66 lines
1.4 KiB
Nix
66 lines
1.4 KiB
Nix
{
|
|
root,
|
|
inputs,
|
|
config,
|
|
pkgs,
|
|
upkgs,
|
|
lib,
|
|
...
|
|
}: {
|
|
# NOTE: mkDefault is 1000 and mkForce is 50
|
|
# NOTE: so this is like a second mkDefault
|
|
security.sudo.wheelNeedsPassword = lib.mkOverride 900 true;
|
|
|
|
networking = {
|
|
networkmanager.enable = true;
|
|
|
|
nftables.enable = true;
|
|
firewall.enable = lib.mkDefault true;
|
|
|
|
# Use CloudFlare's WARP+ 1.1.1.1 DNS service
|
|
nameservers = [
|
|
"1.1.1.1"
|
|
"1.0.0.1"
|
|
];
|
|
};
|
|
|
|
nix.settings = {
|
|
# make wheel group trusted users allows my "ae" user
|
|
# to import packages not signed by a trusted key
|
|
# (aka super duper easier to remote deploy)
|
|
trusted-users = ["root" "@wheel"];
|
|
experimental-features = [
|
|
"nix-command"
|
|
"flakes"
|
|
"pipe-operators"
|
|
];
|
|
download-buffer-size = 524288000; # 500 MiB
|
|
};
|
|
|
|
time.timeZone = lib.mkDefault "Australia/Brisbane";
|
|
|
|
i18n.defaultLocale = "en_US.UTF-8";
|
|
console = {
|
|
font = "Lat2-Terminus16";
|
|
keyMap = "us";
|
|
};
|
|
|
|
users.defaultUserShell = pkgs.bash;
|
|
|
|
home-manager = {
|
|
users =
|
|
config.users.users
|
|
|> builtins.attrNames
|
|
|> builtins.filter (x: builtins.pathExists (root + "/homes/${x}"))
|
|
|> (x: lib.genAttrs x (y: import (root + "/homes/${y}")));
|
|
|
|
extraSpecialArgs = {inherit inputs pkgs upkgs;};
|
|
};
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
git
|
|
vim
|
|
wget
|
|
tree
|
|
];
|
|
}
|