diff options
Diffstat (limited to 'etc/nix/configuration.nix')
| -rw-r--r-- | etc/nix/configuration.nix | 323 |
1 files changed, 0 insertions, 323 deletions
diff --git a/etc/nix/configuration.nix b/etc/nix/configuration.nix deleted file mode 100644 index 4bfaa4c..0000000 --- a/etc/nix/configuration.nix +++ /dev/null @@ -1,323 +0,0 @@ -{ config, pkgs, lib, ... }: - -# rollback to a previously working channel version, useful -# when "doas nixos-rebuild switch --upgrade" breaks: -# -# $ doas nix-channel --rollback - -{ - imports = [ /etc/nixos/hardware-configuration.nix ]; - - # Use the systemd-boot EFI boot loader. - boot = { - tmp = { - cleanOnBoot = true; - useTmpfs = true; - }; - - loader = { - efi.canTouchEfiVariables = true; - grub = { - enable = true; - efiSupport = true; - device = "nodev"; - }; - }; - - initrd = { - availableKernelModules = [ - "xhci_pci" - "ahci" - "usb_storage" - "nvme" - "rtsx_usb_sdmmc" - "uas" - "sd_mod" - ]; - luks.devices = { - crypted = { - device = "/dev/nvme0n1p2"; - preLVM = true; - }; - }; - }; - - kernelModules = [ "kvm-intel" ]; - }; - - nix.extraOptions = '' - experimental-features = flakes nix-command - ''; - - hardware = { - bluetooth.enable = true; - pulseaudio = { - enable = true; - extraConfig = '' - load-module module-echo-cancel - ''; - }; - - opengl = { - enable = true; - driSupport = true; - driSupport32Bit = true; - extraPackages = with pkgs; [ - intel-media-driver - libvdpau-va-gl - vaapiIntel - vaapiVdpau - ]; - }; - - # nvidia = { }; - }; - - security.pam.services = { - login.fprintAuth = true; - xscreensaver.fprintAuth = true; - }; - - networking = { - hostName = "usurpador"; - networkmanager.enable = true; - stevenblack.enable = true; - }; - - location.provider = "geoclue2"; - console.keyMap = "br-abnt2"; - time.timeZone = "America/Sao_Paulo"; - i18n = { - defaultLocale = "fr_FR.UTF-8"; - supportedLocales = [ - "C.UTF-8/UTF-8" - "en_AU.UTF-8/UTF-8" - "fr_FR.UTF-8/UTF-8" - "pt_BR.UTF-8/UTF-8" - ]; - }; - - programs = { - adb.enable = true; - less.enable = lib.mkForce false; - }; - - environment = { - systemPackages = with pkgs; [ - xmobar - i3lock - intel-gpu-tools # for intel_gpu_top(1) - ]; - }; - - nixpkgs = { - config = { - packageOverrids = pkgs: { - vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; }; - }; - }; - overlays = [ - (import (fetchTarball { - url = - "https://euandre.org/git/package-repository/snapshot/package-repository-main.tar.xz"; - }) { inherit pkgs; }) - ]; - - }; - - documentation.man = { - enable = true; - generateCaches = true; - }; - - services = { - upower.enable = true; - blueman.enable = true; - pcscd.enable = true; - udisks2.enable = true; - globalprotect.enable = true; - redshift.enable = true; - acpid.enable = true; - fstrim.enable = true; - fprintd.enable = true; - - geoclue2 = { - enable = true; - appConfig.redshift.isAllowed = true; - }; - - logind.lidSwitch = "lock"; - - postfix = { - enable = true; - extraConfig = '' - mynetworks = 127.0.0.0/8 - - header_checks = regexp:{ { /^Received:.*/ IGNORE }, { /^X-Originating-IP:.*/ IGNORE } } - - sender_dependent_relayhost_maps = hash:/var/lib/private/postfix/relayhosts-maps - smtp_sasl_password_maps = hash:/var/lib/private/postfix/sasl-password - smtp_sasl_auth_enable = yes - smtp_sasl_security_options = noanonymous - smtp_tls_security_level = encrypt - smtp_tls_note_starttls_offer = yes - smtp_use_tls = yes - smtp_sender_dependent_authentication = yes - smtp_sasl_mechanism_filter = login, plain - message_size_limit = 102400000 - mailbox_size_limit = 102400000000 - ''; - config = { smtp_tls_security_level = "encrypt"; }; - extraAliases = '' - root: andreh - andreh: eu@euandre.org - ''; - }; - - openssh = { - enable = true; - settings = { - PermitRootLogin = "no"; - PasswordAuthentication = false; - }; - }; - - # required by vagrant+libvirt - nfs.server.enable = true; - - # Required for local network printer - avahi = { - enable = true; - nssmdns = true; - extraServiceFiles = { - ssh = "${pkgs.avahi}/etc/avahi/services/ssh.service"; - }; - hostName = "usurpadinho"; - publish = { - enable = true; - addresses = true; - domain = true; - userServices = true; - workstation = true; - hinfo = true; - }; - reflector = true; - }; - - printing = { - enable = true; - drivers = let - epson-201401w = with pkgs; - stdenv.mkDerivation rec { - v = "201401w"; - pname = "epson-${v}"; - version = "1.0.0"; - - src = fetchurl { - urls = [ - "https://download.ebz.epson.net/dsc/op/stable/SRPMS/epson-inkjet-printer-${v}-${version}-1lsb3.2.src.rpm" - "https://download3.ebz.epson.net/dsc/f/03/00/03/45/41/92e9c9254f0ee4230a069545ba27ec2858a2c457/epson-inkjet-printer-201401w-1.0.0-1lsb3.2.src.rpm" - ]; - sha256 = "0c60m1sd59s4sda38dc5nniwa7dh1b0kv1maajr0x9d38gqlyk3x"; - }; - - nativeBuildInputs = [ rpmextract autoreconfHook file ]; - - buildInputs = [ libjpeg cups ]; - - unpackPhase = '' - rpmextract $src - tar -zxf epson-inkjet-printer-${v}-${version}.tar.gz - tar -zxf epson-inkjet-printer-filter-${version}.tar.gz - for ppd in epson-inkjet-printer-${v}-${version}/ppds/*; do - substituteInPlace $ppd --replace "/opt/epson-inkjet-printer-${v}" "$out" - substituteInPlace $ppd --replace "/cups/lib" "/lib/cups" - done - cd epson-inkjet-printer-filter-${version} - ''; - - postInstall = '' - cd ../epson-inkjet-printer-${v}-${version} - cp -a lib64 resource watermark $out - mkdir -p $out/share/cups/model/epson-inkjet-printer-${v} - cp -a ppds $out/share/cups/model/epson-inkjet-printer-${v}/ - cp -a Manual.txt $out/doc/ - cp -a README $out/doc/README.driver - ''; - }; - in [ epson-201401w ]; - }; - - xserver = { - enable = true; - layout = "br"; - xkbOptions = "caps:swapescape"; - videoDrivers = [ "intel" ]; - - # Touchpad support - libinput.enable = true; - - windowManager.xmonad = { - enable = true; - enableContribAndExtras = true; - }; - }; - }; - - users = { - extraUsers = let - andrehUser = { - andreh = { - isNormalUser = true; - uid = 1000; - description = "EuAndreh"; - extraGroups = [ "wheel" "networkmanager" "docker" "adbusers" "dialout" ]; - }; - }; - # From the Guix manual: - # https://www.gnu.org/software/guix/manual/en/html_node/Build-Environment-Setup.html#Build-Environment-Setup - buildUser = (i: { - "guixbuilder${i}" = { # guixbuilder$i - group = "guixbuild"; # -g guixbuild - extraGroups = [ "guixbuild" ]; # -G guixbuild - home = "/var/empty"; # -d /var/empty - shell = pkgs.shadow; # -s `which nologin` - description = "Guix build user ${i}"; # -c "Guix buid user $i" - isSystemUser = true; # --system - }; - }); - # merge all users - in pkgs.lib.fold (str: acc: acc // buildUser str) andrehUser - # for i in `seq -w 1 10` - (map (pkgs.lib.fixedWidthNumber 2) (builtins.genList (n: n + 1) 10)); - - extraGroups.guixbuild = { name = "guixbuild"; }; - }; - - systemd = { - services = { - # Derived from Guix guix-daemon.service.in - # https://git.savannah.gnu.org/cgit/guix.git/tree/etc/guix-daemon.service.in?id=00c86a888488b16ce30634d3a3a9d871ed6734a2 - guix-daemon = { - enable = true; - description = "Build daemon for GNU Guix"; - serviceConfig = { - ExecStart = - "/var/guix/profiles/per-user/root/current-guix/bin/guix-daemon --build-users-group=guixbuild --substitute-urls='https://substitutes.nonguix.org https://ci.guix.gnu.org https://bordeaux.guix.gnu.org'"; - }; - wantedBy = [ "multi-user.target" ]; - }; - }; - }; - - system = { - stateVersion = "20.03"; - autoUpgrade = { - enable = true; - dates = "0:10"; - }; - }; - - virtualisation.docker.enable = true; - virtualisation.libvirtd.enable = true; -} |