jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
NixOS/workstation/configuration.org
Danilo Reyes a0ccc04071 segmented dotfiles 
segmensdkd
2023-09-15 15:25:32 -06:00

935 lines
24 KiB
Org Mode
Executable File
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#+TITLE: JawZ NixOS main Configuration
#+AUTHOR: Danilo Reyes
#+PROPERTY: header-args :tangle configuration.nix
#+auto_tangle: t
* TODO [0/6]
- [ ] System configurations [0/8]
- [ ] fail2ban
- [ ] Bluetooth multiple devices + pass-through
- [ ] Topgrade (perhaps unnecessary)
- [ ] dotfiles [0/4]
- [ ] migrate config to home-manager
- [ ] migrate share to home-manager
- [ ] migrate dconf to home-manager
- [-] Migrate apps [3/6]
- [-] paru
- [ ] appimages
- [-] Compile missing apps [1/8]
- [-] zap init
- [-] font-downloader
- [ ] SaveDesktop (flathub)
- [ ] gelata
- [ ] menulibre
- [ ] Misc [0/3]
- [ ] Figure out how to get rid of xterm
* ABOUT
Setting up the document. Also this should allow me to set up variables, and
other functions.
- Global version number so NixOS and Home-Manager are in sync
- The unstable part allows me to build packages from the unstable channel by
prepending "unstable" to a package name.
- The next part creates a simple build of some of my simple scripts, turning
them into binaries which then I can integrate into the nix-store as well as
declared systemd units.
* DECLARATION
Here I will declare the dependencies and variables that will be used multiple
times through the config file, such as the current version of NixOS,
repositories and even some scripts that will be reused on systemd
configurations.
** VARIABLES
#+begin_src nix
{ config, pkgs, ... }:
let
version = "23.05";
myEmail = "CaptainJawZ@outlook.com";
myName = "Danilo Reyes";
home-manager = builtins.fetchTarball "https://github.com/nix-community/home-manager/archive/release-${version}.tar.gz";
unstable = import
(builtins.fetchTarball "https://github.com/nixos/nixpkgs/tarball/master") {
config = config.nixpkgs.config;
};
jawzManageLibrary = pkgs.writeScriptBin
"manage-library" (builtins.readFile ../scripts/manage-library.sh);
jawzTasks = pkgs.writeScriptBin
"tasks" (builtins.readFile ../scripts/tasks.sh);
in
{ # Remember to close this bracket at the end of the document
#+end_src
** IMPORTS
These are files and modules which get loaded onto the configuration file, in the
future I may segment this file into different modules once it becomes too
cluttered, for example, I may create a module for systemd units.
#+begin_src nix
imports = [
./hardware-configuration.nix
./servers.nix
# ./openldap.nix
# <agenix/modules/age.nix>
(import "${home-manager}/nixos")
];
#+end_src
* SYSTEM CONFIGURATION
** NETWORKING
At the moment, I don't have a wireless card on this computer, however as I build
a new system, such setting may come in handy.
Pick *ONLY ONE* of the below networking options.
- *wireless.enable* enables wireless support via wpa_supplicant.
- *NetworkManager* it's the default of GNOME, and easiest to use and integrate.
#+begin_src nix
networking = {
hostName = "workstation";
networkmanager.enable = true;
extraHosts = ''
192.168.1.64 battlestation
'';
firewall = let
open_firewall_ports = [
6969 # HentaiAtHome
25152 # ssh
51413 # torrent sedding
9091 # qbittorrent
2049 # nfs
];
open_firewall_port_ranges = [
{ from = 1714; to = 1764; } # kdeconnect
];
in
{
enable = true;
allowedTCPPorts = open_firewall_ports;
allowedUDPPorts = open_firewall_ports;
allowedTCPPortRanges = open_firewall_port_ranges;
allowedUDPPortRanges = open_firewall_port_ranges;
};
};
#+end_src
** TIMEZONE & LOCALE
For some reason, useXkbConfig throws an error when building the system, either
way it is an unnecessary setting as my keyboards are the default en_US, only
locale set to Canadian out because I prefer how it displays the date.
