-
Notifications
You must be signed in to change notification settings - Fork 5
/
linux.nix
92 lines (77 loc) · 2.23 KB
/
linux.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
{
# FIXME: uncomment the next line if you want to reference your GitHub/GitLab access tokens and other secrets
# secrets,
username,
hostname,
pkgs,
inputs,
...
}: {
# FIXME: change to your tz! look it up with "timedatectl list-timezones"
time.timeZone = "America/Los_Angeles";
systemd.tmpfiles.rules = [
"d /home/${username}/.config 0755 ${username} users"
"d /home/${username}/.config/lvim 0755 ${username} users"
];
networking.hostName = "${hostname}";
# FIXME: change your shell here if you don't want zsh
programs.zsh.enable = true;
environment.pathsToLink = ["/share/zsh"];
environment.shells = [pkgs.zsh];
environment.enableAllTerminfo = true;
security.sudo.wheelNeedsPassword = false;
users.users.${username} = {
isNormalUser = true;
# FIXME: change your shell here if you don't want zsh
shell = pkgs.zsh;
extraGroups = [
"wheel"
# FIXME: uncomment the next line if you want to run docker without sudo
# "docker"
];
openssh.authorizedKeys.keys = [
# FIXME: MAKE SURE YOU UPDATE THE ID_RSA.PUB FILE
# Generally you should be able to do "cp ~/.ssh/id_rsa.pub ."
(builtins.readFile ./id_rsa.pub)
];
};
home-manager.users.${username} = {
imports = [
./home.nix
];
};
system.stateVersion = "22.05";
virtualisation.docker = {
enable = true;
enableOnBoot = true;
autoPrune.enable = true;
};
nix = {
settings = {
trusted-users = [username];
# FIXME: use your access tokens from secrets.json here to be able to clone private repos on GitHub and GitLab
# access-tokens = [
# "github.com=${secrets.github_token}"
# "gitlab.com=OAuth2:${secrets.gitlab_token}"
# ];
accept-flake-config = true;
auto-optimise-store = true;
};
registry = {
nixpkgs = {
flake = inputs.nixpkgs;
};
};
nixPath = [
"nixpkgs=${inputs.nixpkgs.outPath}"
"nixos-config=/etc/nixos/configuration.nix"
"/nix/var/nix/profiles/per-user/root/channels"
];
package = pkgs.nixFlakes;
extraOptions = ''experimental-features = nix-command flakes'';
gc = {
automatic = true;
options = "--delete-older-than 7d";
};
};
}