restructure
This commit is contained in:
parent
507f3d3c8c
commit
75e9e63e51
SSH key fingerprint:
SHA256:jxWM2RTHvxxcncXycwwWkP7HCWb4VREN05UGJTbIPZg
18 changed files with 292 additions and 197 deletions
|
|
@ -1,9 +1,25 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
randomHour = import ../lib/randomHour.nix { inherit lib; };
|
||||
in
|
||||
{
|
||||
nix = {
|
||||
optimise = {
|
||||
automatic = true;
|
||||
dates = [ "${toString randomHour config.networking.hostName}:00" ];
|
||||
};
|
||||
settings = {
|
||||
auto-optimise-store = true;
|
||||
experimental-features = [ "nix-command" "flakes" ];
|
||||
};
|
||||
gc = {
|
||||
automatic = true;
|
||||
options = "--delete-older-than 7d";
|
||||
};
|
||||
};
|
||||
|
||||
boot = {
|
||||
initrd.availableKernelModules = [ "ahci" "xhci_pci" "ehci_pci" "megaraid_sas" "nvme" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
|
||||
kernelModules = [ "kvm-intel" ];
|
||||
loader = {
|
||||
systemd-boot.enable = true;
|
||||
efi.canTouchEfiVariables = true;
|
||||
|
|
@ -11,23 +27,34 @@
|
|||
kernelPackages = pkgs.linuxPackages_latest;
|
||||
};
|
||||
|
||||
fileSystems = {
|
||||
"/" = {
|
||||
device = "/dev/disk/by-label/ROOT";
|
||||
fsType = "ext4";
|
||||
options = [ "discard" "noatime" ];
|
||||
};
|
||||
"/boot" = {
|
||||
device = "/dev/disk/by-label/BOOT";
|
||||
fsType = "vfat";
|
||||
options = [ "fmask=0022" "dmask=0022" "discard" "noatime" ];
|
||||
};
|
||||
networking = {
|
||||
search = [ "xengi.de" ];
|
||||
useNetworkd = true;
|
||||
nftables.enable = true;
|
||||
dhcpcd.enable = false;
|
||||
useDHCP = false;
|
||||
nameservers = [
|
||||
"2606:4700:4700::1111#one.one.one.one"
|
||||
"2620:fe::fe#dns.quad9.net"
|
||||
];
|
||||
firewall.enable = true;
|
||||
};
|
||||
|
||||
swapDevices = [];
|
||||
services.resolved = {
|
||||
enable = true;
|
||||
fallbackDns = [
|
||||
"1.1.1.1#one.one.one.one"
|
||||
"9.9.9.9#dns.quad9.net"
|
||||
];
|
||||
llmnr = "false";
|
||||
extraConfig = ''
|
||||
MulticastDNS=false
|
||||
'';
|
||||
dnssec = "allow-downgrade";
|
||||
dnsovertls = "true"; #"opportunistic";
|
||||
};
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
|
||||
time.timeZone = "Europe/Berlin";
|
||||
|
||||
|
|
@ -37,9 +64,37 @@
|
|||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
vim
|
||||
git
|
||||
];
|
||||
|
||||
system.stateVersion = "25.11";
|
||||
programs = {
|
||||
vim = {
|
||||
enable = true;
|
||||
defaultEditor = true;
|
||||
};
|
||||
mtr.enable = true;
|
||||
htop = {
|
||||
enable = true;
|
||||
settings = {
|
||||
highlight_base_name = true;
|
||||
show_cpu_frequency = true;
|
||||
show_cpu_temperature = true;
|
||||
update_process_names = true;
|
||||
color_scheme = "6";
|
||||
};
|
||||
};
|
||||
tmux = {
|
||||
enable = true;
|
||||
terminal = "screen-256color";
|
||||
shortcut = "a";
|
||||
plugins = with pkgs.tmuxPlugins; [ sensible ];
|
||||
newSession = true;
|
||||
historyLimit = 10000;
|
||||
clock24 = true;
|
||||
};
|
||||
};
|
||||
|
||||
security.sudo.execWheelOnly = true;
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue