{ config, pkgs, lib, ... }: { imports = [ ./cachix.nix (if builtins.pathExists ./hardware-configuration.nix then ./hardware-configuration.nix # results of hardware scan else {} ) ]; nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfreePredicate = (pkg: true); system.autoUpgrade.enable = true; # daily nixos-rebuild switch, no reboot by default nix.settings.trusted-users = [ "root" ]; nix.settings.auto-optimise-store = true; # deduplicate with hardlinks, expensive. Alternative: nix-store --optimise #nix.optimize.automatic = true; # periodic optimization nix.gc.automatic = true; nix.gc.dates = "weekly"; nix.gc.options = "--delete-older-than 30d"; # TODO: can i make this non-string? nix.extraOptions = '' experimental-features = nix-command flakes ''; # TODO: only if x86_64? services.thermald.enable = true; # Bootloader boot.loader.grub.enable = true; boot.loader.grub.device = "/dev/sda"; # TODO: host-specific boot.loader.grub.useOSProber = true; # firewall services.fail2ban.enable = config.services.openssh.enable; networking.firewall.enable = true; # default # Time zone and internationalisation properties. time.timeZone = "Europe/Oslo"; i18n.defaultLocale = "en_US.utf8"; i18n.extraLocaleSettings.LC_ADDRESS = "nb_NO.utf8"; i18n.extraLocaleSettings.LC_IDENTIFICATION = "nb_NO.utf8"; i18n.extraLocaleSettings.LC_MEASUREMENT = "nb_NO.utf8"; i18n.extraLocaleSettings.LC_MONETARY = "nb_NO.utf8"; i18n.extraLocaleSettings.LC_NAME = "nb_NO.utf8"; i18n.extraLocaleSettings.LC_NUMERIC = "nb_NO.utf8"; i18n.extraLocaleSettings.LC_PAPER = "nb_NO.utf8"; i18n.extraLocaleSettings.LC_TELEPHONE = "nb_NO.utf8"; i18n.extraLocaleSettings.LC_TIME = "nb_NO.utf8"; console.keyMap = "no"; services.xserver.layout = "no"; services.xserver.xkbVariant = ""; # System fonts # Nice to have when X-forwading on headless machines # TODO: move? fonts.fonts = with pkgs; [ noto-fonts # includes Cousine noto-fonts-cjk noto-fonts-emoji noto-fonts-extra dejavu_fonts ]; }