nixos-configuration/nix-os/core.nix

98 lines
2.8 KiB
Nix
Raw Permalink Normal View History

2023-12-12 00:48:10 +01:00
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running 'nixos-help').
2023-12-12 00:48:10 +01:00
{ inputs, lib, pkgs, ... }:
2023-12-12 00:48:10 +01:00
let
/*
* pkg: package - nixpkgs package
* exe: string - executable (under bin) in pkgs
* wrapperArgs: string[] - arguments to pass to the wrapper
*/
mkWrappedExecutable = {pkg, exe ? pkg.meta.mainProgram, wrapperArgs}: let inherit (pkgs) lib makeWrapper; in lib.hiPrio (
pkgs.stdenv.mkDerivation {
inherit wrapperArgs;
name = "${pkg.name}-wrap-${exe}";
nativeBuildInputs = [ makeWrapper ];
phases = ["installPhase"];
installPhase = ''
mkdir -p $out/bin
makeWrapper ${pkg}/bin/${exe} $out/bin/${exe} $wrapperArgs
'';
}
);
2024-06-01 01:12:39 +02:00
# bool -> nixpkgs[]
wrappedNixExecutables = inEnvironment: assert builtins.isBool inEnvironment; [
(mkWrappedExecutable {pkg = pkgs.nix; exe = "nix-build"; wrapperArgs = ["--add-flags" "\"--log-format\"" "--add-flags" "bar${lib.optionalString inEnvironment "-with-logs"}"];})
(mkWrappedExecutable {pkg = pkgs.nix; exe = "nix-shell"; wrapperArgs = ["--add-flags" "\"--log-format\"" "--add-flags" "bar"];})
];
2024-06-01 03:27:45 +02:00
wrappedNixosExecutables = [
(mkWrappedExecutable {pkg = pkgs.nixos-rebuild; wrapperArgs = ["--add-flags" "\"--log-format\"" "--add-flags" "bar"];})
];
2024-06-01 01:12:39 +02:00
wrappedNix = (pkgs.buildEnv {
name = "wrappedNix-${pkgs.nix.version}";
paths = [ pkgs.nix ] ++ wrappedNixExecutables false;
}).overrideAttrs {
version = pkgs.nix.version;
};
in
2023-12-12 00:48:10 +01:00
{
2023-12-22 00:54:40 +01:00
# kernel
boot.kernelPackages = pkgs.linuxPackages_latest;
2023-12-12 00:48:10 +01:00
# Enable networking
networking.networkmanager.enable = true;
# Allow unfree packages
nixpkgs.config.allowUnfree = true;
nix = {
package = wrappedNix;
channel.enable = false;
settings.nix-path = [
"nixpkgs=${pkgs.selfExpr { useConfig = false; }}"
"systemNixpkgs=${pkgs.selfExpr { useConfig = true; name = "systemNixpkgs-self"; }}"
# don't garbage collect the nixpkgs input
"inputsNixpkgs=${inputs.nixpkgs}"
];
};
2023-12-12 00:48:10 +01:00
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
wget
ffmpeg
yt-dlp
htop
btop
2024-05-02 10:00:04 +02:00
fastfetch
2023-12-12 00:48:10 +01:00
smartmontools
ddrescue
2024-06-01 03:27:45 +02:00
] ++ wrappedNixExecutables true
++ wrappedNixosExecutables;
2023-12-12 00:48:10 +01:00
2024-05-28 12:22:59 +02:00
programs.git.enable = true;
2024-05-28 12:18:08 +02:00
programs.git.config = {
init.defaultBranch = "main";
merge.conflictstyle = "diff3";
rerere.enabled = true;
};
2023-12-12 00:48:10 +01:00
# Enable fail2ban because of the OpenSSH server
services.fail2ban = {
enable = true;
maxretry = 10;
bantime = "7d";
};
# Enable the OpenSSH daemon.
services.openssh = {
enable = true;
ports = [
22
8022
];
};
}