pub-solar-os/profiles/core.nix

165 lines
2.5 KiB
Nix
Raw Normal View History

{ config, lib, pkgs, ... }:
2019-12-15 04:37:46 +00:00
let
inherit (lib)
fileContents
;
in
{
nix.package = pkgs.nixFlakes;
2019-12-18 00:49:26 +00:00
nix.systemFeatures = [
"nixos-test"
"benchmark"
"big-parallel"
"kvm"
];
imports = [
2019-12-14 05:00:11 +00:00
../local/locale.nix
2019-12-05 18:09:17 +00:00
../local/file-systems.nix
];
boot = {
kernelPackages = pkgs.linuxPackages_latest;
tmpOnTmpfs = true;
kernel.sysctl."kernel.sysrq" = 1;
};
environment = {
systemPackages = with pkgs; [
binutils
coreutils
curl
2019-12-17 04:13:33 +00:00
dosfstools
dnsutils
fd
git
2019-12-17 04:13:33 +00:00
gptfdisk
iputils
manpages
moreutils
ripgrep
stdmanpages
utillinux
];
shellAliases = let
ifSudo = string: lib.mkIf config.security.sudo.enable string;
in
{
# quick cd
".." = "cd ..";
"..." = "cd ../..";
"...." = "cd ../../..";
"....." = "cd ../../../..";
2019-12-15 08:17:42 +00:00
# git
g = "git";
2019-12-15 04:37:46 +00:00
# grep
grep = "rg";
gi = "grep -i";
# internet ip
myip = "dig +short myip.opendns.com @208.67.222.222 2>&1";
2019-12-16 04:29:54 +00:00
# nix
2019-12-16 05:33:52 +00:00
n = "nix";
2019-12-16 22:37:31 +00:00
np = "n profile";
ni = "np install";
nr = "np remove";
ns = "n search";
2019-12-16 04:29:54 +00:00
nrb = ifSudo "sudo nixos-rebuild";
# sudo
si = ifSudo "env sudo -i";
sudo = ifSudo "sudo -E ";
se = ifSudo "sudoedit";
# systemd
ctl = "systemctl";
stl = ifSudo "sudo systemctl";
utl = "systemctl --user";
ut = "systemctl --user start";
un = "systemctl --user stop";
up = ifSudo "sudo systemctl start";
dn = ifSudo "sudo systemctl stop";
jctl = "journalctl";
};
};
fonts = {
fonts = with pkgs; [
powerline-fonts
dejavu_fonts
];
fontconfig.defaultFonts = {
monospace = [ "DejaVu Sans Mono for Powerline" ];
sansSerif = [ "DejaVu Sans" ];
};
};
nix = {
autoOptimiseStore = true;
gc.automatic = true;
optimise.automatic = true;
useSandbox = true;
allowedUsers = [ "@wheel" ];
trustedUsers = [ "root" "@wheel" ];
extraOptions = ''
experimental-features = nix-command flakes ca-references
'';
};
nixpkgs.config.allowUnfree = true;
programs.mtr.enable = true;
security = {
hideProcessInformation = true;
protectKernelImage = true;
};
services.earlyoom.enable = true;
2019-12-14 05:47:05 +00:00
users = {
mutableUsers = false;
2019-12-15 04:37:46 +00:00
users.root.hashedPassword = fileContents ../secrets/root;
2019-12-14 05:47:05 +00:00
};
}