era-configuration-nix/configuration.nix
2017-06-23 22:11:57 +02:00

334 lines
10 KiB
Nix

{ config, pkgs, ... }:
{
imports =
[
./hardware-configuration.nix
./mail.nix
./ipfs.nix
#./ipv6.nix
];
boot = {
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
cleanTmpDir = true;
initrd.supportedFilesystems = [ "btrfs" ];
supportedFilesystems = [ "btrfs" ];
tmpOnTmpfs = true;
};
environment = {
variables.EDITOR = pkgs.lib.mkOverride 10 "vim"; # vim is my default editor
shells = [ pkgs.zsh ];
systemPackages = with pkgs; [
(import ./vim.nix)
arandr
chromium
crda # WiFi regulatory domains
gimp
lemonbar
git
(pkgs.lib.mkOverride 10 st) # patched, see at the end of this file
gnumeric
mpv
nethogs
optipng
pavucontrol
qutebrowser
stow
unzip
wget
zathura
];
};
hardware = {
bluetooth.enable = false;
cpu.intel.updateMicrocode = true;
pulseaudio = {
enable = true;
package = pkgs.pulseaudioLight;
};
trackpoint.enable = true;
opengl.extraPackages = with pkgs; [ # These are imported by ocl-icd
beignet # intel gpu
intel-ocl # intel cpu
];
};
i18n = {
consoleFont = "Lat2-Terminus16";
consoleKeyMap = "fr-bepo";
defaultLocale = "en_US.UTF-8";
supportedLocales = [
"de_DE.UTF-8/UTF-8"
"en_US.UTF-8/UTF-8"
"fr_FR.UTF-8/UTF-8"
"fi_FI.UTF-8/UTF-8" ];
};
networking = {
firewall.enable = true;
hostName = "era";
extraHosts = ''
192.168.1.1 router
163.172.81.107 sahkopoika courriel.marvid.fr
163.172.25.159 protonpack
195.154.102.65 kromuniste
192.168.158.23 pimusicbox
'';
networkmanager.enable = false;
# wireless configs are stored in /etc/wpa_supplicant.conf
wireless = {
enable = true;
interfaces = [ "wlo1" ];
userControlled.enable = true;
};
};
# Test (can be removed)
nix.useSandbox = true;
programs = {
bash.enableCompletion = true;
zsh.enable = true;
zsh.enableCompletion = true;
adb.enable = true;
mosh.enable = true;
tmux.enable = true;
chromium = {
enable = true;
defaultSearchProviderSearchURL = "https://duckduckgo.com/?q={searchTerms}";
defaultSearchProviderSuggestURL = null;
extensions = [
"ihlenndgcmojhcghmfjfneahoeklbjjh" # cVim
"cjpalhdlnbpafiamejdnhcphjbkeiagm" # ublock origin
];
extraOpts = {
AlternateErrorPagesEnabled = false;
AlwaysOpenPdfExternally = true;
AutoFillEnabled = false;
BackgroundModeEnabled = false;
BlockThirdPartyCookies = true;
BookmarkBarEnabled = false;
BrowserAddPersonEnabled = false;
BrowserGuestModeEnabled = false;
BuiltInDnsClientEnabled = false;
CloudPrintProxyEnabled = false;
CloudPrintSubmitEnabled = false;
ContextualSearchEnabled = false;
DefaultBrowserSettingEnabled = false;
DefaultGeolocationSetting = 2;
DownloadDirectory = "/tmp";
NTPContentSuggestionsEnabled = false;
NetworkPredictionOptions = 2;
PasswordManagerEnabled = false;
SearchSuggestEnabled = false;
SpellCheckServiceEnabled = false;
TranslateEnabled = false;
};
};
};
security = {
sudo.wheelNeedsPassword = false;
pki.certificates = [
''
-----BEGIN CERTIFICATE-----
MIIDPTCCAiWgAwIBAgIJAMbx5WIu+oU+MA0GCSqGSIb3DQEBBQUAMDUxCzAJBgNV
BAYTAkZSMRUwEwYDVQQKDAxVbml0ZWQgUm9vdHMxDzANBgNVBAMMBk1hcnZpZDAe
Fw0xNDExMDMwMDI1NTNaFw0xOTExMDIwMDI1NTNaMDUxCzAJBgNVBAYTAkZSMRUw
EwYDVQQKDAxVbml0ZWQgUm9vdHMxDzANBgNVBAMMBk1hcnZpZDCCASIwDQYJKoZI
hvcNAQEBBQADggEPADCCAQoCggEBANl+Yqu63ivUX3ihurub0sreLmCKMPQg5Huh
F0kB9qJBiZZcRF92Fa12w9619AEVofRstlxB/Zj2H1HxfE1hVrHFq/5qUg9sBsYd
uXKLgjhXlUSjXDBy8qajOyoag7stQFFciglCwdMv26eEzLt0bpfNj6RjOn3MWeMj
BsYnY/U4VP1KcrlQnxHFjJtzL6uMHSvLGckUE29AvpB8B0ZADkxmQAy5HuCnPweQ
X3gNffR/niRnaIyatihI8yL5of01PJ/TiF+KAv99noaFEa3YgBIjtlego5S1lhUx
cDL4vsQ5aYvuyxmYQ/KYuNotGiSBeDNJSDV43cHujZnwqPWuUbMCAwEAAaNQME4w
HQYDVR0OBBYEFJopvu7AhwhzskjBKlrMe/NS/AqxMB8GA1UdIwQYMBaAFJopvu7A
hwhzskjBKlrMe/NS/AqxMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEB
AJdtOVybiIf7IXDHO68lOe2Ob14WnAadE/FyzmWAsUbR4cVzAu6ObhcwiWWX5Ij2
aLx1hLWdIxyoxY76lCvvQ60rZ/9hbUR5n8rVNWPOqCBo7TCWpFT8KJFLpGKJkwKi
icC6dqBpjeX2hd2ahPyaaGdUnLYxY4znLz1/RgSrzzTGUmjIHN9Go4ACVimJB5IR
3paGD4ntvfuwWZevF7SFdGJiMl+yECXVO3+3fWvEJXCwq5F9eE4f2HYljgdFE4GT
X8aV5rzT5g2j9piZWLoX3wh4XwhItFT7WFtEwuoVi0jWRKpU6DRTuqAqXSbuGboo
ozM+r1wQMF2wE4aNnT+g0EQ=
-----END CERTIFICATE-----
''
''
-----BEGIN CERTIFICATE-----
MIIFODCCAyCgAwIBAgIJALKrFKLDxFUfMA0GCSqGSIb3DQEBCwUAMBcxFTATBgNV
BAMMDFVuaXRlZCBSb290czAeFw0xNzA0MTkyMjMzMTRaFw0yNzA0MTcyMjMzMTRa
MBcxFTATBgNVBAMMDFVuaXRlZCBSb290czCCAiIwDQYJKoZIhvcNAQEBBQADggIP
ADCCAgoCggIBAOCTH4sqkC6TJXqalbiALL+y8tpZF96hrZjt4o6+lJjqYqHP00E8
KliAGqyBT40oWGO/k/kmnbmSrTOQGWUujtqgSqDO9Mqyfk/orf5GLzVYu66/Wf28
Tn6rSgf/62HVQdczpgWPDkg1IvmJg0E+iA3C28/+hjVc+re0Lp1BEjEOHay2aoaS
YRwudowTvnoRyPcWzIUYOg/GbmaRE4fiwOW7ulAbK05CJSIHMzjkS5Zfegc8FDEq
B463VusW0nmUGtxA524dsmiy5KFI4GtJrQZDy4xnX7+/kefCdR1Rb6hbSpa4/7e6
FGF4R3Ll+9vsHLVgljdGjgoIEeiHAO6eq00jFkqDaM+uNPyKQSvc4pBIIo+yWXtl
B2/0XMrOFz8hzLRg8fElO0kZ0Biv+Rxr+T50EBlgdgejAJnKUaxX3ob4Z9tuNqGr
QTxiGiDC4anetmVD3bMbkwUYa8fMun2mg3Pzkw02fnxNMJ6uIlXvTLP+YRILULLb
/Os6KHoynyNn1wiTNQ6f72TV0+fMgK83JaZtjWgrPY5ap97n1phKKqgMfTgmtoMR
uaYXSVAiAE4CjyJRwiJRYiVWXW3zHnTTsJuYlEoaqsP0le67AYT8aPtCllt3i5g+
omlNgkMdIfpCMj3oreYrzdQ4Y3Qqpj+USbM/sIsdWTuiE3oYL7HI9/AtAgMBAAGj
gYYwgYMwHQYDVR0OBBYEFAI6ZBnripjC7OQ8+sVwQSRCS8OeMEcGA1UdIwRAMD6A
FAI6ZBnripjC7OQ8+sVwQSRCS8OeoRukGTAXMRUwEwYDVQQDDAxVbml0ZWQgUm9v
dHOCCQCyqxSiw8RVHzAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjANBgkqhkiG
9w0BAQsFAAOCAgEAxkaH+PUtp+38oBf6fzgBT/7nKdgWDC9saAc4XTB2zGOExE1n
03X06n/FSCefvFBPD2ReYEGe2+Xt+S6vo3gU32P4uLNsVTGCPqB1dWEWRDdNwZHn
qdNOvh2Jrvh7H7+y+lLBF8w/ypJtuHBVmQqJOBhcPqnVatTf6Ikpby+cVDiD1JUl
p9HwlCl2KTTIxY/boRWowF8AYXWTDCRMfPkPRPlmIGBTSSdWCVijXKchUxjMGKzK
pUZac3/F/GaHWg+WKLTeHBtoTMhVzPWPe8U/5QJZGuMCCS5jwbKZP96yvOQvQgQm
pIkhH8+2AZoV0F5jk/jzesg+6OeJc9wGjahbJtIXYdrmb9/hGDrZCgyO/WE1/7oZ
AViYHGfuX4jskWazVwuxKX0nMySwCRe8YsfzW3t0hEQfvQuhlXcUZ+/DN8lnVRMq
V5lJhCHckeHI1wLd+pYrW+PxASbB1wSpZVSdgE8kKKdSHJ3lcOtMJ8UhlYG/YkHM
TgtCO/zC8Suibx3Td5RWL4OrI+xep+4tj9Fg01CtIndVyVBA+FVw3dll4d5kmQhU
jEiakxnarNc6NOaZUDdA7vzPvrg3V3FoUnst9riRKRtFelCMy9xlgP1jMO8EkyJl
50QGN1dKcZejnf59ahrV5KrnSNHRBRyrCvmVM75Ke9KNrAen/R9HjVJ2CIo=
-----END CERTIFICATE-----
'' ];
};
services = {
avahi.enable = false; # for cups printer discovery
udev.packages = with pkgs; [ crda ];
peerflix = {
enable = true;
stateDir = "/tmp/peerflix";
};
cron.enable = false;
nixosManual.enable = false;
printing = {
enable = true;
drivers = with pkgs; [
dell-530cdn # dell 5130cdn (typo)
cups-toshiba-estudio # Yay, my pull request has been accepted
hplip
];
};
redshift = {
enable = true;
latitude = "48.8534100";
longitude = "2.3488000";
};
openssh = {
enable = true;
permitRootLogin = "no";
passwordAuthentication = false;
startWhenNeeded = true;
};
openvpn.servers.era = {
autoStart = false;
updateResolvConf = true;
config = builtins.readFile ./era.ovpn; # Pas top ._.
};
xserver = {
enable = true;
layout = "fr";
xkbVariant = "bepo";
autorun = true;
displayManager = {
sessionCommands = ''
xset r rate 200 75
xrandr --output eDP1 --mode 1920x1080
sh /home/eeva/.fehbg
mkdir -p /tmp/monitors
'';
slim.theme = pkgs.fetchurl {
url = http://marvid.fr/~eeva/mirror/slim-theme-solarized-debian.tar.bz2;
sha256 = "e792886a39b97bed0cb1022bec381806b0ca1dcc726b093187231bd1902acd49";
};
};
libinput = {
enable = true;
disableWhileTyping = true;
};
#synaptics = {
# enable = true;
# palmDetect = true;
# twoFingerScroll = true;
#};
videoDrivers = [ "intel" "modesetting" ];
#videoDrivers = [ "amdgpu" "intel" "modsetting" ]; # I wish
windowManager.xmonad = {
enable = true;
enableContribAndExtras = true;
};
desktopManager.xterm.enable = false;
};
};
systemd.mounts = [
{ what = "/dev/sdb1";
where = "/mnt/usb1";
mountConfig = {
TimeoutSec = "1";
Options = "uid=eeva";
};
}
];
systemd.automounts = [
{ where = "/mnt/usb1";
automountConfig = { TimeoutIdleSec = "1"; };
wantedBy = [ "default.target" ];
}
];
time.timeZone = "Europe/Paris";
users = {
extraUsers.eeva = {
isNormalUser = true;
home = "/home/eeva";
extraGroups = [ "wheel" ];
shell = pkgs.zsh;
uid = 1000;
};
mutableUsers = true; # Need this to change passwords.
motd = "Death to the DeathStar";
};
# Rasvaton / Fet-fri
nix.gc.automatic = true;
nix.gc.options = "--delete-older-than 1w";
nix.gc.dates = "02:22";
# Upgrade when possible
system.autoUpgrade.enable = true;
system.stateVersion = "17.03";
## Special config
nixpkgs.overlays = [ (self: super: {
st = super.st.override {
patches = builtins.map super.fetchurl [
{ url = "http://st.suckless.org/patches/st-no_bold_colors-20160727-308bfbf.diff";
sha256 = "2e8cdbeaaa79ed067ffcfdcf4c5f09fb5c8c984906cde97226d4dd219dda39dc";
}
{ url = "http://st.suckless.org/patches/st-solarized-both-20160727-308bfbf.diff";
sha256 = "b7b25ba01b7ae87ec201ebbb1bf82742d5979788ecc6773a356eebe7d90a9703";
}
];
};
cups-filters = super.callPackage /home/eeva/pkgs/cups-filters {};
})
];
nixpkgs.config.allowUnfree = true;
}