault mkMerge;
inherit (lib.my) mkDefault';
in
{
options = with lib.types; {
my = { };
};
imports = [
inputs.impermanence.nixosModule
inputs.ragenix.nixosModules.age
inputs.sharry.nixosModules.default
];
config = mkMerge [
{
system = {
stateVersion = "22.05";
configurationRevision = with inputs; mkIf (self ? rev) self.rev;
};
home-manager = {
# Installs packages in the system config instead of in the local profile on activation
useUserPackages = mkDefault true;
};
users = {
mutableUsers = false;
};
security = {
sudo.enable = mkDefault false;
doas = {
enable = mkDefault true;
wheelNeedsPassword = mkDefault false;
};
};
nix = {
package = pkgs'.mine.nix;
channel.enable = false;
settings = with lib.my.c.nix; {
trusted-users = [ "@wheel" ];
experimental-features = [ "nix-command" "flakes" "ca-derivations" ];
extra-substituters = cache.substituters;
extra-trusted-public-keys = cache.keys;
connect-timeout = 5;
fallback = true;
};
registry = {
pkgs = {
to = {
type = "path";
path = "${pkgsFlake}";
};
exact = true;
};
};
gc = {
options = mkDefault "--max-freed $((8 * 1024**3))";
automatic = mkDefault true;
};
};
nixpkgs = {
overlays = [
inputs.deploy-rs.overlay
inputs.sharry.overlays.default
inputs.borgthin.overlays.default
inputs.boardie.overlays.default
];
config = {
allowUnfree = true;
};
};
documentation = {
enable = mkDefault true;
nixos = {
enable = mkDefault true;
options.warningsAreErrors = mkDefault false;
};
};
time.timeZone = mkDefault "Europe/Dublin";
i18n.defaultLocale = "en_IE.UTF-8";
boot = {
# Use latest LTS release by default
kernelPackages = mkDefault (lib.my.c.kernel.lts pkgs);
kernel = {
sysctl = {
"net.ipv6.route.max_size" = mkDefault 16384;
};
};
loader = {
efi = {
efiSysMountPoint = mkDefault "/boot";
# Should generally be enough with just /EFI/BOOT/BOOTX64.EFI in place
canTouchEfiVariables = mkDefault false;
};
grub = {
memtest86.enable = mkDefault true;
};
systemd-boot = {
enable = mkDefault true;
editor = mkDefault true;
consoleMode = mkDefault "max";
configurationLimit = mkDefault 10;
memtest86.enable = mkDefault true;
};
};
initrd = {
systemd = {
enable = mkDefault true;
emergencyAccess = mkDefault true;
};
services.lvm.enable = mkDefault true;
};
};
system = {
nixos = {
distroName = mkDefault' "JackOS";
};
};
environment.etc = {
"nixos/flake.nix".source = "/run/nixfiles/flake.nix";
};
environment.systemPackages = with pkgs; mkMerge [
[
bash-completion
git
unzip
]
(mkIf config.services.netdata.enable [ netdata ])
];
programs = {
# This will enable generating completions at build time and prevent home-manager fish from generating them
# locally
fish.enable = mkDefault true;
# TODO: This is expecting to look up the channel for the database...
command-not-found.enable = mkDefault false;
vim = {
enable = true;
defaultEditor = true;
};
};
services = {
kmscon = {
# As it turns out, kmscon hasn't been updated in years and has some bugs...
enable = mkDefault false;
hwRender = mkDefault true;
extraOptions = "--verbose";
extraConfig =
''
font-name=SauceCodePro Nerd Font Mono
'';
};
getty.greetingLine = mkDefault' ''<<< Welcome to ${config.system.nixos.distroName} ${config.system.nixos.label} (\m) - \l >>>'';
openssh = {
enable = mkDefault true;
settings = {
PermitRootLogin = mkDefault "no";
PasswordAuthentication = mkDefault false;
StrictModes = mkDefault true;
};
};
netdata = {
config = {
global = {
"memory mode" = "dbengine";
"page cache size" = 32;
"dbengine multihost disk space" = 256;
};
"plugin:cgroups" = {
"cgroups to match as systemd services" =
" /system.slice/system-*.slice/*.service !/system.slice/*/*.service /system.slice/*.service";
};
};
configDir = {
"go.d.conf" = mkDefault (pkgs.writeText "netdata-go.d.conf" ''
modules:
systemdunits: yes
'');
"go.d/systemdunits.conf" = mkDefault (pkgs.writeText "netdata-systemdunits.conf" ''
jobs:
- name: service-units
include:
- '*.service'
- name: socket-units
include:
- '*.socket'
'');
};
};
};
systemd = {
tmpfiles.rules = [
"d /nix/tmp 0775 root nixbld 24h"
];
services = {
nix-daemon.environment.TMPDIR = "/nix/tmp";
netdata = mkIf config.services.netdata.enable {
# python.d plugin script does #!/usr/bin/env bash
path = with pkgs; [ bash ];
};
nixfiles-mutable = {
description = "Mutable nixfiles";
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
path = with pkgs; [ util-linux ];
script = ''
nixfilesDir="${self}"
mkdir -p /run/nixfiles{,/.rw,/.work}
mount -t overlay overlay -o lowerdir="$nixfilesDir",upperdir=/run/nixfiles/.rw,workdir=/run/nixfiles/.work /run/nixfiles
chmod -R u+w /run/nixfiles
'';
preStop = ''
umount /run/nixfiles
rm -rf /run/nixfiles
'';
wantedBy = [ "multi-user.target" ];
};
};
};
}
(mkIf config.services.kmscon.enable {
fonts.fonts = with pkgs; [
nerd-fonts.sauce-code-pro
];
})
];
meta.buildDocsInSandbox = false;
}
Reference in New Issue View Git Blame Copy Permalink