nix/nixos/common.nix

{ config, lib, inputs, system, ... }:
let
  pkgs = inputs.nixpkgs.legacyPackages.${system};
in
{
  services.journald.extraConfig = "SystemMaxUse=1G";

  environment = {
    variables = {
      EDITOR = "hx";
      VISUAL = "hx";
      PAGER = "less";
      MANPAGER = "less";
    };

    systemPackages = with pkgs; [
      age
      bat
      bind
      bottom
      btrfs-progs
      cue
      curl
      dog
      dua
      eza
      fd
      file
      gnumake
      gron
      helix
      hexyl
      htop
      iputils
      jq
      killall
      less
      mosh
      nmap
      openssl
      pciutils
      pv
      rclone
      restic
      ripgrep
      rsync
      rtx
      sd
      sops
      smartmontools
      sqlite
      unzip
      watchexec
      wget
      xh
      zellij
      zstd
    ];
  };

  users.users = {
    daniel = {
      isNormalUser = true;
      home = "/home/daniel/.home";
      openssh.authorizedKeys.keys = [
        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAPLXOjupz3ScYjgrF+ehrbp9OvGAWQLI6fplX6w9Ijb daniel@lyte.dev"
      ];
      group = "daniel";
      extraGroups = [ "users" "wheel" "video" ];
      packages = [ ];
    };

    root = {
      openssh.authorizedKeys.keys = config.users.users.daniel.openssh.authorizedKeys.keys;
    };
  };

  i18n = {
    defaultLocale = "en_US.UTF-8";
  };

  services = {
    xserver = {
      layout = "us";
      xkbOptions = "ctrl:nocaps";
    };

    openssh = {
      enable = true;

      settings = {
        PasswordAuthentication = false;
      };

      # TODO: tailscale can handle this I think...?
      openFirewall = lib.mkDefault true;

      # listenAddresses = [
      #   { addr = "0.0.0.0"; port = 22; }
      # ];
    };

    tailscale = {
      enable = true;
      useRoutingFeatures = lib.mkDefault "client";
    };

    fwupd.enable = true;
    smartd.enable = true;
  };

  console = {
    font = "Lat2-Terminus16";
    useXkbConfig = true;
    earlySetup = true;

    colors = [
      "111111"
      "f92672"
      "a6e22e"
      "f4bf75"
      "66d9ef"
      "ae81ff"
      "a1efe4"
      "f8f8f2"
      "75715e"
      "f92672"
      "a6e22e"
      "f4bf75"
      "66d9ef"
      "ae81ff"
      "a1efe4"
      "f9f8f5"
    ];
  };

  networking = {
    useDHCP = lib.mkDefault true;

    firewall = {
      enable = lib.mkDefault true;
      allowPing = lib.mkDefault true;
      allowedTCPPorts = lib.mkDefault [ 22 ];
      allowedUDPPorts = lib.mkDefault [ ];
    };
  };

  nix = {
    settings = {
      experimental-features = lib.mkDefault [ "nix-command" "flakes" ];
      substituters = [
        "https://nix.h.lyte.dev"
        "https://nix-community.cachix.org"
        "https://cache.nixos.org/"
      ];
      trusted-public-keys = [
        "h.lyte.dev:HeVWtne31ZG8iMf+c15VY3/Mky/4ufXlfTpT8+4Xbs0="
        "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
      ];
    };
  };

  nixpkgs = {
    config = {
      allowUnfree = true;
    };
    hostPlatform = lib.mkDefault "x86_64-linux";
  };

  programs = {
    fish = {
      enable = true;
    };

    tmux = {
      enable = true;
      clock24 = true;
    };

    traceroute.enable = true;

    git = {
      enable = true;

      lfs = {
        enable = true;
      };
    };

    # https://github.com/nix-community/home-manager/issues/3113
    dconf.enable = true;
  };

  time = {
    timeZone = "America/Chicago";
  };

  users = {
    defaultUserShell = pkgs.fish;
  };
}
Merge 2023-09-22 12:56:48 -05:00			`{ config, lib, inputs, system, ... }:`
			`let`
Helix from nixpkgs unstable 2023-10-02 16:06:56 -05:00			`pkgs = inputs.nixpkgs.legacyPackages.${system};`
Merge 2023-09-22 12:56:48 -05:00			`in`
			`{`
Limit journald size 2023-09-06 01:20:43 -05:00			`services.journald.extraConfig = "SystemMaxUse=1G";`
Fully modularized the thinker config 2023-09-05 23:11:14 -05:00
			`environment = {`
			`variables = {`
			`EDITOR = "hx";`
			`VISUAL = "hx";`
			`PAGER = "less";`
			`MANPAGER = "less";`
			`};`

			`systemPackages = with pkgs; [`
			`age`
			`bat`
			`bind`
			`bottom`
Whee 2023-09-06 00:57:08 -05:00			`btrfs-progs`
Add next-ls to helix config and cue to packages 2023-09-19 20:23:53 -05:00			`cue`
Fully modularized the thinker config 2023-09-05 23:11:14 -05:00			`curl`
			`dog`
			`dua`
WIP desktop config port to nix 2023-09-29 16:57:26 -05:00			`eza`
Fully modularized the thinker config 2023-09-05 23:11:14 -05:00			`fd`
			`file`
			`gnumake`
Modular stuff now working on thinker! 2023-09-05 23:51:32 -05:00			`gron`
Helix from nixpkgs unstable 2023-10-02 16:06:56 -05:00			`helix`
Fully modularized the thinker config 2023-09-05 23:11:14 -05:00			`hexyl`
			`htop`
			`iputils`
Modular stuff now working on thinker! 2023-09-05 23:51:32 -05:00			`jq`
Fully modularized the thinker config 2023-09-05 23:11:14 -05:00			`killall`
			`less`
			`mosh`
			`nmap`
			`openssl`
			`pciutils`
Whee 2023-09-06 00:57:08 -05:00			`pv`
Fully modularized the thinker config 2023-09-05 23:11:14 -05:00			`rclone`
			`restic`
			`ripgrep`
			`rsync`
Use nixpkgs unstable rtx 2023-10-02 16:02:01 -05:00			`rtx`
Fully modularized the thinker config 2023-09-05 23:11:14 -05:00			`sd`
			`sops`
Modular stuff now working on thinker! 2023-09-05 23:51:32 -05:00			`smartmontools`
Whee 2023-09-06 00:57:08 -05:00			`sqlite`
Fully modularized the thinker config 2023-09-05 23:11:14 -05:00			`unzip`
			`watchexec`
			`wget`
			`xh`
			`zellij`
			`zstd`
			`];`
			`};`

Cleanup and some modularization 2023-09-05 22:39:17 -05:00			`users.users = {`
			`daniel = {`
			`isNormalUser = true;`
			`home = "/home/daniel/.home";`
			`openssh.authorizedKeys.keys = [`
			`"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAPLXOjupz3ScYjgrF+ehrbp9OvGAWQLI6fplX6w9Ijb daniel@lyte.dev"`
			`];`
Whee 2023-09-06 00:57:08 -05:00			`group = "daniel";`
			`extraGroups = [ "users" "wheel" "video" ];`
Cleanup and some modularization 2023-09-05 22:39:17 -05:00			`packages = [ ];`
			`};`

			`root = {`
			`openssh.authorizedKeys.keys = config.users.users.daniel.openssh.authorizedKeys.keys;`
			`};`
			`};`

			`i18n = {`
			`defaultLocale = "en_US.UTF-8";`
			`};`

			`services = {`
			`xserver = {`
			`layout = "us";`
			`xkbOptions = "ctrl:nocaps";`
			`};`

			`openssh = {`
			`enable = true;`
Fully modularized the thinker config 2023-09-05 23:11:14 -05:00
			`settings = {`
			`PasswordAuthentication = false;`
			`};`

