97 lines
1.8 KiB
Nix
97 lines
1.8 KiB
Nix
{ config, pkgs, lib, ... }:
|
|
let secrets = import ./secrets.nix;
|
|
in {
|
|
environment.shells = with pkgs; [ bashInteractive zsh ];
|
|
|
|
services = {
|
|
vnstat.enable = true;
|
|
tuptime.enable = true;
|
|
openssh = {
|
|
enable = true;
|
|
settings = {
|
|
PermitRootLogin = "no";
|
|
PasswordAuthentication = false;
|
|
};
|
|
openFirewall = true;
|
|
extraConfig = "StreamLocalBindUnlink yes";
|
|
};
|
|
nextdns = {
|
|
enable = true;
|
|
arguments = [
|
|
"-config"
|
|
secrets.nextdnshash
|
|
"-cache-size"
|
|
"10MB"
|
|
"-listen"
|
|
"127.0.0.1:53"
|
|
"-report-client-info"
|
|
];
|
|
};
|
|
fwupd.enable = true;
|
|
journald = { extraConfig = "SystemMaxUse=500M"; };
|
|
};
|
|
|
|
networking = {
|
|
nameservers = [ "127.0.0.1" "::1" ];
|
|
hosts = {
|
|
"207.180.220.97" = [ "szczepan.ski" ];
|
|
"10.100.0.1" = [ "vps.wg" ];
|
|
"10.100.0.2" = [ "desktop.wg" ];
|
|
"10.100.0.3" = [ "mini.wg" ];
|
|
};
|
|
# If using dhcpcd:
|
|
dhcpcd.extraConfig = "nohook resolv.conf";
|
|
# If using NetworkManager:
|
|
networkmanager.dns = "none";
|
|
};
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
ack
|
|
borgbackup
|
|
btrfs-progs
|
|
cargo
|
|
gnupg
|
|
gocryptfs
|
|
graphviz
|
|
hdparm
|
|
home-manager
|
|
inxi
|
|
iotop
|
|
lm_sensors
|
|
lsd
|
|
lsof
|
|
man-pages
|
|
mlocate
|
|
nethogs
|
|
nix-du
|
|
nix-tree
|
|
nmap
|
|
nodejs
|
|
parallel
|
|
pciutils
|
|
# plocate
|
|
ruby
|
|
unixtools.xxd
|
|
unzip
|
|
usbutils
|
|
wget
|
|
];
|
|
|
|
documentation.enable = false;
|
|
|
|
nix.settings = { auto-optimise-store = true; };
|
|
|
|
boot = {
|
|
tmp.useTmpfs = true;
|
|
kernelParams = [ "quiet" ];
|
|
consoleLogLevel = 0;
|
|
kernel.sysctl = { "vm.max_map_count" = 262144; };
|
|
};
|
|
|
|
nix.gc = {
|
|
automatic = true;
|
|
dates = "weekly";
|
|
options = "--delete-older-than 30d";
|
|
};
|
|
}
|