feat: move stuff to modules and remove unneded stuff.
This commit is contained in:
parent
508531f5ef
commit
879ce06305
1 changed files with 1 additions and 99 deletions
|
|
@ -32,9 +32,6 @@
|
|||
fallbackDns = ["127.0.0.1"];
|
||||
};
|
||||
|
||||
# Enable flakes
|
||||
nix.settings.experimental-features = ["nix-command" "flakes"];
|
||||
|
||||
# Setup gpu
|
||||
hardware.graphics = {
|
||||
enable = true;
|
||||
|
|
@ -75,43 +72,6 @@
|
|||
implementation = "broker";
|
||||
};
|
||||
|
||||
# Enable seatd
|
||||
services.seatd.enable = true;
|
||||
|
||||
# Enable sound with pipewire.
|
||||
services.pulseaudio.enable = false;
|
||||
security.rtkit.enable = true;
|
||||
services.pipewire = {
|
||||
enable = true;
|
||||
pulse.enable = true;
|
||||
alsa = {
|
||||
enable = true;
|
||||
support32Bit = true;
|
||||
};
|
||||
};
|
||||
|
||||
# Fix not saving my state
|
||||
hardware.alsa.enablePersistence = true;
|
||||
|
||||
# Enable polkit
|
||||
security.polkit.enable = true;
|
||||
|
||||
# Define a user account. Don't forget to set a password with ‘passwd’.
|
||||
users.users.crony = {
|
||||
linger = true;
|
||||
isNormalUser = true;
|
||||
description = "Crony";
|
||||
hashedPasswordFile = "${config.age.secrets.crony-passwd.path}";
|
||||
extraGroups = ["networkmanager" "wheel" "video" "input" "audio" "gamemode" "seat" "realtime"];
|
||||
openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBJLduAXHWJiglmfRfkBGKffzVWkJP6porxIzw6+Zz3W crony@cronyakatsuki.xyz"
|
||||
];
|
||||
};
|
||||
|
||||
users.users.root.hashedPasswordFile = "${config.age.secrets.root-passwd.path}";
|
||||
|
||||
users.mutableUsers = false;
|
||||
|
||||
# Allow unfree packages
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
|
|
@ -128,70 +88,12 @@
|
|||
];
|
||||
};
|
||||
|
||||
# Optimise storage
|
||||
nix.optimise = {
|
||||
automatic = true;
|
||||
dates = ["weekly"];
|
||||
};
|
||||
|
||||
# List packages installed in system profile
|
||||
environment.systemPackages = with pkgs; [
|
||||
lm_sensors
|
||||
libva-utils
|
||||
alsa-utils
|
||||
neovim
|
||||
podman-compose
|
||||
podman-tui
|
||||
];
|
||||
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
settings = {
|
||||
X11Forwarding = false;
|
||||
PasswordAuthentication = false;
|
||||
};
|
||||
extraConfig = ''
|
||||
PubkeyAuthentication yes
|
||||
PermitEmptyPasswords no
|
||||
|
||||
AddressFamily inet
|
||||
MaxAuthTries 3
|
||||
'';
|
||||
};
|
||||
|
||||
users.users.root.openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBJLduAXHWJiglmfRfkBGKffzVWkJP6porxIzw6+Zz3W crony@cronyakatsuki.xyz"
|
||||
];
|
||||
|
||||
services.fail2ban = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
# Setup iperf3
|
||||
services.iperf3 = {
|
||||
enable = true;
|
||||
openFirewall = true;
|
||||
};
|
||||
|
||||
# Enable my specific settings
|
||||
crony.secrets.enable = true;
|
||||
|
||||
# setup podman for virtualisation
|
||||
virtualisation = {
|
||||
podman = {
|
||||
enable = true;
|
||||
dockerCompat = true;
|
||||
autoPrune = {
|
||||
enable = true;
|
||||
dates = "weekly";
|
||||
flags = [
|
||||
"--filter=until=24h"
|
||||
"--filter=label!=important"
|
||||
];
|
||||
};
|
||||
defaultNetwork.settings.dns.enable = true;
|
||||
};
|
||||
};
|
||||
|
||||
# Enable nixd to see nixpkgs path
|
||||
nix.nixPath = ["nixpkgs=${inputs.nixpkgs}"];
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue