dadada
fdf8200223
Flake lock file updates:
• Updated input 'home-manager':
'github:nix-community/home-manager/7c2ae0bdd20ddcaafe41ef669226a1df67f8aa06' (2022-02-12)
→ 'github:nix-community/home-manager/0b1745b4ef4c35ec5d554b176539730fcb5ec141' (2022-02-23)
• Updated input 'myNixpkgs':
'github:NixOS/nixpkgs/48d63e924a2666baf37f4f14a18f19347fbd54a2' (2022-02-10)
→ 'github:NixOS/nixpkgs/7f9b6e2babf232412682c09e57ed666d8f84ac2d' (2022-02-21)
• Updated input 'nix-doom-emacs':
'github:nix-community/nix-doom-emacs/ba6ef3c7d5c8b236fb06ddde1c513af804d72f45' (2022-01-29)
→ 'github:nix-community/nix-doom-emacs/505182141d6176d765347f85b8fb0cc204d8c44e' (2022-02-15)
• Updated input 'nix-doom-emacs/doom-emacs':
'github:hlissner/doom-emacs/a5ebd0b04778409c2d513830791e919646e6f980' (2022-01-27)
→ 'github:hlissner/doom-emacs/fc868105cefc6ce0091fc61f0fc4d8ccb653a048' (2022-02-14)
• Updated input 'nix-doom-emacs/emacs-overlay':
'github:nix-community/emacs-overlay/011ec0706fa17de340c96d7d393c00af41f65cab' (2022-01-27)
→ 'github:nix-community/emacs-overlay/4079646746c264818338cd2733f38c33050f821f' (2022-02-14)
• Updated input 'nix-doom-emacs/flake-utils':
'github:numtide/flake-utils/846b2ae0fc4cc943637d3d1def4454213e203cba' (2022-01-20)
→ 'github:numtide/flake-utils/3cecb5b042f7f209c56ffd8371b2711a290ec797' (2022-02-07)
• Updated input 'nix-doom-emacs/org':
'github:emacs-straight/org-mode/22e6ed6b89755047b44f8666ac20aac0c50afc34' (2022-01-26)
→ 'github:emacs-straight/org-mode/fe4a60dffa80951ab9641ddb034d01c6bc9dd675' (2022-02-13)
• Updated input 'nix-doom-emacs/revealjs':
'github:hakimel/reveal.js/61055ed02bd7dbff30ea827591084cce7c22303c' (2022-01-19)
→ 'github:hakimel/reveal.js/ff20051861f16da2f69fe9de8cc5dc54b2a79207' (2022-02-10)
• Updated input 'nixos-hardware':
'github:NixOS/nixos-hardware/c361b954759195c2ac085fbbed5ad7d513e1585b' (2022-02-12)
→ 'github:NixOS/nixos-hardware/1ccfe243aa6e94bf80f2a66f6be41d086d37fc87' (2022-02-20)
159 lines
3.7 KiB
Nix
159 lines
3.7 KiB
Nix
{ config, pkgs, lib, ... }:
|
|
let
|
|
signHook = pkgs.writeShellScript "/etc/nix/sign-cache.sh"
|
|
''
|
|
set -eu
|
|
set -f # disable globbing
|
|
export IFS=' '
|
|
|
|
echo "Signing paths" $OUT_PATHS
|
|
nix store sign --key-file /etc/nix/key.private $OUT_PATHS
|
|
'';
|
|
in
|
|
{
|
|
imports = [
|
|
./hardware-configuration.nix
|
|
];
|
|
|
|
nix.package = pkgs.nixUnstable;
|
|
nix.extraOptions = ''
|
|
experimental-features = nix-command flakes
|
|
post-build-hook = ${signHook}
|
|
'';
|
|
|
|
boot.kernelPackages = pkgs.linuxPackages_5_15;
|
|
|
|
boot.kernelModules = [ "kvm-amd" ];
|
|
|
|
networking.hostName = "gorgon";
|
|
|
|
dadada = {
|
|
autoUpgrade.enable = false;
|
|
headphones.enable = true;
|
|
steam.enable = true;
|
|
#fido2 = {
|
|
# credential = "04ea2813a116f634e90f9728dbbb45f1c0f93b7811941a5a14fb75e711794df0c26552dae2262619c1da2be7562ec9dd94888c71a9326fea70dfe16214b5ea8ec01473070000";
|
|
# enablePam = true;
|
|
#};
|
|
luks.uuid = "3d0e5b93-90ca-412a-b4e0-3e6bfa47d3f4";
|
|
networking = {
|
|
enableBsShare = true;
|
|
localResolver = {
|
|
enable= true;
|
|
uwu= true;
|
|
s0= true;
|
|
};
|
|
vpnExtension = "3";
|
|
};
|
|
backupClient = {
|
|
enable = true;
|
|
bs = true;
|
|
gs = false;
|
|
};
|
|
};
|
|
|
|
boot.kernel.sysctl = {
|
|
"vm.swappiness" = 90;
|
|
};
|
|
|
|
programs.adb.enable = true;
