rhelmot
/
nixos-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
nixos-config/configuration.nix

231 lines
6.3 KiB
Nix
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{ config, lib, pkgs, pkgs-unstable, ... }:
let rhelmot = config.rhelmot;
in {
options.rhelmot = {
globalPythonPackages = lib.mkOption {
type = with lib.types; listOf (functionTo (listOf package));
default = [];
description = "python packages (p: with p; [ x ]) to include in the global python environment";
};
globalKakounePlugins = lib.mkOption {
type = with lib.types; listOf package;
default = [];
description = "kakoune packages to include in the global editor";
};
};
imports = [ ./overlays/packages.nix ./overlays/lix.nix ./configuration-cross.nix ];
config = {
nixpkgs.config.allowUnfree = true;
nix.settings.extra-experimental-features = "nix-command flakes pipe-operator";
nix.settings.trusted-users = [ "audrey" ];
nix.settings.max-jobs = 1;
nix.settings.cores = 0;
nix.settings.secret-key-files = [ "/var/lib/nix/binary-cache-key" ];
nix.settings.trusted-public-keys = builtins.filter (f: f != "") <| lib.strings.splitString "\n" <| builtins.readFile ./keys/nix;
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
# Configure keymap in X11
services.xserver.xkb.layout = "us";
services.xserver.xkb.options = "caps:escape";
users.defaultUserShell = pkgs.zsh;
# Define a user account. Don't forget to set a password with passwd.
users.users.audrey = {
uid = 1000;
description = "Audrey Dutcher";
isNormalUser = true;
extraGroups = [ "wheel" "docker" "video" "networkmanager" ];
openssh.authorizedKeys.keyFiles = [ ./keys/ssh ];
};
environment.systemPackages = with pkgs; [
man-pages
man-pages-posix
gnumake
wget
moar
ripgrep
fd
curl
btop
file
nettools
psmisc
units
units-desktop
patchelf
gdb
kubectl
p7zip
unzip
zip
foremost
binwalk
jq
nix-index
openssl
wireguard-tools
cached-nix-shell
tcpdump
editorconfig-core-c
pkgs-unstable.kakoune-lsp
(pkgs-unstable.kakoune.override { plugins = rhelmot.globalKakounePlugins; })
(python3.withPackages (p: lib.concatMap (pl: pl p) rhelmot.globalPythonPackages))
];
rhelmot.globalKakounePlugins = with pkgs-unstable.kakounePlugins; [
kak-fzf
smarttab-kak
];
rhelmot.globalPythonPackages = [ (p: with p; [
virtualenvwrapper
pylint
pytest
ipdb
ipython
nclib
pyyaml
snakeviz
requests
pysocks
aiohttp
]) ];
documentation.dev.enable = true;
programs = {
zsh = {
enable = true;
enableCompletion = true;
syntaxHighlighting.enable = true;
vteIntegration = true;
histSize = 10000;
promptInit = ''
. ${pkgs.python3Packages.virtualenvwrapper}/bin/virtualenvwrapper.sh
'' + builtins.readFile ./dotfiles/zsh-prompt.sh;
shellInit = builtins.readFile ./dotfiles/zsh-init.sh;
shellAliases = {
ls = null;
ll = null;
l = null;
grep = "grep --color=auto";
egrep = "egrep --color=auto";
objdump = "objdump -M intel";
gits = "git status";
pag = "ps aux | grep -v grep | grep -i";
hd = "hexdump -C";
hdc = "hexdump -ve '\"\\\x\" 1/1 \"%02x\"'";
man = "batman";
nose = "pytest -v --capture=no --pdbcls=IPython.terminal.debugger:TerminalPdb";
mkvirtualenv = "mkvirtualenv -r /etc/venv-default.txt";
};
};
tmux = {
enable = true;
extraConfig = builtins.readFile ./dotfiles/tmux.conf;
};
direnv.enable = true;
htop.enable = true;
git = {
enable = true;
lfs.enable = true;
config = {
user.email = "audrey@rhelmot.io";
user.name = "Audrey Dutcher";
init.defaultBranch = "main";
blame.markUnblamableLines = true;
credential.helper = "store";
url."ssh://git@".insteadOf = "git://";
};
};
bat = {
enable = true;
extraPackages = with pkgs.bat-extras; [
batdiff
batman
prettybat
];
settings = {
italic-text = "always";
wrap = "never";
style = "plain";
};
};
};
environment.variables.PAGER = "moar";
environment.etc.zinputrc.text = lib.mkForce (builtins.readFile ./dotfiles/zsh-input.sh);
environment.etc."gdb/gdbinit".source = ./dotfiles/gdb-init.gdb;
environment.etc."venv-default.txt".source = ./dotfiles/venv-default.txt;
# Enable the OpenSSH daemon.
services.openssh.enable = true;
services.sanoid = {
enable = true;
datasets."system/home" = {
autosnap = true;
autoprune = true;
recursive = true;
processChildrenOnly = false;
yearly = 0;
monthly = 2;
daily = 7;
hourly = 24;
};
datasets."system/local/var" = {
autosnap = true;
autoprune = true;
recursive = true;
processChildrenOnly = false;
yearly = 0;
monthly = 2;
daily = 7;
hourly = 24;
};
datasets."system/local/root" = {
autosnap = true;
autoprune = true;
recursive = true;
processChildrenOnly = false;
yearly = 0;
monthly = 2;
daily = 7;
hourly = 24;
};
datasets."system/var/lib_docker" = {
autosnap = false;
recursive = true;
};
};
services.syncoid = {
enable = true;
# offset 30min from sanoid to reduce I/O spikes and give sanoid a chance to snapshot before we
# back up
interval = "00/1:30";
service = {
serviceConfig = {
ExecCondition = "+${lib.getExe pkgs.condition-unmetered-network}";
};
};
sshKey = "/var/lib/syncoid/.ssh/id_ed25519";
commands."system" = {
source = "system";
target = "buser@home.rhelmot.io:main/backup/${config.networking.hostName}/system";
# xeni note - option w is weeeeeeeird but the only consequnce is a lack of encryption
#sendOptions = "w";
recursive = true;
extraArgs = ["--skip-parent" "--sshport" "2252"];
};
};
};
}
Reference in New Issue View Git Blame Copy Permalink