nixos-configuration/nix-os/core.nix

73 lines
1.9 KiB
Nix
Raw Normal View History

2023-12-12 00:48:10 +01:00
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running 'nixos-help').
2023-12-12 00:48:10 +01:00
{ config, pkgs, lib, ... }:
2023-12-12 00:48:10 +01:00
let
/*
* pkgs: package - nixpkgs package
* exe: string - executable (under bin) in pkgs
* wrapperArgs: string[] - arguments to pass to the wrapper
*/
mkWrappedExecutable = {pkg, exe ? pkg.meta.mainProgram, wrapperArgs}: let inherit (pkgs) lib makeWrapper; in pkgs.stdenv.mkDerivation {
name = "${pkg.name}-wrap-${exe}";
nativeBuildInputs = [ makeWrapper ];
phases = ["installPhase"];
installPhase = ''
mkdir -p $out/bin
makeWrapper ${pkg}/bin/${exe} $out/bin/${exe} ${lib.concatStringsSep " " wrapperArgs}
'';
};
wrapedNixPrograms = builtins.map lib.hiPrio [
(mkWrappedExecutable {pkg = pkgs.nix; exe = "nix-build"; wrapperArgs = ["--add-flags" "\"--log-format\"" "--add-flags" "bar-with-logs"];})
(mkWrappedExecutable {pkg = pkgs.nix; exe = "nix-shell"; wrapperArgs = ["--add-flags" "\"--log-format\"" "--add-flags" "bar"];})
];
in
2023-12-12 00:48:10 +01:00
{
2023-12-22 00:54:40 +01:00
# kernel
boot.kernelPackages = pkgs.linuxPackages_latest;
2023-12-12 00:48:10 +01:00
# Enable networking
networking.networkmanager.enable = true;
# Allow unfree packages
nixpkgs.config.allowUnfree = true;
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
wget
ffmpeg
yt-dlp
htop
btop
2024-05-02 10:00:04 +02:00
fastfetch
2023-12-12 00:48:10 +01:00
smartmontools
ddrescue
] ++ wrapedNixPrograms;
2023-12-12 00:48:10 +01:00
2024-05-28 12:22:59 +02:00
programs.git.enable = true;
2024-05-28 12:18:08 +02:00
programs.git.config = {
init.defaultBranch = "main";
merge.conflictstyle = "diff3";
rerere.enabled = true;
};
2023-12-12 00:48:10 +01:00
# Enable fail2ban because of the OpenSSH server
services.fail2ban = {
enable = true;
maxretry = 10;
bantime = "7d";
};
# Enable the OpenSSH daemon.
services.openssh = {
enable = true;
ports = [
22
8022
];
};
}