c2vi/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
596b39f63df6a42b3117ae05d8b79fa97e4c8f41
dotfiles/hosts/main.nix
Sebastian Moser 596b39f63d removed those system packages that no one needs
2023-10-31 20:40:53 +01:00

160 lines
3.9 KiB
Nix
Raw Blame History

{ pkgs, lib, workDir, self, secretsDir, ... }:
{
# https://bugzilla.kernel.org/show_bug.cgi?id=110941
# ??????????? TODO
# boot.kernelParams = [ "intel_pstate=no_hwp" ];
# Supposedly better for the SSD.
# ??????????? TODO
# fileSystems."/".options = [ "noatime" "nodiratime" "discard" ];
imports = [
../common/all.nix
../common/nixos.nix
../common/nixos-graphical.nix
../users/me/default.nix
];
networking.hostName = "main";
# some bind mounts
fileSystems."${workDir}/priv-share/things" = {
device = "${workDir}/things";
options = [ "bind" ];
};
fileSystems."${workDir}/things/htl" = {
device = "${workDir}/htl";
options = [ "bind" ];
};
fileSystems."${workDir}/things/diplomarbeit" = {
device = "${workDir}/diplomarbeit";
options = [ "bind" ];
};
# syncthing for main
services.syncthing = {
enable = true;
user = "me";
#dataDir = "/home/";
configDir = "/home/me/.config/syncthing";
extraFlags = ["-no-browser"];
openDefaultPorts = true;
overrideDevices = true; # overrides any devices added or deleted through the WebUI
overrideFolders = true; # overrides any folders added or deleted through the WebUI
devices = {
"seb-phone" = {
id = builtins.readFile "${secretsDir}/syncthing-id-phone";
#addresses = [ "tcp://192.168.200.24:22000" ];
};
"seb-tab" = {
id = builtins.readFile "${secretsDir}/syncthing-id-tab";
#addresses = [ "tcp://192.168.200.26:22000" ];
};
};
folders = {
"priv-share" = { # Name of folder in Syncthing, also the folder ID
path = "/home/me/work/priv-share"; # Which folder to add to Syncthing
#devices = [ "seb-phone" "seb-tab" ]; # Which devices to share the folder with
devices = [ "seb-phone" "seb-tab" ]; # Which devices to share the folder with
};
};
};
nixpkgs.config.permittedInsecurePackages = [
"electron-24.8.6"
];
security.polkit.enable = true;
networking.firewall.enable = true;
networking.firewall.allowPing = true;
services.samba.openFirewall = true;
# samba
services.samba-wsdd.enable = true; # make shares visible for windows 10 clients
networking.firewall.allowedTCPPorts = [
5357 # wsdd
8888 # for general usage
9999 # for general usage
];
networking.firewall.allowedUDPPorts = [
3702 # wsdd
];
services.samba = {
enable = true;
securityType = "user";
extraConfig = ''
security = user
map to guest = bad user
guest account = me
server role = standalone server
workgroup = WORKGROUP
'';
shares = {
rpi_schule = {
path = "${workDir}/rpi-schule/";
"guest ok" = "yes";
"read only" = "no";
public = "yes";
writable = "yes";
printable = "no";
comment = "share for rpi in school wlan";
};
share = {
comment = "share for sharing stuff";
path = "${workDir}/share";
public = "yes";
"guest ok" = "yes";
"read only" = "no";
writable = "yes";
};
};
};
virtualisation.libvirtd.enable = true;
programs.dconf.enable = true;
system.activationScripts.setupLibvirt = lib.stringAfter [ "var" ] ''
ln -nsf ${workDir}/vm/libvirt/my-image-pool.xml /var/lib/libvirt/storage/my-image-pool.xml
ln -nsf ${workDir}/vm/qemu/* /var/lib/libvirt/qemu/
# there is no /bin/bash
# https://discourse.nixos.org/t/add-bin-bash-to-avoid-unnecessary-pain/5673
ln -nsf /run/current-system/sw/bin/bash /bin/bash
'';
# swap and hibernate
swapDevices = [ { device = "/dev/lvm0/swap"; } ];
boot.resumeDevice = "/dev/lvm0/swap";
services.logind = {
extraConfig = ''
HandlePowerKey=suspend-then-hibernate
'';
lidSwitch = "suspend-then-hibernate";
lidSwitchExternalPower = "suspend-then-hibernate";
lidSwitchDocked = "ignore";
};
systemd.sleep.extraConfig = ''
HibernateDelaySec=2h
HibernateMode=shutdown
'';
}
Reference in New Issue View Git Blame Copy Permalink