130 lines
3.6 KiB
Nix
130 lines
3.6 KiB
Nix
{
|
|
self,
|
|
nixpkgs,
|
|
inputs,
|
|
}:
|
|
|
|
let
|
|
mkSystem =
|
|
systemConfig: name:
|
|
nixpkgs.lib.nixosSystem rec {
|
|
system =
|
|
builtins.replaceStrings
|
|
[
|
|
"-unknown-"
|
|
"-gnu"
|
|
]
|
|
[
|
|
"-"
|
|
""
|
|
]
|
|
systemConfig;
|
|
specialArgs = inputs;
|
|
modules = [
|
|
./systems/${name}
|
|
./users/jopejoe1
|
|
./users/root
|
|
./users/fp
|
|
self.inputs.disko.nixosModules.disko
|
|
self.inputs.home-manager.nixosModules.home-manager
|
|
self.inputs.nixos-generators.nixosModules.all-formats
|
|
{
|
|
system.stateVersion = "24.05";
|
|
nixpkgs.hostPlatform = {
|
|
system = system;
|
|
config = systemConfig;
|
|
};
|
|
networking.hostName = name;
|
|
|
|
networking = {
|
|
wireless = {
|
|
enable = true;
|
|
networks = {
|
|
};
|
|
};
|
|
nameservers = [
|
|
"2a07:a8c0::fe:e334"
|
|
"2a07:a8c1::fe:e334"
|
|
];
|
|
networkmanager.enable = true;
|
|
};
|
|
|
|
nix = {
|
|
settings = {
|
|
substituters = nixpkgs.lib.mkForce [
|
|
"https://cache.nixos.org"
|
|
"https://nix-community.cachix.org"
|
|
];
|
|
trusted-public-keys = nixpkgs.lib.mkForce [
|
|
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
|
|
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
|
];
|
|
trusted-users = [ "root" ];
|
|
sandbox = true;
|
|
require-sigs = true;
|
|
max-jobs = "auto";
|
|
auto-optimise-store = true;
|
|
allowed-users = [ "*" ];
|
|
experimental-features = [
|
|
"nix-command"
|
|
"flakes"
|
|
];
|
|
warn-dirty = true;
|
|
use-xdg-base-directories = true;
|
|
keep-going = true;
|
|
builders-use-substitutes = true;
|
|
};
|
|
distributedBuilds = true;
|
|
package = pkgs.nixVersions.unstable;
|
|
registry = nixpkgs.lib.mkForce (
|
|
(nixpkgs.lib.mapAttrs (_: flake: { inherit flake; })) (
|
|
(nixpkgs.lib.filterAttrs (_: nixpkgs.lib.isType "flake")) self.inputs
|
|
)
|
|
// {
|
|
self.flake = self;
|
|
}
|
|
);
|
|
nixPath = nixpkgs.lib.mkForce [ "/etc/nix/path" ];
|
|
};
|
|
|
|
nixpkgs = {
|
|
config = {
|
|
allowUnfree = true;
|
|
nvidia.acceptLicense = true;
|
|
};
|
|
};
|
|
|
|
environment.etc = nixpkgs.lib.mapAttrs' (name: value: {
|
|
name = "nix/path/${name}";
|
|
value.source = value.flake;
|
|
}) config.nix.registry;
|
|
|
|
home-manager = {
|
|
useGlobalPkgs = true;
|
|
useUserPackages = true;
|
|
backupFileExtension = "backup";
|
|
};
|
|
|
|
systemd.services.nix-daemon.serviceConfig.LimitNOFILE = nixpkgs.lib.mkForce 1048576000;
|
|
|
|
networking.hosts = { };
|
|
|
|
hardware.bluetooth.enable = true;
|
|
hardware.bluetooth.powerOnBoot = true;
|
|
|
|
services.openssh = {
|
|
enable = true;
|
|
banner = "Hackers are in Your System!!!\n";
|
|
settings = {
|
|
PasswordAuthentication = false;
|
|
PermitRootLogin = "prohibit-password";
|
|
};
|
|
};
|
|
}
|
|
];
|
|
};
|
|
in
|
|
{
|
|
pi400 = mkSystem "aarch64-unknown-linux-gnu" "pi400";
|
|
pi4 = mkSystem "aarch64-unknown-linux-gnu" "pi4";
|
|
}
|