my Nix configuration
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

71 lines
2.2KB

  1. { config, lib, pkgs, ... }:
  2. let
  3. nixNetrcFile = pkgs.runCommand "nix-netrc-file"
  4. { hostname = "cache.lumi.guide";
  5. username = "lumi";
  6. } ''
  7. cat > $out <<EOI
  8. machine $hostname
  9. login $username
  10. password ${builtins.readFile /home/yorick/engineering/lumi/secrets/shared/passwords/nix-serve-password}
  11. EOI
  12. '';
  13. in
  14. {
  15. imports = [
  16. ./graphical.nix
  17. ];
  18. users.extraUsers.yorick.extraGroups = [ "input" "wireshark" "dialout" ];
  19. services.printing = {
  20. enable = true;
  21. drivers = [ pkgs.gutenprint ];
  22. };
  23. environment.systemPackages = with pkgs; [
  24. pkgs.ghostscript pkgs.yubikey-manager
  25. ];
  26. virtualisation.virtualbox.host.enable = false;
  27. yorick.support32bit = true;
  28. # yubikey
  29. hardware.u2f.enable = true;
  30. services.pcscd.enable = true;
  31. #environment.systemPackages = [pkgs.yubikey-manager];
  32. fonts.fonts = [ pkgs.emojione ];
  33. # bluetooth headphones
  34. hardware.pulseaudio.package = pkgs.pulseaudioFull;
  35. programs.wireshark.enable = true;
  36. nix = {
  37. gc.automatic = pkgs.lib.mkOverride 30 false;
  38. binaryCaches = [
  39. "https://cache.nixos.org"
  40. "https://cache.lumi.guide/"
  41. "s3://yorick-cache?endpoint=s3.eu-central-1.wasabisys.com&profile=wasabi-private"
  42. #"https://nixpkgs-wayland.cachix.org"
  43. ];
  44. trustedBinaryCaches = config.nix.binaryCaches ++ [
  45. "ssh://yorick@jupiter.serokell.io"
  46. "ssh-ng://jupiter"
  47. "https://serokell.cachix.org"
  48. ];
  49. binaryCachePublicKeys = [
  50. "serokell:ic/49yTkeFIk4EBX1CZ/Wlt5fQfV7yCifaJyoM+S3Ss="
  51. "serokell-1:aIojg2Vxgv7MkzPJoftOO/I8HKX622sT+c0fjnZBLj0="
  52. "cache.lumi.guide-1:z813xH+DDlh+wvloqEiihGvZqLXFmN7zmyF8wR47BHE="
  53. "serokell.cachix.org-1:5DscEJD6c1dD1Mc/phTIbs13+iW22AVbx0HqiSb+Lq8="
  54. "nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA="
  55. ];
  56. extraOptions = ''
  57. netrc-file = ${nixNetrcFile}
  58. '';
  59. };
  60. services.avahi = {
  61. enable = true;
  62. nssmdns = true;
  63. };
  64. virtualisation.libvirtd.enable = true;
  65. users.users.yorick.extraGroups = [ "libvirtd" ];
  66. users.users.yorick.shell = pkgs.fish;
  67. services.udev.extraRules = ''
  68. SUBSYSTEM=="usb", ATTRS{idVendor}=="1209", ATTRS{idProduct}=="5bf0", MODE="0664", GROUP="dialout"
  69. '';
  70. }