blob: aafc1b00281be5909ee21544d191353ecbcfe67d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
{config, lib, pkgs, ... }: {
programs.zsh.enable = true;
programs.zsh.interactiveShellInit = "bindkey -e";
programs.tmux.enable = true;
orbekk.secrets.enable = true;
users.users.root.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCgvHMjYQ5Ty7Em2Seji6dvYhgQUIbyhiHdzRINYpiOUMuVA8wgJOV0ZggmFFTO5zfJ83m7E5nc/zMuBVHwkx1gJz5ic8YdO9eLIhymQn9R+9fyLA+g+h8uwTi7UlFmQp+My7MYYxdA2tet1wwgm39Yu49mxi8lARUgi4awXn5K/ZFy08GyjGia2E/YKx2gXPKhHsWFKWPO5u8ik0v8AFCliY2wXiG4jkZE2zI0gI5FUp66tpxkaOSZqreH+lVJw+S+GAJIqzGI99zqZsAdpr7m4WALZEYwj9D7/lattSG14CAjXxjqcMSsfi6fV0ZsF1O40eoZ9mNQpIvatXtL6HBSN3kuUfraQMeB8o5kbxwyXt2Fr5hMKtEGYlMv5uPqdn+yHcC51F3RkUxFJplOFwZ3Rh/AjLLMKo+vEtL9UjhTuYiSQ0ySunY5JbBVkJY4z3pLT9MOPnq+KIfBMFBI/eYE6yeMNTHxIFMDaNMFOxWc0SoBDhgZJX5eblYidt/YWMOEPbqJNCrWIzQwtDsiYsF9JS/3D5civwTP/oaASaiJWTAvluwbibMFAC1OSBFb20xM5gD0C1q05pxVMN3Ioy1P0CIvJMLWfQR1yrNbnmoGUGHeSA/gwaxqMg7G+P/SBIheDAYEu5fzXXgFgO3sI8JvIdc1NTJMmHktahb/ecG1MQ== cardno:000605483586"
];
networking.networkmanager.unmanaged = [ "interface-name:wg*" ];
networking.search = [ "nyc.orbekk.com" ];
# TODO: replace with programs.neovim.enable
nixpkgs.overlays = [
(final: prev: {
neovim = prev.neovim.override {
viAlias = true;
vimAlias = true;
};
})
];
environment.variables.EDITOR = "${pkgs.neovim}/bin/nvim";
# nix.settings = {
# keep-outputs = true;
# keep-derivations = true;
# };
environment.pathsToLink = [
"/share/nix-direnv"
];
environment.systemPackages = with pkgs; [
# Can be replaced with `programs.direnv.enable` after next nixos version.
direnv nix-direnv
starship
cifs-utils
inetutils # telnet
bat
bwm_ng
clang
coreutils
direnv
dnsutils
binutils
#emacs
emacs-pgtk
#pkgs.unstable.emacsNativeComp
exa
fd
fzf
git
git-annex
gitFull
gnupg
haskellPackages.hledger
hledger
htop
iotop
ledger
moreutils
mosh
most
neovim
nix-index
p7zip
jq
pass
ripgrep
rustup
silver-searcher
sqlite
stow
unrar
unzip
whois
zoxide
gnuplot
(rWrapper.override {
packages = with rPackages; [ data_table ggplot2 hms viridis lubridate ];
})
];
time.timeZone = "America/New_York";
console.font = "ter-i32b";
console.packages = [ pkgs.terminus_font ];
services = {
postgresql = { package = pkgs.postgresql_12; };
openssh.settings.PasswordAuthentication = false;
openssh.settings.KbdInteractiveAuthentication = false;
fwupd.enable = true;
};
systemd.services.nix-gc.serviceConfig = {
Nice = 19;
IOSchedulingPriority = 7;
IOSchedulingClass = "best-effort";
};
nix = rec {
settings = {
sandbox = lib.mkDefault true;
cores = lib.mkDefault 0; # auto configure
substituters = [
"https://nix-community.cachix.org"
];
trusted-public-keys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
auto-optimise-store = true;
};
gc.automatic = lib.mkDefault true;
daemonCPUSchedPolicy = "idle";
daemonIOSchedPriority = 10;
package = pkgs.nixFlakes;
extraOptions = ''
experimental-features = nix-command flakes
'';
};
services.emacs.package = pkgs.emacs-pgtk;
services.emacs.enable = true;
boot.tmp.cleanOnBoot = true;
nixpkgs.config.allowUnfree = true;
}
|