rearrange common nix config, add optimising and garbage collecting
This commit is contained in:
@@ -5,11 +5,48 @@
|
|||||||
inputs,
|
inputs,
|
||||||
...
|
...
|
||||||
}: {
|
}: {
|
||||||
|
|
||||||
imports = [
|
imports = [
|
||||||
inputs.autoaspm.nixosModules.default
|
inputs.autoaspm.nixosModules.default
|
||||||
];
|
];
|
||||||
|
|
||||||
|
# set timezone
|
||||||
|
time.timeZone = "America/Chicago";
|
||||||
|
|
||||||
|
nix = {
|
||||||
|
# garbage collect & remove builds older then 14 days
|
||||||
|
gc = {
|
||||||
|
automatic = true;
|
||||||
|
dates = "daily";
|
||||||
|
options = "--delete-older-than 14d";
|
||||||
|
persistent = true;
|
||||||
|
};
|
||||||
|
# optimise nix store, dedupe and such
|
||||||
|
optimise = {
|
||||||
|
automatic = true;
|
||||||
|
dates = [ "daily" ];
|
||||||
|
};
|
||||||
|
# the goats
|
||||||
|
settings.experimental-features = lib.mkDefault [
|
||||||
|
"nix-command"
|
||||||
|
"flakes"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
|
||||||
|
# allow proprietary packages
|
||||||
|
nixpkgs = {
|
||||||
|
config = {
|
||||||
|
allowUnfree = true;
|
||||||
|
allowUnfreePredicate = _: true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
# power management
|
||||||
|
services.autoaspm.enable = true;
|
||||||
|
powerManagement.powertop.enable = true;
|
||||||
|
|
||||||
|
# things are better this way
|
||||||
|
users.defaultUserShell = pkgs.zsh;
|
||||||
|
|
||||||
# base system package install list
|
# base system package install list
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
wget
|
wget
|
||||||
@@ -32,21 +69,7 @@
|
|||||||
lm_sensors
|
lm_sensors
|
||||||
];
|
];
|
||||||
|
|
||||||
# set timezone
|
# nice to have passwordless sudo
|
||||||
time.timeZone = "America/Chicago";
|
|
||||||
|
|
||||||
# allow proprietary packages
|
|
||||||
nixpkgs.config.allowUnfree = true;
|
|
||||||
|
|
||||||
# power management
|
|
||||||
services.autoaspm.enable = true;
|
|
||||||
powerManagement.powertop.enable = true;
|
|
||||||
|
|
||||||
# enable flakes
|
|
||||||
nix.settings.experimental-features = lib.mkDefault ["nix-command" "flakes"];
|
|
||||||
users.defaultUserShell = pkgs.zsh;
|
|
||||||
|
|
||||||
# passwordless rebuild
|
|
||||||
security.sudo = {
|
security.sudo = {
|
||||||
extraRules = [
|
extraRules = [
|
||||||
{
|
{
|
||||||
|
|||||||
@@ -1,8 +1,15 @@
|
|||||||
{ pkgs, config, lib, modulesPath, inputs, stable_pkgs, unstable_pkgs, ... }:
|
|
||||||
|
|
||||||
{
|
{
|
||||||
imports =
|
pkgs,
|
||||||
[ # Include the results of the hardware scan.
|
config,
|
||||||
|
lib,
|
||||||
|
modulesPath,
|
||||||
|
inputs,
|
||||||
|
stable_pkgs,
|
||||||
|
unstable_pkgs,
|
||||||
|
...