#+begin_src nix
time.timeZone = "America/Mexico_City";
i18n = {
defaultLocale = "en_CA.UTF-8";
extraLocaleSettings = {
LC_MONETARY = "es_MX.UTF-8";
};
};
console = {
font = "Lat2-Terminus16";
keyMap = "us";
# useXkbConfig = true; # use xkbOptions in tty.
};
#+end_src
* GNOME
At the time of writing this file, I require of X11, as the NVIDIA support for
Wayland is not perfect yet. At the time being, the ability to switch through
GDM from Wayland to XORG, it's pretty handy, but in the future these settings
will require an update.
Sets up GNOME as the default desktop environment, while excluding some
undesirable packages from installing.
#+begin_src nix
services = {
xserver = {
enable = true;
displayManager.defaultSession = "xfce";
desktopManager = {
xfce.enable = true;
xterm.enable = false;
};
layout = "us";
libinput.enable = true; # Wacom required?
};
};
#+end_src
* SOUND
In order to avoid issues with PipeWire, the wiki recommends to disable /sound.enable/
This is a basic PipeWire configuration, in the future stuff like Bluetooth or
latency will require expanding these settings.
#+begin_src nix
hardware.pulseaudio.enable = false;
sound.enable = false;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
#+end_src
* SECURITY
Disabled password in sudo for commodity, but this is obviously not recommended,
regarding rkit, that setting enables pipewire to run with real-time
capabilities. And lastly, the acme settings are for signing certificates.
#+begin_src nix
security = {
rtkit.enable = true;
sudo = {
enable = true;
wheelNeedsPassword = false;
};
acme = {
acceptTerms = true;
defaults.email = "${myEmail}";
};
};
#+end_src
* NIXPKGS
Allow non-free, sadly is a requirement for some of my drivers, besides that,
here is a good place to declare some package overrides as well as permit unsafe
packages.
#+begin_src nix
nixpkgs.config = {
allowUnfree = true;
};
#+end_src
* NORMAL USERS
Being part of the "wheel" group, means that the user has root privileges.
#+begin_src nix
users.users.jawz = {
isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" "docker"
"scanner" "lp" "piracy" "kavita"
"render" "video"
];
initialPassword = "password";
openssh = {
authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB5GaQM4N+yGAByibOFQOBVMV/6TjOfaGIP+NunMiK76 gpodeacero\cdreyes@100CDREYES"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKDXxfFRSgII4w/S1mrekPQdfXNifqRxwJa0wpQo72wB jawz@battlestation"
];
};
#+end_src
This section of the document categorizes and organizes all he packages that I
want installed, attempting to group them as dependencies of others when
necessary.
* USER PACKAGES
Begin the block to install user packages.
#+begin_src nix
packages = (with pkgs; [
#+end_src
** COMMAND-LINE PACKAGES
#+begin_src nix
unstable.yt-dlp # downloads videos from most video websites
unstable.gallery-dl # similar to yt-dlp but for most image gallery websites
gdu # disk-space utility, somewhat useful
du-dust # rusty du
gocryptfs # encrypted filesystem! shhh!!!
exa # like ls but with colors
trashy # oop! didn't meant to delete that
rmlint # probably my favourite app, amazing dupe finder that integrates well with BTRFS
tldr # man for retards
vcsi # video thumbnails for torrents, can I replace it with ^?
tree-sitter # code parsing, required by Doom emacs
torrenttools # create torrent files from the terminal!
lm_sensors # for extension, displays cpu temp
#+end_src
** MY SCRIPTS
Here I compile my own scripts into binaries
#+begin_src nix
jawzManageLibrary
jawzTasks
(writeScriptBin "ffmpeg4discord" (builtins.readFile ../scripts/ffmpeg4discord.py))
(writeScriptBin "ffmpreg" (builtins.readFile ../scripts/ffmpreg.sh))
(writeScriptBin "chat-dl" (builtins.readFile ../scripts/chat-dl.sh))
(writeScriptBin "split-dir" (builtins.readFile ../scripts/split-dir.sh))
(writeScriptBin "pika-list" (builtins.readFile ../scripts/pika-list.sh))
(writeScriptBin "run" (builtins.readFile ../scripts/run.sh))
#+end_src
** DEVELOPMENT PACKAGES
#+begin_src nix
# required by doom emacs, but still are rather useful.
fd # modern find, faster searches
fzf # fuzzy finder! super cool and useful
ripgrep # modern grep
# languagetool # proofreader for English. check if works without the service
graphviz # graphs
tetex
# these two are for doom everywhere
xorg.xwininfo
xdotool
# SH
bats # testing system, required by Exercism
bashdb # autocomplete
shellcheck # linting
shfmt # a shell parser and formatter
# NIX
nixfmt # linting
cachix # why spend time compiling?
# PYTHON.
python3 # base language
# pipenv # python development workflow for humans
# poetry # dependency management made easy
# JS
nodejs # not as bad as I thought
#+end_src
** HUNSPELL
These dictionaries work with Firefox, Doom Emacs and LibreOffice.
#+begin_src nix
hunspell
hunspellDicts.it_IT
hunspellDicts.es_MX
hunspellDicts.en_CA
#+end_src
** CUSTOMIZATION PACKAGES
Themes and other customization, making my DE look the way I want is one of the
main draws of Linux for me.
#+begin_src nix
# Fonts
(nerdfonts.override {
fonts = [ "Agave" "CascadiaCode" "SourceCodePro"
"Ubuntu" "FiraCode" "Iosevka" ];
})
symbola
(papirus-icon-theme.override {
color = "adwaita";
})
#+end_src
** PYTHON
#+begin_src nix
]) ++ (with pkgs.python3Packages; [
flake8 # wraper for pyflakes, pycodestyle and mccabe
isort # sort Python imports
nose # testing and running python scripts
pyflakes # checks source code for errors
pytest # framework for writing tests
speedtest-cli # check internet speed from the comand line
editorconfig # follow rules of contributin
black # Python code formatter
pylint # bug and style checker for python
(buildPythonApplication rec {
pname = "download";
version = "1.5";
src = ../scripts/download/.;
doCheck = false;
buildInputs = [ setuptools ];
propagatedBuildInputs =
[ pyyaml types-pyyaml ];
})
(buildPythonApplication rec {
pname = "ffpb";
version = "0.4.1";
src = fetchPypi {
inherit pname version;
sha256 = "sha256-7eVqbLpMHS1sBw2vYS4cTtyVdnnknGtEI8190VlXflk=";
};
doCheck = false;
buildInputs = [ setuptools ];
propagatedBuildInputs =
[ tqdm ];
})
# (buildPythonApplication rec {
# pname = "qbit_manage";
# version = "4.0.3";
# src = fetchPypi {
# inherit pname version;
# sha256 = "sha256-7eVqbLpMHS1sBw2vYS4cTtyVdnnknGtEI8190VlXflk=";
# };
# doCheck = true;
# buildInputs = [ setuptools ];
# propagatedBuildInputs =
# [ gitpython requests retrying ruamel-yaml schedule unstable.qbittorrent-api ];
# })
#+end_src
** BAT-EXTRAS
#+begin_src nix
]) ++ (with pkgs.bat-extras; [
batman # man pages
batpipe # piping
batgrep # ripgrep
batdiff # this is getting crazy!
batwatch # probably my next best friend
prettybat # trans your sourcecode!
#+end_src
** NODEJS PACKAGES
#+begin_src nix
]) ++ (with pkgs.nodePackages; [
dockerfile-language-server-nodejs # LSP
bash-language-server # LSP
pyright # LSP
markdownlint-cli # Linter
prettier # Linter
pnpm # Package manager
]); }; # <--- end of package list
#+end_src
* HOME-MANAGER
** HOME-MANAGER SETTINGS
These make it so packages install to '/etc' rather than the user home directory,
also allow for upgrades when rebuilding the system.
#+begin_src nix
home-manager.useUserPackages = true;
home-manager.useGlobalPkgs = true;
home-manager.users.jawz = { config, pkgs, ... }:{
home.stateVersion = "${version}";
#+end_src
** DOTFILES
*** BASH
#+begin_src nix
programs.bash = {
enable = true;
historyFile = "\${XDG_STATE_HOME}/bash/history";
historyControl = [ "erasedups" ];
shellAliases = {
ls = "exa --icons --group-directories-first";
edit = "emacsclient -t";
comic = "download -u jawz -i \"$(cat $LC | fzf --multi --exact -i)\"";
gallery = "download -u jawz -i \"$(cat $LW | fzf --multi --exact -i)\"";
open_gallery = "cd /mnt/disk2/scrapping/JawZ/gallery-dl && xdg-open $(fd . ./ Husbands -tdirectory -d 1 | fzf -i)\"";
unique_extensions = "fd -tf | rev | cut -d. -f1 | rev | tr '[:upper:]' '[:lower:]' | sort | uniq --count | sort -rn";
cp = "cp -i";
mv = "mv -i";
mkcd = "mkdir -pv \"$1\" && cd \"$1\" || exit";
mkdir = "mkdir -p";
rm = "trash";
".." = "cd ..";
"..." = "cd ../..";
".3" = "cd ../../..";
".4" = "cd ../../../..";
".5" = "cd ../../../../..";
dl = "download -u jawz -i";
e = "edit";
c = "cat";
f = "fzf --multi --exact -i";
sc = "systemctl --user";
jc = "journalctl --user -xefu";
};
enableVteIntegration = true;
initExtra = ''
#+end_src
#+begin_src bash
$HOME/.local/bin/pokemon-colorscripts -r --no-title
# Lists
list_root="${config.home.homeDirectory}"/.config/jawz/lists/jawz
export LW=$list_root/watch.txt
export LI=$list_root/instant.txt
export LC=$list_root/comic.txt
export command_timeout=30
# GPG_TTY=$(tty)
# export GPG_TTY
if command -v fzf-share >/dev/null; then
source "$(fzf-share)/key-bindings.bash"
source "$(fzf-share)/completion.bash"
fi
nixos-reload () {
nixfmt /home/jawz/Development/NixOS/workstation/*.nix
sudo nixos-rebuild switch -I nixos-config=/home/jawz/Development/NixOS/workstation/configuration.nix
}
#+end_src
#+begin_src nix
'';
};
#+end_src
*** OTHER
#+begin_src nix
programs = {
emacs = {
enable = true;
};
direnv = {
enable = true;
enableBashIntegration = true;
nix-direnv.enable = true;
};
bat = {
enable = true;
config = {
pager = "less -FR";
theme = "base16";
};
};
git = {
enable = true;
userName = "${myName}";
userEmail = "${myEmail}";
};
htop = {
enable = true;
package = pkgs.htop-vim;
};
};
#+end_src
*** XDG
#+begin_src nix
xdg = {
enable = true;
userDirs = {
enable = true;
createDirectories = false;
desktop = "${config.home.homeDirectory}";
documents = "${config.home.homeDirectory}/Documents";
download = "${config.home.homeDirectory}/Downloads";
music = "${config.home.homeDirectory}/Music";
pictures = "${config.home.homeDirectory}/Pictures";
templates = "${config.home.homeDirectory}/.local/share/Templates";
videos = "${config.home.homeDirectory}/Videos";
};
configFile = {
"wgetrc".source = ../dotfiles/wget/wgetrc;
"configstore/update-notifier-npm-check.json".source = ../dotfiles/npm/update-notifier-npm-check.json;
"npm/npmrc".source = ../dotfiles/npm/npmrc;
"gallery-dl/config.json".source = ../dotfiles/gallery-dl/config.json;
"htop/htoprc".source = ../dotfiles/htop/htoprc;
};
};
#+end_src
** USER-SERVICES
#+begin_src nix
services = {
lorri.enable = true;
emacs = {
enable = true;
defaultEditor = true;
package = pkgs.emacs;
};
};
#+end_src
** CLOSING HOME-MANAGER
#+begin_src nix
};
#+end_src
* ENVIRONMENT PACKAGES
These are a MUST to ensure the optimal function of nix, without these, recovery
may be challenging.
#+begin_src nix
environment.systemPackages = with pkgs; [
wget
jellyfin-ffmpeg # coolest video converter!
dlib
];
#+end_src
* ENVIRONMENT VARIABLES
#+begin_src nix
environment.variables = rec {
# PATH
XDG_CACHE_HOME = "\${HOME}/.cache";
XDG_CONFIG_HOME = "\${HOME}/.config";
XDG_BIN_HOME = "\${HOME}/.local/bin";
XDG_DATA_HOME = "\${HOME}/.local/share";
XDG_STATE_HOME = "\${HOME}/.local/state";
# DEV PATH
CABAL_DIR = "\${XDG_CACHE_HOME}/cabal";
CARGO_HOME = "\${XDG_DATA_HOME}/cargo";
GEM_HOME = "\${XDG_DATA_HOME}/ruby/gems";
GEM_PATH = "\${XDG_DATA_HOME}/ruby/gems";
GEM_SPEC_CACHE = "\${XDG_DATA_HOME}/ruby/specs";
GOPATH = "\${XDG_DATA_HOME}/go";
NPM_CONFIG_USERCONFIG = "\${XDG_CONFIG_HOME}/npm/npmrc";
PNPM_HOME = "\${XDG_DATA_HOME}/pnpm";
PSQL_HISTORY="\${XDG_DATA_HOME}/psql_history";
REDISCLI_HISTFILE="\${XDG_DATA_HOME}/redis/rediscli_history";
WINEPREFIX="\${XDG_DATA_HOME}/wine";
# OPTIONS
HISTFILE = "\${XDG_STATE_HOME}/bash/history";
LESSHISTFILE = "-";
GHCUP_USE_XDG_DIRS = "true";
RIPGREP_CONFIG_PATH = "\${XDG_CONFIG_HOME}/ripgrep/ripgreprc";
ELECTRUMDIR = "\${XDG_DATA_HOME}/electrum";
VISUAL = "emacsclient -ca emacs";
WGETRC = "\${XDG_CONFIG_HOME}/wgetrc";
XCOMPOSECACHE = "${XDG_CACHE_HOME}/X11/xcompose";
"_JAVA_OPTIONS" = "-Djava.util.prefs.userRoot=\${XDG_CONFIG_HOME}/java";
DOCKER_CONFIG="\${XDG_CONFIG_HOME}/docker";
# NVIDIA
CUDA_CACHE_PATH = "\${XDG_CACHE_HOME}/nv";
# WEBKIT_DISABLE_COMPOSITING_MODE = "1";
# GBM_BACKEND = "nvidia-drm";
# "__GLX_VENDOR_LIBRARY_NAME" = "nvidia";
# Themes
# GTK_THEME = "Adwaita:light";
CALIBRE_USE_SYSTEM_THEME = "1";
PATH = [
"\${HOME}/.local/bin"
"\${XDG_CONFIG_HOME}/emacs/bin"
"\${XDG_DATA_HOME}/npm/bin"
"\${XDG_DATA_HOME}/pnpm"
];
};
#+end_src
* SNAPRAID
It's a parity raid utility which creates a scheme similar to what UNRAID
offered, except not in real time, I schedule it to run every night, so it keeps
my files sync, while it is possible to use snapraid as a solution to keep a
historic backup of your files, I am more concerned with the whole disk recovery
in case of failure, as such a frequent sync fits my preferences.
#+begin_src nix
snapraid = {
enable = true;
touchBeforeSync = true;
sync.interval = "02:00";
scrub = {
plan = 10;
olderThan = 10;
interval = "4:00";
};
parityFiles = [
"/mnt/parity/snapraid.parity"
];
extraConfig = ''
autosave 5000
'';
exclude = [
"/tmp/"
"/lost+found/"
"/multimedia/downloads/"
"/scrapping/nextcloud/"
"/backups/"
"/glue/Spankbank/____UNORGANIZED/Chaturbate/"
"/nextcloud/nextcloud.log"
];
dataDisks = {
d1 = "/mnt/disk1/";
d2 = "/mnt/disk2/";
};
contentFiles = [
"/var/snapraid.content"
"/mnt/disk1/snapraid.content"
"/mnt/disk2/snapraid.content"
];
};
#+end_src
* PROGRAMS
Some programs get enabled and installed through here, as well as the activation
of some services.
#+begin_src nix
programs = {
starship.enable = true;
fzf.fuzzyCompletion = true;
neovim = {
enable = true;
vimAlias = true;
};
gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
msmtp = {
enable = true;
accounts.default = {
auth = true;
host = "smtp.gmail.com";
port = 587;
tls = true;
from = "stunner6399@gmail.com";
user = "stunner6399@gmail.com";
password = "eqyctcgjdykqeuwt";
};
};
};
#+end_src
* SERVICES
Miscellaneous services, most of which are managed by systemd.
#+begin_src nix
services = {
minidlna = {
enable = true;
openFirewall = true;
settings = {
inotify = "yes";
media_dir = [
"/mnt/disk2/glue"
"/mnt/disk1/multimedia/downloads"
];
};
};
avahi.enable = true;
avahi.nssmdns = true;
fstrim.enable = true;
btrfs.autoScrub = {
enable = true;
fileSystems = [
"/"
"/mnt/disk1"
"/mnt/disk2"
];
};
openssh = {
enable = true;
ports = [ 25152 ];
settings = {
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
};
startWhenNeeded = true;
listenAddresses = [
{
addr = "0.0.0.0";
port = 25152;
}
];
};
};
#+end_src
* SYSTEMD
Home-manager, is not as flushed out when it comes to creating systemd units, so
the best way to define them for now, is using nix.
#+begin_src nix
systemd = {
packages = [ pkgs.qbittorrent-nox ];
services = {
"qbittorrent-nox@jawz" = {
enable = true;
overrideStrategy = "asDropin";
wantedBy = [ "multi-user.target" ];
};
};
timers = { };
user = {
services = {
HentaiAtHome = {
enable = true;
restartIfChanged = true;
description = "Run hentai@home server";
wantedBy = [ "default.target" ];
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
WorkingDirectory="/mnt/hnbox";
ExecStart = "${pkgs.HentaiAtHome}/bin/HentaiAtHome";
};
};
unpackerr = {
enable = true;
restartIfChanged = true;
description = "Run unpackerr";
wantedBy = [ "default.target" ];
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${pkgs.unpackerr}/bin/unpackerr -c /home/jawz/.config/unpackerr.conf";
};
};
manage-library = {
enable = true;
restartIfChanged = true;
description = "Run the manage library bash script";
wantedBy = [ "default.target" ];
path = [
pkgs.bash
pkgs.nix
jawzManageLibrary
];
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${jawzManageLibrary}/bin/manage-library";
};
};
tasks = {
restartIfChanged = true;
description = "Run a tasks script which keeps a lot of things organized";
wantedBy = [ "default.target" ];
path = [
pkgs.bash
pkgs.nix
jawzTasks
];
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${jawzTasks}/bin/tasks";
};
};
qbit_manage = let qbit_dir = "/home/jawz/Development/Git/qbit_manage"; in {
restartIfChanged = true;
description = "Tidy up my torrents";
wantedBy = [ "default.target" ];
path = [
pkgs.python3
pkgs.pipenv
];
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${qbit_dir}/.venv/bin/python3 ${qbit_dir}/qbit_manage.py -r -c ${qbit_dir}/config.yml";
};
};
};
timers = {
tasks = {
enable = true;
description = "Run a tasks script which keeps a lot of things organized";
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "*:0/10";
};
};
qbit_manage = {
enable = true;
description = "Tidy up my torrents";
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "*:0/10";
};
};
};
};
};
#+end_src
* MISC SETTINGS
** ENABLE FONTCONFIG
If enabled, a Fontconfig configuration file will point to a set of default
fonts. If you don't care about running X11 applications or any other program
that uses Fontconfig, you can turn this option off and prevent a dependency on
all those fonts.
=tip= once that Wayland is ready for deployment, I probably can remove this
setting.
#+begin_src nix
fonts.fontconfig.enable = true;
#+end_src
** NFS
#+begin_src nix
fileSystems = {
"/export/disk1" = {
device = "/mnt/disk1";
options = ["bind"];
};
"/export/disk2" = {
device = "/mnt/disk2";
options = ["bind"];
};
"/export/seedbox" = {
device = "/mnt/seedbox";
options = ["bind"];
};
"/export/jawz" = {
device = "/home/jawz";
options = ["bind"];
};
};
services.nfs = {
server = {
enable = true;
exports = ''
/export 192.168.1.64(rw,fsid=0,no_subtree_check)
/export/disk1 192.168.1.64(rw,nohide,insecure,no_subtree_check)
/export/disk2 192.168.1.64(rw,nohide,insecure,no_subtree_check)
/export/seedbox 192.168.1.64(rw,nohide,insecure,no_subtree_check)
/export/jawz 192.168.1.64(rw,nohide,insecure,no_subtree_check)
'';
};
};
#+end_src
* FINAL SYSTEM CONFIGURATIONS
The first setting creates a copy the NixOS configuration file and link it from
the resulting system (/run/current-system/configuration.nix). This is useful in
case you accidentally delete configuration.nix.
The version value determines the NixOS release from which the default settings for
stateful data, like file locations and database versions on your system.
Its perfectly fine and recommended to leave this value at the release version
of the first install of this system.
Lastly I configure in here Cachix repositories, which is a website that keeps a
cache of nixbuilds for easy quick deployments without having to compile
everything from scratch.
#+begin_src nix
system = {
copySystemConfiguration = true;
stateVersion = "${version}";
};
nix = {
settings = {
substituters = [
"https://nix-gaming.cachix.org"
"https://nixpkgs-python.cachix.org"
"https://devenv.cachix.org"
"https://cuda-maintainers.cachix.org"
];
trusted-public-keys = [
"nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4="
"nixpkgs-python.cachix.org-1:hxjI7pFxTyuTHn2NkvWCrAUcNZLNS3ZAvfYNuYifcEU="
"devenv.cachix.org-1:w1cLUi8dv3hnoSPGAuibQv+f9TZLr6cv/Hm9XgU50cw="
"cuda-maintainers.cachix.org-1:0dq3bujKpuEPMCX6U4WylrUDZ9JyUG0VpVZa7CNfq5E="
];
};
gc = {
automatic = true;
dates = "weekly";
};
};
}
#+end_src
# LocalWords: useXkbConfig Wayland XORG NIXPKGS
Reference in New Issue View Git Blame Copy Permalink