|
|
|
|
# Enable CUPS to print documents.
|
|
services.printing = {
|
|
enable = true;
|
|
browsing = true;
|
|
drivers = with pkgs; [
|
|
hplip
|
|
brlaser
|
|
brgenml1lpr
|
|
brgenml1cupswrapper
|
|
];
|
|
};
|
|
|
|
services.miniflux = {
|
|
enable = true;
|
|
config = {
|
|
CLEANUP_FREQUENCY = "48";
|
|
LISTEN_ADDR = "localhost:8080";
|
|
};
|
|
adminCredentialsFile = "/var/lib/miniflux/admin-credentials";
|
|
};
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
chromium
|
|
ghostscript
|
|
];
|
|
|
|
networking.firewall = {
|
|
enable = true;
|
|
allowedTCPPorts = [
|
|
22000 # Syncthing
|
|
];
|
|
allowedUDPPorts = [
|
|
21027 # Syncthing
|
|
];
|
|
};
|
|
|
|
virtualisation.libvirtd.enable = true;
|
|
|
|
users.users = {
|
|
dadada = {
|
|
isNormalUser = true;
|
|
extraGroups = [ "wheel" "networkmanager" "libvirtd" "adbusers" "kvm" "video" "scanner" "lp" "docker" ];
|
|
shell = "/run/current-system/sw/bin/zsh";
|
|
};
|
|
};
|
|
|
|
networking.hosts = {
|
|
"fd42:dead:beef:0:5054:ff:fefb:7361" = [
|
|
"media.dadada.li"
|
|
"ifrit.dadada.li"
|
|
];
|
|
"192.168.42.103" = [
|
|
"media.dadada.li"
|
|
"ifrit.dadada.li"
|
|
];
|
|
"fd42:dead:beef::5054:ff:fe8b:58df" = [ "iot.dadada.li" ];
|
|
"fd42:dead:beef::20d:b9ff:fe4c:c9ac" = [ "agares.dadada.li" ];
|
|
"192.168.42.15" = [ "agares.dadada.li" "agares" ];
|
|
"192.168.42.11" = [ "wohnzimmerpi.dadada.li" "wohnzimmerpi" ];
|
|
"10.1.2.9" = [ "fgprinter.fginfo.tu-bs.de" ];
|
|
};
|
|
|
|
networking.wireguard.interfaces.uwupn = {
|
|
ips = [ "10.11.0.24/32" "fc00:1337:dead:beef::10.11.0.24/128" ];
|
|
privateKeyFile = "/var/lib/wireguard/uwu";
|
|
peers = [
|
|
{
|
|
publicKey = "tuoiOWqgHz/lrgTcLjX+xIhvxh9jDH6gmDw2ZMvX5T8=";
|
|
allowedIPs = [ "10.11.0.0/22" "fc00:1337:dead:beef::10.11.0.0/118" "192.168.178.0/23" ];
|
|
endpoint = "53c70r.de:51820";
|
|
persistentKeepalive = 25;
|
|
}
|
|
];
|
|
};
|
|
|
|
networking.wg-quick.interfaces.mullvad = {
|
|
address = [ "10.68.15.202/32" "fc00:bbbb:bbbb:bb01::5:fc9/128" ];
|
|
privateKeyFile = "/var/lib/wireguard/mullvad";
|
|
peers = [
|
|
{
|
|
publicKey = "BLNHNoGO88LjV/wDBa7CUUwUzPq/fO2UwcGLy56hKy4=";
|
|
allowedIPs = [ "0.0.0.0/0" "::0/0" ];
|
|
endpoint = "193.27.14.98:3152";
|
|
persistentKeepalive = 25;
|
|
}
|
|
];
|
|
postUp = "${pkgs.iproute2}/bin/ip rule add to 193.27.14.98 lookup main";
|
|
};
|
|
|
|
hardware.opengl = {
|
|
enable = true;
|
|
extraPackages = with pkgs; [
|
|
vaapiVdpau
|
|
libvdpau-va-gl
|
|
];
|
|
};
|
|
|
|
system.stateVersion = "20.03";
|
|
}
|