create a common nix
This commit is contained in:
parent
42a8a7e2d3
commit
2966bb857d
2 changed files with 87 additions and 85 deletions
86
common.nix
Normal file
86
common.nix
Normal file
|
|
@ -0,0 +1,86 @@
|
|||
{ lib, pkgs, ... }:
|
||||
{
|
||||
networking = {
|
||||
wireless = {
|
||||
enable = true;
|
||||
networks = { };
|
||||
};
|
||||
nameservers = [
|
||||
"2a07:a8c0::fe:e334"
|
||||
"2a07:a8c1::fe:e334"
|
||||
];
|
||||
networkmanager.enable = true;
|
||||
};
|
||||
|
||||
nix = {
|
||||
settings = {
|
||||
substituters = lib.mkForce [
|
||||
"https://cache.nixos.org"
|
||||
"https://nix-community.cachix.org"
|
||||
];
|
||||
trusted-public-keys = lib.mkForce [
|
||||
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
|
||||
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
||||
];
|
||||
trusted-users = [ "root" ];
|
||||
sandbox = true;
|
||||
require-sigs = true;
|
||||
max-jobs = "auto";
|
||||
auto-optimise-store = true;
|
||||
allowed-users = [ "*" ];
|
||||
experimental-features = [
|
||||
"nix-command"
|
||||
"flakes"
|
||||
];
|
||||
warn-dirty = true;
|
||||
use-xdg-base-directories = true;
|
||||
keep-going = true;
|
||||
builders-use-substitutes = true;
|
||||
};
|
||||
distributedBuilds = true;
|
||||
package = pkgs.nixVersions.unstable;
|
||||
registry = lib.mkForce (
|
||||
(lib.mapAttrs (_: flake: { inherit flake; })) (
|
||||
(lib.filterAttrs (_: lib.isType "flake")) self.inputs
|
||||
)
|
||||
// {
|
||||
self.flake = self;
|
||||
}
|
||||
);
|
||||
nixPath = lib.mkForce [ "/etc/nix/path" ];
|
||||
};
|
||||
|
||||
nixpkgs = {
|
||||
config = {
|
||||
allowUnfree = true;
|
||||
nvidia.acceptLicense = true;
|
||||
};
|
||||
};
|
||||
|
||||
environment.etc = lib.mapAttrs' (name: value: {
|
||||
name = "nix/path/${name}";
|
||||
value.source = value.flake;
|
||||
}) config.nix.registry;
|
||||
|
||||
home-manager = {
|
||||
useGlobalPkgs = true;
|
||||
useUserPackages = true;
|
||||
backupFileExtension = "backup";
|
||||
};
|
||||
|
||||
systemd.services.nix-daemon.serviceConfig.LimitNOFILE = lib.mkForce 1048576000;
|
||||
|
||||
networking.hosts = { };
|
||||
|
||||
hardware.bluetooth.enable = true;
|
||||
hardware.bluetooth.powerOnBoot = true;
|
||||
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
banner = "Hackers are in Your System!!!\n";
|
||||
settings = {
|
||||
PasswordAuthentication = false;
|
||||
PermitRootLogin = "prohibit-password";
|
||||
};
|
||||
};
|
||||
}
|
||||
86
systems.nix
86
systems.nix
|
|
@ -25,6 +25,7 @@ let
|
|||
./users/jopejoe1
|
||||
./users/root
|
||||
./users/fp
|
||||
./common.nix
|
||||
self.inputs.disko.nixosModules.disko
|
||||
self.inputs.home-manager.nixosModules.home-manager
|
||||
self.inputs.nixos-generators.nixosModules.all-formats
|
||||
|
|
@ -35,91 +36,6 @@ let
|
|||
config = systemConfig;
|
||||
};
|
||||
networking.hostName = name;
|
||||
|
||||
networking = {
|
||||
wireless = {
|
||||
enable = true;
|
||||
networks = {
|
||||
};
|
||||
};
|
||||
nameservers = [
|
||||
"2a07:a8c0::fe:e334"
|
||||
"2a07:a8c1::fe:e334"
|
||||
];
|
||||
networkmanager.enable = true;
|
||||
};
|
||||
|
||||
nix = {
|
||||
settings = {
|
||||
substituters = nixpkgs.lib.mkForce [
|
||||
"https://cache.nixos.org"
|
||||
"https://nix-community.cachix.org"
|
||||
];
|
||||
trusted-public-keys = nixpkgs.lib.mkForce [
|
||||
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
|
||||
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
||||
];
|
||||
trusted-users = [ "root" ];
|
||||
sandbox = true;
|
||||
require-sigs = true;
|
||||
max-jobs = "auto";
|
||||
auto-optimise-store = true;
|
||||
allowed-users = [ "*" ];
|
||||
experimental-features = [
|
||||
"nix-command"
|
||||
"flakes"
|
||||
];
|
||||
warn-dirty = true;
|
||||
use-xdg-base-directories = true;
|
||||
keep-going = true;
|
||||
builders-use-substitutes = true;
|
||||
};
|
||||
distributedBuilds = true;
|
||||
package = pkgs.nixVersions.unstable;
|
||||
registry = nixpkgs.lib.mkForce (
|
||||
(nixpkgs.lib.mapAttrs (_: flake: { inherit flake; })) (
|
||||
(nixpkgs.lib.filterAttrs (_: nixpkgs.lib.isType "flake")) self.inputs
|
||||
)
|
||||
// {
|
||||
self.flake = self;
|
||||
}
|
||||
);
|
||||
nixPath = nixpkgs.lib.mkForce [ "/etc/nix/path" ];
|
||||
};
|
||||
|
||||
nixpkgs = {
|
||||
config = {
|
||||
allowUnfree = true;
|
||||
nvidia.acceptLicense = true;
|
||||
};
|
||||
};
|
||||
|
||||
environment.etc = nixpkgs.lib.mapAttrs' (name: value: {
|
||||
name = "nix/path/${name}";
|
||||
value.source = value.flake;
|
||||
}) config.nix.registry;
|
||||
|
||||
home-manager = {
|
||||
useGlobalPkgs = true;
|
||||
useUserPackages = true;
|
||||
backupFileExtension = "backup";
|
||||
};
|
||||
|
||||
systemd.services.nix-daemon.serviceConfig.LimitNOFILE = nixpkgs.lib.mkForce 1048576000;
|
||||
|
||||
networking.hosts = { };
|
||||
|
||||
hardware.bluetooth.enable = true;
|
||||
hardware.bluetooth.powerOnBoot = true;
|
||||
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
banner = "Hackers are in Your System!!!\n";
|
||||
settings = {
|
||||
PasswordAuthentication = false;
|
||||
PermitRootLogin = "prohibit-password";
|
||||
};
|
||||
};
|
||||
}
|
||||
];
|
||||
};
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue