jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
NixOS/hosts/workstation/configuration.nix

170 lines
4.3 KiB
Nix
Raw Blame History

{ config, lib, pkgs, ... }:
let
unstable = import
(builtins.fetchTarball "https://github.com/nixos/nixpkgs/tarball/master") {
config = config.nixpkgs.config;
};
in {
imports = [
# <agenix/modules/age.nix>
./hardware-configuration.nix
../../base.nix
../../gnome.nix
];
my = {
emacs.enable = true;
apps = {
art.enable = true;
dictionaries.enable = true;
fonts.enable = true;
gaming.enable = true;
internet.enable = true;
multimedia.enable = true;
office.enable = true;
misc.enable = true;
};
dev = {
haskell.enable = true;
nix.enable = true;
python.enable = true;
gameDev.enable = true;
sh.enable = true;
javascript.enable = false;
docker.enable = false;
};
shell = {
exercism.enable = true;
multimedia.enable = true;
tools.enable = true;
};
services = {
network.enable = true;
nvidia.enable = true;
printing.enable = true;
sound.enable = true;
};
scripts = { tasks.enable = true; };
};
networking = {
hostName = "workstation";
firewall = let
openPorts = [
6674 # ns-usbloader
];
openPortRanges = [{
from = 1714; # kdeconnect
to = 1764; # kdeconnect
}];
in {
allowedTCPPorts = openPorts;
allowedUDPPorts = openPorts;
allowedTCPPortRanges = openPortRanges;
allowedUDPPortRanges = openPortRanges;
};
};
nix = let
featuresList = [
"nixos-test"
"benchmark"
"big-parallel"
"kvm"
"gccarch-znver3"
"gccarch-skylake"
"gccarch-alderlake"
];
in {
distributedBuilds = true;
settings = {
cores = 16;
trusted-users = [ "nixremote" ];
system-features = featuresList;
};
};
nixpkgs.config = {
allowUnfree = true;
permittedInsecurePackages = [ ];
};
users = {
groups.nixremote.gid = 555;
users = {
nixremote = {
isNormalUser = true;
createHome = true;
group = "nixremote";
home = "/var/nixremote/";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN6HsajaTL+nTJtSIu00M5WJwgt/7fyU59gBr2R7tbnv root@server"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGrC7sVvDT0is2oq/H1Do99LPaQKvyGMAsrF6/fuf1aP root@miniserver"
];
};
jawz = {
packages = (with pkgs; [
gocryptfs # encrypted filesystem! shhh!!!
torrenttools # create torrent files from the terminal!
vcsi # video thumbnails for torrents, can I replace it with ^?
(writeScriptBin "ffmpeg4discord"
(builtins.readFile ../../scripts/ffmpeg4discord.py))
(writeScriptBin "ffmpreg"
(builtins.readFile ../../scripts/ffmpreg.sh))
(writeScriptBin "split-dir"
(builtins.readFile ../../scripts/split-dir.sh))
(writeScriptBin "run" (builtins.readFile ../../scripts/run.sh))
(writeScriptBin "pika-list"
(builtins.readFile ../../scripts/pika-list.sh))
]) ++ (with pkgs.python3Packages;
[
(buildPythonApplication rec {
pname = "download";
version = "1.5";
src = ../../scripts/download/.;
doCheck = false;
buildInputs = [ setuptools ];
propagatedBuildInputs = [ pyyaml types-pyyaml ];
})
]);
};
};
};
environment.etc = {
"wireplumber/bluetooth.lua.d/51-bluez-config.lua".text = ''
bluez_monitor.properties = {
["bluez5.enable-sbc-xq"] = true,
["bluez5.enable-msbc"] = true,
["bluez5.enable-hw-volume"] = true,
["bluez5.headset-roles"] = "[ hsp_hs hsp_ag hfp_hf hfp_ag ]"
}
'';
};
programs = {
kdeconnect = {
enable = true;
package = pkgs.gnomeExtensions.gsconnect;
};
# nh = {
# enable = true;
# clean.enable = true;
# clean.extraArgs = "--keep-since 4d --keep 3";
# };
};
services.resilio = {
deviceName = "chichis";
enable = true;
useUpnp = true;
enableWebUI = true;
httpPass = "528491";
httpLogin = "chichis";
httpListenPort = 9876;
httpListenAddr = "0.0.0.0";
directoryRoot = "/resilio";
};
}
Reference in New Issue View Git Blame Copy Permalink