2024-06-16 20:08:29 -03:00
|
|
|
|
{
|
|
|
|
|
|
config,
|
2025-09-13 22:13:08 -03:00
|
|
|
|
inputs,
|
|
|
|
|
|
lib,
|
2024-06-16 20:08:29 -03:00
|
|
|
|
pkgs,
|
|
|
|
|
|
...
|
2025-09-13 22:13:08 -03:00
|
|
|
|
}:
|
|
|
|
|
|
with lib; {
|
2024-06-15 18:29:36 -03:00
|
|
|
|
imports = [
|
2024-09-18 09:58:09 -03:00
|
|
|
|
./capytal
|
2025-09-13 11:28:42 -03:00
|
|
|
|
./abaduh
|
|
|
|
|
|
./common
|
2024-06-15 18:29:36 -03:00
|
|
|
|
|
2025-09-13 11:28:42 -03:00
|
|
|
|
./secrets.nix
|
2024-06-15 18:29:36 -03:00
|
|
|
|
|
2025-09-13 11:28:42 -03:00
|
|
|
|
./hardware-configuration.nix
|
|
|
|
|
|
];
|
2024-06-15 18:29:36 -03:00
|
|
|
|
|
2025-09-13 11:28:42 -03:00
|
|
|
|
# User settings
|
2025-04-01 10:08:14 -03:00
|
|
|
|
programs.zsh.enable = true;
|
|
|
|
|
|
|
2024-06-15 18:29:36 -03:00
|
|
|
|
users.users."guz" = {
|
|
|
|
|
|
shell = pkgs.zsh;
|
|
|
|
|
|
hashedPasswordFile = builtins.toString config.sops.secrets."guz/password".path;
|
|
|
|
|
|
home = "/home/guz";
|
|
|
|
|
|
isNormalUser = true;
|
2024-09-09 16:55:07 -03:00
|
|
|
|
extraGroups = ["wheel" "networkmanager" "plugdev" "docker"];
|
2024-10-01 19:36:20 -03:00
|
|
|
|
openssh.authorizedKeys.keyFiles = [
|
|
|
|
|
|
./.ssh/guz.pub
|
|
|
|
|
|
];
|
2025-09-13 11:28:42 -03:00
|
|
|
|
packages = with pkgs;
|
|
|
|
|
|
[
|
|
|
|
|
|
libinput
|
2025-09-13 22:13:08 -03:00
|
|
|
|
inputs.dot013-nix.packages.${pkgs.system}.neovim
|
2025-09-13 11:28:42 -03:00
|
|
|
|
]
|
|
|
|
|
|
++ (with inputs.dot013-nix.packages.${pkgs.system}.devkit; [
|
|
|
|
|
|
git
|
|
|
|
|
|
lazygit
|
|
|
|
|
|
starship
|
|
|
|
|
|
zellij
|
|
|
|
|
|
zsh
|
|
|
|
|
|
]);
|
2024-06-15 18:29:36 -03:00
|
|
|
|
};
|
|
|
|
|
|
|
2025-09-13 22:13:08 -03:00
|
|
|
|
environment.sessionVariables = {
|
|
|
|
|
|
EDITOR = getExe inputs.dot013-nix.packages.${pkgs.system}.neovim;
|
|
|
|
|
|
};
|
|
|
|
|
|
|
2025-09-13 11:28:42 -03:00
|
|
|
|
# GnuPG
|
2024-06-15 18:29:36 -03:00
|
|
|
|
programs.gnupg.agent = {
|
|
|
|
|
|
enable = true;
|
|
|
|
|
|
pinentryPackage = pkgs.pinentry-gnome3;
|
|
|
|
|
|
settings = {
|
|
|
|
|
|
default-cache-ttl = 3600 * 24;
|
|
|
|
|
|
};
|
|
|
|
|
|
};
|
|
|
|
|
|
|
2025-09-13 11:28:42 -03:00
|
|
|
|
security.rtkit.enable = true;
|
2024-06-15 18:29:36 -03:00
|
|
|
|
|
2025-09-13 11:28:42 -03:00
|
|
|
|
# Nix commands
|
2024-06-16 20:08:29 -03:00
|
|
|
|
nix.settings.experimental-features = ["nix-command" "flakes"];
|
2024-09-29 14:30:29 -03:00
|
|
|
|
nix.gc = {
|
|
|
|
|
|
automatic = true;
|
|
|
|
|
|
dates = "weekly";
|
|
|
|
|
|
options = "--delete-older-than 10d";
|
|
|
|
|
|
};
|
2024-06-15 18:29:36 -03:00
|
|
|
|
|
2025-09-13 11:28:42 -03:00
|
|
|
|
programs.nh.enable = true;
|
|
|
|
|
|
programs.nh.flake = "/home/guz/nix";
|
|
|
|
|
|
|
|
|
|
|
|
# Locale settings
|
|
|
|
