2016-01-28 02:59:31 +01:00
|
|
|
|
# Edit this configuration file to define what should be installed on
|
|
|
|
|
# your system. Help is available in the configuration.nix(5) man page
|
|
|
|
|
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
|
|
|
|
|
|
|
|
|
{ config, pkgs, ... }:
|
|
|
|
|
|
|
|
|
|
let secrets = import <secrets>;
|
|
|
|
|
in
|
|
|
|
|
{
|
|
|
|
|
imports =
|
2017-02-02 17:22:03 +01:00
|
|
|
|
[ ../physical/hp8570w.nix
|
2016-01-28 02:59:31 +01:00
|
|
|
|
../roles/common.nix
|
2017-02-02 16:31:19 +01:00
|
|
|
|
../roles/workstation.nix
|
2016-01-28 02:59:31 +01:00
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
# no, not that Ascanius.
|
|
|
|
|
networking.hostName = secrets.hostnames.ascanius;
|
|
|
|
|
|
|
|
|
|
nixpkgs.config = {
|
|
|
|
|
packageOverrides = pkgs : {
|
|
|
|
|
bluez = pkgs.bluez5;
|
2017-01-26 14:55:53 +01:00
|
|
|
|
# https://github.com/NixOS/nixpkgs/issues/22099
|
2018-02-25 21:29:39 +01:00
|
|
|
|
trustedGrub = pkgs.grub2.overrideDerivation (attr: rec {
|
|
|
|
|
version = "2.x-20170910";
|
|
|
|
|
name = "trustedGRUB2-${version}";
|
|
|
|
|
buildInputs = attr.buildInputs ++ (with pkgs;[autoconf automake]);
|
|
|
|
|
prePatch = ''
|
|
|
|
|
rm -rf po
|
|
|
|
|
tar Jxf ${pkgs.grub2.src} grub-2.02/po
|
|
|
|
|
cp -r grub-2.02/po po
|
|
|
|
|
./autogen.sh
|
|
|
|
|
'';
|
|
|
|
|
src = pkgs.fetchFromGitHub {
|
|
|
|
|
repo = "TrustedGRUB2";
|
|
|
|
|
owner = "Rohde-Schwarz-Cybersecurity";
|
|
|
|
|
rev = "e656aaabd3bc5abda6c62c8967ebfd0c53ef179b";
|
|
|
|
|
sha256 = "08lq4prqhn923i8a7q79s4lsfnqgk4jd255xzk1wy12vg45dwlsc";
|
|
|
|
|
};
|
|
|
|
|
});
|
2016-01-28 02:59:31 +01:00
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
2017-01-26 14:50:56 +01:00
|
|
|
|
|
2018-02-25 21:29:39 +01:00
|
|
|
|
services.tor.hiddenServices.ssh.map = [{ port = 22; }];
|
2017-01-26 14:51:44 +01:00
|
|
|
|
nix.gc.automatic = pkgs.lib.mkOverride 30 false;
|
2016-01-28 02:59:31 +01:00
|
|
|
|
}
|