63 lines
1.3 KiB
Nix
63 lines
1.3 KiB
Nix
{
|
|
pkgs,
|
|
lib,
|
|
...
|
|
}: {
|
|
imports = [
|
|
./modules/flatpak.nix
|
|
];
|
|
|
|
# NOTE: mkDefault is 1000 and mkForce is 50
|
|
# NOTE: so this is like a second mkDefault
|
|
security.sudo.wheelNeedsPassword = lib.mkDefault true;
|
|
|
|
networking = {
|
|
networkmanager.enable = true;
|
|
|
|
nftables.enable = true;
|
|
firewall.enable = lib.mkDefault true;
|
|
|
|
# Use CloudFlare's WARP+ 1.1.1.1 DNS service
|
|
nameservers = [
|
|
"1.1.1.1"
|
|
"1.0.0.1"
|
|
];
|
|
};
|
|
|
|
programs.nh = {
|
|
enable = true;
|
|
clean.enable = true;
|
|
clean.extraArgs = "--keep-since 7d --keep 3";
|
|
flake = "/home/me/flake"; # sets NH_OS_FLAKE variable for you
|
|
};
|
|
|
|
nix.settings = {
|
|
# make wheel group trusted users allows my "ae" user
|
|
# to import packages not signed by a trusted key
|
|
# (aka super duper easier to remote deploy)
|
|
trusted-users = ["root" "@wheel"];
|
|
experimental-features = [
|
|
"nix-command"
|
|
"flakes"
|
|
"pipe-operators"
|
|
];
|
|
download-buffer-size = 524288000; # 500 MiB
|
|
};
|
|
|
|
time.timeZone = lib.mkDefault "Australia/Brisbane";
|
|
|
|
i18n.defaultLocale = lib.mkDefault "en_US.UTF-8";
|
|
console = {
|
|
font = "Lat2-Terminus16";
|
|
keyMap = "us";
|
|
};
|
|
|
|
users.defaultUserShell = pkgs.bash;
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
git
|
|
vim
|
|
wget
|
|
tree
|
|
];
|
|
}
|