|
|
i18n.defaultLocale = "en_US.UTF-8";
|
|
|
|
|
|
i18n.extraLocaleSettings = rec {
|
|
|
|
|
|
LC_ADDRESS = "pt_BR.UTF-8";
|
|
|
|
|
|
LC_IDENTIFICATION = LC_ADDRESS;
|
|
|
|
|
|
LC_MEASUREMENT = LC_ADDRESS;
|
|
|
|
|
|
LC_MONETARY = LC_ADDRESS;
|
|
|
|
|
|
LC_NAME = LC_ADDRESS;
|
|
|
|
|
|
LC_NUMERIC = LC_ADDRESS;
|
|
|
|
|
|
LC_PAPER = LC_ADDRESS;
|
|
|
|
|
|
LC_TELEPHONE = LC_ADDRESS;
|
|
|
|
|
|
LC_TIME = LC_ADDRESS;
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
console.keyMap = "br-abnt2";
|
|
|
|
|
|
|
|
|
|
|
|
time.timeZone = "America/Sao_Paulo";
|
|
|
|
|
|
|
|
|
|
|
|
# Networking
|
2024-06-15 18:29:36 -03:00
|
|
|
|
networking = {
|
|
|
|
|
|
networkmanager.enable = true;
|
|
|
|
|
|
hostName = "spacestation";
|
|
|
|
|
|
wireless.enable = false;
|
|
|
|
|
|
dhcpcd.enable = true;
|
2025-09-13 11:28:42 -03:00
|
|
|
|
defaultGateway = "192.168.0.1";
|
2024-06-15 18:29:36 -03:00
|
|
|
|
interfaces."eno1".ipv4.addresses = [
|
|
|
|
|
|
{
|
2025-09-13 11:28:42 -03:00
|
|
|
|
address = "192.168.0.110";
|
2024-06-15 18:29:36 -03:00
|
|
|
|
prefixLength = 24;
|
|
|
|
|
|
}
|
|
|
|
|
|
];
|
2024-11-29 19:10:18 -03:00
|
|
|
|
nameservers = ["9.9.9.9"];
|
2024-06-15 18:29:36 -03:00
|
|
|
|
};
|
|
|
|
|
|
|
2025-09-13 11:28:42 -03:00
|
|
|
|
# SSH/Mosh configuration
|
2024-06-15 18:29:36 -03:00
|
|
|
|
services.openssh.enable = true;
|
2024-10-01 19:36:20 -03:00
|
|
|
|
services.openssh.settings = {
|
|
|
|
|
|
PasswordAuthentication = false;
|
|
|
|
|
|
PermitRootLogin = "forced-commands-only";
|
|
|
|
|
|
};
|
2024-06-15 18:29:36 -03:00
|
|
|
|
|
2025-09-13 11:28:42 -03:00
|
|
|
|
programs.mosh.enable = true;
|
|
|
|
|
|
programs.mosh.openFirewall = true;
|
2024-06-15 18:29:36 -03:00
|
|
|
|
|
2025-09-17 22:25:29 -03:00
|
|
|
|
# Mount points
|
|
|
|
|
|
fileSystems."/mnt/sdb1" = {
|
|
|
|
|
|
device = "/dev/disk/by-uuid/a47ddc97-d7f0-4e35-a283-4506e14a0729";
|
|
|
|
|
|
fsType = "ext4";
|
|
|
|
|
|
};
|
|
|
|
|
|
|
2024-06-15 18:29:36 -03:00
|
|
|
|
# Bootloader.
|
|
|
|
|
|
boot.loader.systemd-boot.enable = true;
|
|
|
|
|
|
boot.loader.efi.canTouchEfiVariables = true;
|
|
|
|
|
|
|
|
|
|
|
|
# Allow unfree packages
|
|
|
|
|
|
nixpkgs.config.allowUnfree = true;
|
|
|
|
|
|
|
|
|
|
|
|
# This value determines the NixOS release from which the default
|
|
|
|
|
|
# settings for stateful data, like file locations and database versions
|
|
|
|
|
|
# on your system were taken. It‘s perfectly fine and recommended to leave
|
|
|
|
|
|
# this value at the release version of the first install of this system.
|
|
|
|
|
|
# Before changing this value read the documentation for this option
|
|
|
|
|
|
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
|
|
|
|
|
system.stateVersion = "23.11"; # Did you read the comment?
|
|
|
|
|
|
}
|