|
||||||
|
}: {
|
||||||
|
imports = [
|
||||||
|
# Include the results of the hardware scan.
|
||||||
(modulesPath + "/installer/scan/not-detected.nix")
|
(modulesPath + "/installer/scan/not-detected.nix")
|
||||||
#./hardware-configuration.nix
|
#./hardware-configuration.nix
|
||||||
../../nixos
|
../../nixos
|
||||||
@@ -11,10 +18,7 @@
|
|||||||
../../../modules/system
|
../../../modules/system
|
||||||
];
|
];
|
||||||
|
|
||||||
home-manager.users.blake.imports = [
|
# home grown nixos modules
|
||||||
../../../users/blake/hosts/yveltal.nix
|
|
||||||
];
|
|
||||||
|
|
||||||
system = {
|
system = {
|
||||||
ssh.enable = true;
|
ssh.enable = true;
|
||||||
sops.enable = true;
|
sops.enable = true;
|
||||||
@@ -26,13 +30,11 @@
|
|||||||
vendor = "intel";
|
vendor = "intel";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
desktop = {
|
desktop = {
|
||||||
pipewire.enable = true;
|
pipewire.enable = true;
|
||||||
hypr.enable = true;
|
hypr.enable = true;
|
||||||
greetd.enable = true;
|
greetd.enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
gaming = {
|
gaming = {
|
||||||
steam.enable = true;
|
steam.enable = true;
|
||||||
lutris.enable = true;
|
lutris.enable = true;
|
||||||
@@ -41,7 +43,13 @@
|
|||||||
mangohud.enable = true;
|
mangohud.enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# import home grown host specific home-manager modules
|
||||||
|
home-manager.users.blake.imports = [
|
||||||
|
../../../users/blake/hosts/yveltal.nix
|
||||||
|
];
|
||||||
|
|
||||||
# fix power buttons
|
# fix power buttons
|
||||||
|
# move this to a laptops file at some point
|
||||||
services.logind.settings.Login = {
|
services.logind.settings.Login = {
|
||||||
HandlePowerKey = "suspend-then-hibernate";
|
HandlePowerKey = "suspend-then-hibernate";
|
||||||
HandleLidSwitch = "suspend-then-hibernate";
|
HandleLidSwitch = "suspend-then-hibernate";
|
||||||
@@ -53,53 +61,47 @@
|
|||||||
|
|
||||||
# boot (systemd is growing on me)
|
# boot (systemd is growing on me)
|
||||||
boot = {
|
boot = {
|
||||||
kernelModules = [ "kvm-intel" ];
|
kernelModules = ["kvm-intel"];
|
||||||
extraModulePackages = [ ];
|
extraModulePackages = [];
|
||||||
loader = {
|
loader = {
|
||||||
systemd-boot.enable = true; # systemd your pretty cool ya know
|
systemd-boot.enable = true; # systemd your pretty cool ya know
|
||||||
efi.canTouchEfiVariables = true;
|
efi.canTouchEfiVariables = true;
|
||||||
};
|
};
|
||||||
initrd = {
|
initrd = {
|
||||||
systemd.enable = true; # better logging
|
systemd.enable = true; # better logging
|
||||||
availableKernelModules = [ "xhci_pci" "thunderbolt" "vmd" "nvme" "usb_storage" "sd_mod" ];
|
availableKernelModules = ["xhci_pci" "thunderbolt" "vmd" "nvme" "usb_storage" "sd_mod"];
|
||||||
kernelModules = [ ];
|
kernelModules = [];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# setup hostname and networking stack
|
# setup hostname and networking stack
|
||||||
services.resolved = {
|
|
||||||
enable = true;
|
|
||||||
fallbackDns = [ "1.1.1.1" "9.9.9.9" ];
|
|
||||||
dnsovertls = "opportunistic";
|
|
||||||
};
|
|
||||||
networking = {
|
networking = {
|
||||||
hostName = "yveltal"; # hostname
|
hostName = "yveltal"; # hostname
|
||||||
useDHCP = lib.mkDefault true;
|
useDHCP = lib.mkDefault true;
|
||||||
interfaces = {
|
interfaces = {
|
||||||
wlp0s20f3.useDHCP = lib.mkDefault true;
|
wlp0s20f3.useDHCP = lib.mkDefault true;
|
||||||
};
|
};
|
||||||
|
firewall = {
|
||||||
|
enable = true;
|
||||||
|
allowedTCPPorts = [22];
|
||||||
|
allowedUDPPorts = [51820]; # wireguard
|
||||||
|
};
|
||||||
networkmanager = {
|
networkmanager = {
|
||||||
enable = true; # the goat
|
enable = true; # the goat
|
||||||
dns = "systemd-resolved"; # the backup dancer!
|
dns = "systemd-resolved"; # the backup dancer!
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
services.resolved = {
|
||||||
|
enable = true;
|
||||||
|
fallbackDns = ["1.1.1.1" "9.9.9.9"];
|
||||||
|
dnsovertls = "opportunistic";
|
||||||
|
};
|
||||||
|
|
||||||
hardware.bluetooth.enable = true;
|
hardware.bluetooth.enable = true;
|
||||||
|
|
||||||
# Open ports in the firewall.
|
|
||||||
networking.firewall.allowedTCPPorts = [
|
|
||||||
22
|
|
||||||
];
|
|
||||||
|
|
||||||
networking.firewall.allowedUDPPorts = [ 51820 ];
|
|
||||||
# Or disable the firewall altogether.
|
|
||||||
networking.firewall.enable = true;
|
|
||||||
|
|
||||||
system.stateVersion = "25.05"; # stays here : )
|
system.stateVersion = "25.05"; # stays here : )
|
||||||
|
|
||||||
|
|
||||||
# hardware shit
|
# hardware shit
|
||||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user