blob: 72c146f5d5c97486b617876d0103e443d65e7ec1 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
|
{ config, lib, pkgs, ... }: {
programs.zsh.enable = true;
programs.zsh.interactiveShellInit = "bindkey -e";
programs.tmux.enable = true;
orbekk.secrets.enable = true;
nixpkgs.config.packageOverrides = pkgs: {
libsignal-protocol-c = pkgs.callPackage ../pkgs/libsignal-c/default.nix { };
keycloak = pkgs.callPackage ../pkgs/keycloak/default.nix { };
};
users.users.root.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCgvHMjYQ5Ty7Em2Seji6dvYhgQUIbyhiHdzRINYpiOUMuVA8wgJOV0ZggmFFTO5zfJ83m7E5nc/zMuBVHwkx1gJz5ic8YdO9eLIhymQn9R+9fyLA+g+h8uwTi7UlFmQp+My7MYYxdA2tet1wwgm39Yu49mxi8lARUgi4awXn5K/ZFy08GyjGia2E/YKx2gXPKhHsWFKWPO5u8ik0v8AFCliY2wXiG4jkZE2zI0gI5FUp66tpxkaOSZqreH+lVJw+S+GAJIqzGI99zqZsAdpr7m4WALZEYwj9D7/lattSG14CAjXxjqcMSsfi6fV0ZsF1O40eoZ9mNQpIvatXtL6HBSN3kuUfraQMeB8o5kbxwyXt2Fr5hMKtEGYlMv5uPqdn+yHcC51F3RkUxFJplOFwZ3Rh/AjLLMKo+vEtL9UjhTuYiSQ0ySunY5JbBVkJY4z3pLT9MOPnq+KIfBMFBI/eYE6yeMNTHxIFMDaNMFOxWc0SoBDhgZJX5eblYidt/YWMOEPbqJNCrWIzQwtDsiYsF9JS/3D5civwTP/oaASaiJWTAvluwbibMFAC1OSBFb20xM5gD0C1q05pxVMN3Ioy1P0CIvJMLWfQR1yrNbnmoGUGHeSA/gwaxqMg7G+P/SBIheDAYEu5fzXXgFgO3sI8JvIdc1NTJMmHktahb/ecG1MQ== cardno:000605483586"
];
networking.networkmanager.unmanaged = [ "interface-name:wg*" ];
# TODO: replace with programs.neovim.enable
nixpkgs.overlays = [
(final: prev: {
neovim = prev.neovim.override {
viAlias = true;
vimAlias = true;
};
})
];
environment.variables.EDITOR = "${pkgs.neovim}/bin/nvim";
environment.systemPackages = with pkgs; [
inetutils # telnet
bat
bwm_ng
clang
coreutils
direnv
dnsutils
binutils
#emacs
emacsPgtkNativeComp
exa
fd
fzf
git
gitFull
gnupg
haskellPackages.hledger
hledger
htop
iotop
ledger
moreutils
mosh
most
neovim
nix-index
p7zip
pass
ripgrep
rustup
silver-searcher
sqlite
stow
unrar
unzip
whois
zoxide
gnuplot
(rWrapper.override {
packages = with rPackages; [ data_table ggplot2 hms viridis lubridate ];
})
];
time.timeZone = "America/New_York";
console.font = "ter-i32b";
console.packages = [ pkgs.terminus_font ];
services = {
postgresql = { package = pkgs.postgresql_12; };
openssh.passwordAuthentication = false;
openssh.challengeResponseAuthentication = false;
};
systemd.services.nix-gc.serviceConfig = {
Nice = 19;
IOSchedulingPriority = 7;
IOSchedulingClass = "best-effort";
};
nix = rec {
useSandbox = lib.mkDefault true;
maxJobs = lib.mkOverride 110 16;
buildCores = lib.mkDefault 0; # auto configure
gc.automatic = lib.mkDefault true;
binaryCaches = [
"https://nix-community.cachix.org"
];
binaryCachePublicKeys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
daemonCPUSchedPolicy = "idle";
daemonIOSchedPriority = 10;
package = pkgs.nixFlakes;
extraOptions = ''
experimental-features = nix-command flakes
'';
autoOptimiseStore = true;
};
boot.cleanTmpDir = true;
nixpkgs.config.allowUnfree = true;
}
|