nixos-config/machines/sayuri/configuration.nix

98 lines
1.9 KiB
Nix

{ config, lib, pkgs, ... }:
{
imports = [
./hardware-configuration.nix
../../modules
../../users/simon
];
sbruder = {
games = {
enable = true;
performanceIndex = 8;
};
gui.enable = true;
media-proxy.enable = true;
mullvad.enable = true;
restic.system = {
enable = true;
extraPaths = [
"/data"
];
};
unfree.allowSoftware = true;
wireguard.home.enable = true;
};
virtualisation.libvirtd = {
enable = true;
qemu.package = pkgs.qemu_kvm;
};
services.tor = {
enable = true;
client.enable = true;
};
services.privoxy = {
enable = true;
enableTor = true;
};
services.samba = {
enable = true;
securityType = "user";
extraConfig = ''
interfaces = 192.168.122.1
bind interfaces only = yes
map to guest = bad user
load printers = no
printing = bsd
disable spoolss = yes
usershare max shares = 0
acl allow execute always = True
'';
shares = {
qemu = {
path = "/data/cache/win10/shared";
browseable = "yes";
"read only" = "no";
"guest ok" = "yes";
"force user" = "simon";
};
};
};
networking.firewall.trustedInterfaces = [ "virbr0" ];
networking.hostName = "sayuri";
system.stateVersion = "20.03";
specialisation = {
foldingathome.configuration = {
services.foldingathome = {
enable = true;
user = "sbruder";
};
};
intel-sucks.configuration = {
# https://make-linux-fast-again.com/
boot.kernelParams = [
"l1tf=off"
"mds=off"
"mitigations=off"
"no_stf_barrier"
"noibpb"
"noibrs"
"nopti"
"nospec_store_bypass_disable"
"nospectre_v1"
"nospectre_v2"
"tsx=on"
"tsx_async_abort=off"
];
sbruder.gui.enable = lib.mkForce false;
};
};
}