Firewall 2023-09-18 09:02:00 -05:00			`# TODO: tailscale can handle this I think...?`
Merge 2023-09-22 12:56:48 -05:00			`openFirewall = lib.mkDefault true;`
Fully modularized the thinker config 2023-09-05 23:11:14 -05:00
			`# listenAddresses = [`
			`# { addr = "0.0.0.0"; port = 22; }`
			`# ];`
			`};`

			`tailscale = {`
			`enable = true;`
			`useRoutingFeatures = lib.mkDefault "client";`
Cleanup and some modularization 2023-09-05 22:39:17 -05:00			`};`
Modular stuff now working on thinker! 2023-09-05 23:51:32 -05:00
			`fwupd.enable = true;`
			`smartd.enable = true;`
Cleanup and some modularization 2023-09-05 22:39:17 -05:00			`};`

			`console = {`
			`font = "Lat2-Terminus16";`
			`useXkbConfig = true;`
			`earlySetup = true;`

Basic pre-commit hook 2023-09-19 20:56:24 -05:00			`colors = [`
			`"111111"`
			`"f92672"`
			`"a6e22e"`
			`"f4bf75"`
			`"66d9ef"`
			`"ae81ff"`
			`"a1efe4"`
			`"f8f8f2"`
			`"75715e"`
			`"f92672"`
			`"a6e22e"`
			`"f4bf75"`
			`"66d9ef"`
			`"ae81ff"`
			`"a1efe4"`
			`"f9f8f5"`
			`];`
Cleanup and some modularization 2023-09-05 22:39:17 -05:00			`};`

			`networking = {`
			`useDHCP = lib.mkDefault true;`
Fully modularized the thinker config 2023-09-05 23:11:14 -05:00
			`firewall = {`
			`enable = lib.mkDefault true;`
			`allowPing = lib.mkDefault true;`
Merge 2023-09-22 12:56:48 -05:00			`allowedTCPPorts = lib.mkDefault [ 22 ];`
Fully modularized the thinker config 2023-09-05 23:11:14 -05:00			`allowedUDPPorts = lib.mkDefault [ ];`
			`};`
Cleanup and some modularization 2023-09-05 22:39:17 -05:00			`};`

			`nix = {`
			`settings = {`
			`experimental-features = lib.mkDefault [ "nix-command" "flakes" ];`
Whee 2023-09-06 00:57:08 -05:00			`substituters = [`
			`"https://nix.h.lyte.dev"`
			`"https://nix-community.cachix.org"`
			`"https://cache.nixos.org/"`
			`];`
			`trusted-public-keys = [`
			`"h.lyte.dev:HeVWtne31ZG8iMf+c15VY3/Mky/4ufXlfTpT8+4Xbs0="`
			`"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="`
			`];`
Cleanup and some modularization 2023-09-05 22:39:17 -05:00			`};`
			`};`

			`nixpkgs = {`
			`config = {`
			`allowUnfree = true;`
			`};`
			`hostPlatform = lib.mkDefault "x86_64-linux";`
			`};`

Modular stuff now working on thinker! 2023-09-05 23:51:32 -05:00			`programs = {`
			`fish = {`
			`enable = true;`
			`};`

			`tmux = {`
			`enable = true;`
			`clock24 = true;`
			`};`

			`traceroute.enable = true;`

			`git = {`
			`enable = true;`

			`lfs = {`
Cleanup and some modularization 2023-09-05 22:39:17 -05:00			`enable = true;`
			`};`
			`};`
Hide arr 2023-09-28 12:29:21 -05:00
			`# https://github.com/nix-community/home-manager/issues/3113`
			`dconf.enable = true;`
Modular stuff now working on thinker! 2023-09-05 23:51:32 -05:00			`};`
Cleanup and some modularization 2023-09-05 22:39:17 -05:00
			`time = {`
			`timeZone = "America/Chicago";`
			`};`

			`users = {`
			`defaultUserShell = pkgs.fish;`
			`};`
			`}`