2023-02-26 02:46:35 +01:00
|
|
|
{ config, pkgs, lib, inputs, ... }:
|
2023-02-25 04:39:30 +01:00
|
|
|
{
|
2024-01-27 03:47:28 +01:00
|
|
|
imports = let ifExists = p: if builtins.pathExists p then p else {}; in [
|
2023-06-19 02:44:40 +02:00
|
|
|
./cachix.nix # update with `cachix use --mode nixos -d . FOOBAR`
|
2023-03-04 00:11:46 +01:00
|
|
|
./profiles/locale-no.nix
|
2023-03-12 05:14:28 +01:00
|
|
|
# results of 'nixos-generate-config'
|
|
|
|
|
# nice to have if i just dump this flake into /etc/nixos on a clean install
|
2024-01-27 03:47:28 +01:00
|
|
|
(ifExists ./configuration.nix )
|
|
|
|
|
(ifExists ./hardware-configuration.nix )
|
2023-02-25 04:39:30 +01:00
|
|
|
];
|
|
|
|
|
|
2023-11-10 22:54:07 +01:00
|
|
|
nixpkgs.config.permittedInsecurePackages = [
|
|
|
|
|
"pulsar-1.106.0"
|
2023-12-10 09:47:02 +01:00
|
|
|
"pulsar-1.109.0"
|
2023-11-10 22:54:07 +01:00
|
|
|
"zotero-6.0.26"
|
2023-12-10 09:47:02 +01:00
|
|
|
"gitea-1.19.4"
|
2023-11-10 22:54:07 +01:00
|
|
|
];
|
|
|
|
|
|
2023-06-29 02:16:16 +02:00
|
|
|
environment.systemPackages = with pkgs; [
|
|
|
|
|
ddrescue
|
|
|
|
|
gptfdisk
|
|
|
|
|
ms-sys
|
|
|
|
|
nvme-cli
|
|
|
|
|
parted
|
|
|
|
|
pciutils
|
|
|
|
|
smartmontools
|
|
|
|
|
testdisk
|
|
|
|
|
usbutils
|
2024-02-10 22:11:25 +01:00
|
|
|
] ++ lib.optionals (builtins.elem config.nixpkgs.system [ "x86_64-linux" "aarch64_linux"]) [
|
|
|
|
|
cage
|
|
|
|
|
weston
|
2023-06-29 02:16:16 +02:00
|
|
|
];
|
|
|
|
|
|
2024-02-17 03:49:30 +01:00
|
|
|
# TODO: selectively whitelist
|
2023-02-25 04:39:30 +01:00
|
|
|
nixpkgs.config.allowUnfree = true;
|
|
|
|
|
nixpkgs.config.allowUnfreePredicate = (pkg: true);
|
2023-03-03 02:24:07 +01:00
|
|
|
nixpkgs.config.nonfreeLicensing = true; # used by ffmpeg
|
2023-02-25 04:39:30 +01:00
|
|
|
|
2023-07-09 00:10:03 +02:00
|
|
|
hardware.enableRedistributableFirmware = true;
|
|
|
|
|
|
2023-06-24 19:11:49 +02:00
|
|
|
nix.settings.experimental-features = [
|
|
|
|
|
"nix-command"
|
|
|
|
|
"flakes"
|
2023-02-26 21:15:08 +01:00
|
|
|
];
|
2023-03-11 00:30:24 +01:00
|
|
|
nix.settings.allowed-users = [ "*" ]; # default
|
|
|
|
|
#nix.settings.allowed-users = [ "@nixbld" "@builders" ]; # TODO: this
|
|
|
|
|
nix.settings.trusted-users = [ "root" "@wheel" ];
|
2024-01-26 01:46:33 +01:00
|
|
|
nix.settings.keep-derivations = true; # great with nix-diff
|
2023-02-25 04:39:30 +01:00
|
|
|
nix.settings.auto-optimise-store = true; # deduplicate with hardlinks, expensive. Alternative: nix-store --optimise
|
|
|
|
|
#nix.optimize.automatic = true; # periodic optimization
|
|
|
|
|
nix.gc.automatic = true;
|
|
|
|
|
nix.gc.dates = "weekly";
|
2024-02-26 11:03:25 +01:00
|
|
|
nix.gc.options = "--delete-older-than 15d";
|
|
|
|
|
nix.settings.min-free = 3 * 1024 * 1024 * 1024;
|
|
|
|
|
nix.settings.max-free = 20 * 1024 * 1024 * 1024;
|
2023-02-25 04:39:30 +01:00
|
|
|
|
2023-06-24 19:11:49 +02:00
|
|
|
services.thermald.enable = lib.mkIf (config.nixpkgs.system == "x86_64-linux") true;
|
2023-02-25 04:39:30 +01:00
|
|
|
|
2023-10-14 18:23:24 +02:00
|
|
|
# System fonts
|
|
|
|
|
# Nice to have when X-forwading on headless machines
|
|
|
|
|
fonts.fontDir.enable = true; # creates /run/current-system/sw/share/X11/fonts
|
2024-02-18 22:14:40 +01:00
|
|
|
fonts.enableDefaultPackages = true; # dejavu, freefont, gyre, liberation, unifont, noto-fonts-emoji
|
|
|
|
|
fonts.packages = with pkgs; [
|
2023-10-14 18:23:24 +02:00
|
|
|
noto-fonts # includes Cousine
|
|
|
|
|
noto-fonts-cjk
|
|
|
|
|
noto-fonts-emoji
|
|
|
|
|
noto-fonts-extra
|
|
|
|
|
];
|
|
|
|
|
|
2023-02-25 04:39:30 +01:00
|
|
|
networking.firewall.enable = true; # default
|
2024-02-26 11:03:25 +01:00
|
|
|
|
|
|
|
|
# https://discourse.nixos.org/t/what-to-do-with-a-full-boot-partition/2049
|
|
|
|
|
boot.loader.grub.configurationLimit = 15;
|
|
|
|
|
boot.loader.systemd-boot.configurationLimit = 15;
|
|
|
|
|
boot.loader.raspberryPi.uboot.configurationLimit = 15;
|
|
|
|
|
boot.loader.generic-extlinux-compatible.configurationLimit = 15;
|
2023-02-25 04:39:30 +01:00
|
|
|
}
|
