61 lines
1.6 KiB
Nix
61 lines
1.6 KiB
Nix
|
{ config, lib, pkgs, ... }:
|
||
|
|
||
|
{
|
||
|
# Essential system tools
|
||
|
environment.systemPackages = with pkgs; [
|
||
|
git
|
||
|
git-crypt # used to store secrets in configuration
|
||
|
git-lfs # not so essential, but required to clone config
|
||
|
htop
|
||
|
(unstable.neovim.override { vimAlias = true; }) # FIXME unstable is for python-msgpack 1.0; use stable once python-msgpack 1.0 is in stable
|
||
|
tmux
|
||
|
];
|
||
|
|
||
|
# Clean temporary files on boot
|
||
|
boot.cleanTmpDir = true;
|
||
|
|
||
|
# Disable firewall
|
||
|
networking.firewall.enable = lib.mkDefault false;
|
||
|
|
||
|
# Set zsh as default shell
|
||
|
programs.zsh.enable = true;
|
||
|
users.defaultUserShell = pkgs.zsh;
|
||
|
|
||
|
# Sane swapping
|
||
|
boot.kernel.sysctl."vm.swapiness" = 10;
|
||
|
|
||
|
# Store logs persistently
|
||
|
services.journald.extraConfig = "Storage = persistent";
|
||
|
|
||
|
# Hard drive monitoring
|
||
|
services.smartd.enable = true;
|
||
|
# Network monitoring
|
||
|
services.vnstat.enable = true;
|
||
|
|
||
|
# Authentication/Encryption agents
|
||
|
programs.gnupg.agent.enable = true;
|
||
|
programs.ssh.startAgent = true;
|
||
|
|
||
|
# NixOS version
|
||
|
system.stateVersion = "20.03";
|
||
|
|
||
|
nixpkgs.config = {
|
||
|
# Explicitly allow unfree packages (rule of thumb: assets ok, code not ok)
|
||
|
allowUnfreePredicate = (
|
||
|
pkg: builtins.elem (lib.getName pkg) [
|
||
|
"corefonts"
|
||
|
"vista-fonts"
|
||
|
]
|
||
|
);
|
||
|
# Add unstable channel
|
||
|
packageOverrides = pkgs: {
|
||
|
unstable = import (builtins.fetchTarball "https://github.com/NixOS/nixpkgs-channels/archive/nixos-unstable.tar.gz") {
|
||
|
config = config.nixpkgs.config;
|
||
|
};
|
||
|
nur = import (builtins.fetchTarball "https://github.com/nix-community/NUR/archive/master.tar.gz") {
|
||
|
inherit pkgs;
|
||
|
};
|
||
|
};
|
||
|
};
|
||
|
}
|