55 lines
No EOL
1.4 KiB
Nix
55 lines
No EOL
1.4 KiB
Nix
{ modulesPath, config, pkgs, lib, self, ... }:
|
|
|
|
{
|
|
system.stateVersion = "22.11";
|
|
time.timeZone = "America/Detroit";
|
|
|
|
# Allow non opensource software to be installed
|
|
nixpkgs.config.allowUnfree = true;
|
|
|
|
nix = {
|
|
## NIX FLAKES ##
|
|
package = pkgs.nixUnstable; # or versioned attributes like nix_2_4
|
|
# enable flakes
|
|
extraOptions = ''experimental-features = nix-command flakes'';
|
|
# auto maintainence
|
|
settings.auto-optimise-store = lib.mkDefault true;
|
|
# prevent tampering
|
|
readOnlyStore = true;
|
|
# garbage collections
|
|
gc = {
|
|
automatic = true;
|
|
dates = "weekly";
|
|
options = "--delete-older-than 7d";
|
|
};
|
|
};
|
|
# base packages
|
|
environment.systemPackages = with pkgs; [
|
|
cargo
|
|
dconf2nix
|
|
rustc
|
|
bat
|
|
exa
|
|
uutils-coreutils
|
|
htop
|
|
zsh
|
|
tailscale
|
|
dig #dns lookup
|
|
rage #file encryption
|
|
age-plugin-yubikey #plugin for rage to manage yubi-2fa
|
|
sops #file based secrets operations
|
|
direnv #used for development environments
|
|
|
|
] ++ [self.inputs.devenv.packages.x86_64-linux.devenv];
|
|
|
|
networking = {
|
|
hostName = "creatorforge"; # Define your hostname.
|
|
useDHCP = lib.mkForce true;
|
|
firewall = {
|
|
enable = true;
|
|
allowedTCPPorts = [];
|
|
allowedUDPPorts = [];
|
|
checkReversePath = "loose";
|
|
};
|
|
};
|
|
} |