nixos-dots

nixos dots
git clone git://popovic.xyz/nixos-dots.git
Log | Files | Refs

host-server.nix (2884B)

      1 {
      2   pkgs,
      3   hostName,
      4   ...
      5 } :
      6 {
      7   imports =
      8     [
      9       ../../users/root.nix
     10       ../../modules/nix_settings.nix
     11     ];
     12 
     13   system.stateVersion = "25.11";
     14 
     15   # vm
     16   virtualisation.vmVariant = {
     17     virtualisation = {
     18       diskSize = 50 * 1028; # 50 GB
     19       memorySize = 16 * 1028; # 16 GB
     20       cores = 6;
     21       resolution = {
     22         x = 1600;
     23         y = 900;
     24       };
     25       qemu.options = [
     26         "-enable-kvm"
     27         "-cpu host"
     28         "-display gtk,zoom-to-fit=false"
     29         "-vga virtio"
     30       ];
     31       forwardPorts = [
     32         { from = "host"; host.port = 2222; guest.port = 61745; }
     33       ];
     34     };
     35   };
     36 
     37   # boot
     38   boot = {
     39     loader = {
     40       systemd-boot.enable = true;
     41       efi.canTouchEfiVariables = true;
     42     };
     43     kernelPackages = pkgs.linuxPackages_latest;
     44     kernelParams = [
     45       "loglevel=3"
     46       "nowatchdog"
     47       "migrations=auto"
     48     ];
     49   };
     50 
     51   # netowrk
     52   networking = {
     53     hostName = "${hostName}";
     54     networkmanager.enable = true;
     55   };
     56 
     57   # time/locale
     58   i18n.defaultLocale = "en_US.UTF-8";
     59 
     60   # users
     61   users.users = {
     62     r2d2 = {
     63       isNormalUser = true;
     64       extraGroups = [ "wheel" ];
     65       initialPassword = "123";
     66       shell = pkgs.zsh;
     67       openssh.authorizedKeys.keys = [
     68         "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCjUjMsWMlPY0YNtSPMdmCIBnNHzT8PdN7Gc0a+RuQg2slRe7Gh1HgRPAX0pg3CIh0oNTDfuOGrOTcl/SdX+WdhChZJkcoKiDKPB98TCioJnYF9k1vouhx0P3soN/Bd4gQEd2Vx0+XTQzmK9VhFtBoNQt9Eh90ZGCrBtsfPB9odDuymotI9FPXSboUPAe3WttzzUeTpY3JurInHW2rCQsYIvti0ZGwdm6EwVjN+6aZ300uT6olrAc+6csyOZrdQQXm1G35x6MLKpYoyFoGQYkS/4vvHMbzj9F9zp8Y+aUZ0+iQvK2owhS7auzELuO2/nqwODCHXLxn8Sg15r0XJn4tVvgAxqvtG+i0SIeqjfrzsu+fg1n2tJGCAq96nyOCruYHcmLOQ0Z9d+hf04Y1thS4GCtNmqT/RGdboDI1xEmg3PaUUPgaL7pCiG+6OtTC/4F0/f/m6neRn219UAPshI7LZKT1aRsBCqKRnEmbUSKWa0ilDntCDsST2VcHwKk0Tjnb+UIvjoHJ2qQQao7i1dmzZ8oUu/9wpyt5aaNxxvcm6qfjht1TGw/1RBHyhOsPNrlHpzUtzbvDdVwHfO0/6eksb73kJ7WMqU+FutbF5ekogcUzkYMo6G7O6hDMFb+w405ontM5syg6OcYWTq2+kllbKiGETxQpizzuWKERCExpHWQ== mika@frame"
     69       ];
     70     };
     71     root = {
     72       shell = pkgs.zsh;
     73     };
     74   };
     75   security.sudo.wheelNeedsPassword = false;
     76 
     77   # services
     78   services = {
     79     fwupd.enable = true;
     80     automatic-timezoned.enable = true;
     81     openssh = {
     82       enable = true;
     83       ports = [ 61745 ];
     84       settings = {
     85         PermitRootLogin = "no";
     86         PasswordAuthentication = false;
     87       };
     88     };
     89   };
     90 
     91   # programs
     92   programs = {
     93     zsh.enable = false;
     94     dconf.enable = true;
     95     gnupg.agent = {
     96       enable = true;
     97       enableSSHSupport = true;
     98     };
     99   };
    100 
    101   environment.variables = {
    102     __ETC_ZSHRC_SOURCED = "1";
    103     __ETC_ZSHENV_SOURCED = "1";
    104   };
    105 
    106   # packages
    107   nixpkgs.config.allowUnfree = true;
    108   environment.systemPackages = with pkgs; [
    109     neovim
    110     wget
    111     zsh
    112     git
    113     curl
    114     tree
    115     coreutils
    116     stdenv
    117     util-linux
    118     pstree
    119   ];
    120 
    121   # fonts
    122   fonts.packages = with pkgs; [
    123     terminus_font
    124   ];
    125 }
    126