45 lines
933 B
Nix
45 lines
933 B
Nix
{
|
|
pkgs,
|
|
lib,
|
|
self,
|
|
...
|
|
}:
|
|
{
|
|
imports = [ ./android-dev.nix ];
|
|
|
|
nixpkgs.overlays = [ self.overlays.unstable-packages ];
|
|
|
|
boot.isContainer = true;
|
|
|
|
# Container shares host network namespace (privateNetwork = false), so the
|
|
# host's tailscale already covers this. Running a second tailscaled in the
|
|
# same netns fights over routing and breaks connectivity after sleep/wake.
|
|
services.tailscale.enable = lib.mkForce false;
|
|
networking.firewall.checkReversePath = lib.mkForce "strict";
|
|
|
|
allowedUnfreePackages = [ "claude-code" ];
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
unstable.claude-code
|
|
git
|
|
python3
|
|
coreutils-full
|
|
gawk
|
|
gnugrep
|
|
];
|
|
|
|
users.users.muede = {
|
|
isNormalUser = true;
|
|
extraGroups = [ "wheel" ];
|
|
};
|
|
|
|
security.sudo.wheelNeedsPassword = false;
|
|
|
|
programs.nix-ld = {
|
|
enable = true;
|
|
libraries = with pkgs; [
|
|
stdenv.cc.cc.lib
|
|
zlib
|
|
];
|
|
};
|
|
}
|