about summary refs log tree commit diff
path: root/users/sterni/modules/common.nix
diff options
context:
space:
mode:
authorsterni <sternenseemann@systemli.org>2023-11-24T15·55+0100
committersterni <sternenseemann@systemli.org>2023-11-25T22·55+0000
commit897ee4ad26113cd386789f336038d6601aa6d7cb (patch)
tree33ba8061d0af403aab49ef3760cd4219a58f70c1 /users/sterni/modules/common.nix
parent5161c3c072616fb6b634f30fa8d9490b260d8da1 (diff)
refactor(sterni/edwin): move generic settings into module r/7067
These settings would also be applied to a machine that'd replace edwin,
so it's useful to have them outside edwin's default.nix.

Change-Id: I4e8f464118a103645e53909a87c6ee4446022fa3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10125
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Diffstat (limited to 'users/sterni/modules/common.nix')
-rw-r--r--users/sterni/modules/common.nix79
1 files changed, 79 insertions, 0 deletions
diff --git a/users/sterni/modules/common.nix b/users/sterni/modules/common.nix
new file mode 100644
index 000000000000..db5b264e6694
--- /dev/null
+++ b/users/sterni/modules/common.nix
@@ -0,0 +1,79 @@
+# This module is common in the weakest sense, i.e. contains common settings to
+# all my machines contained in depot—as opposed to common to all my potential
+# machines. Consequently, this module is currently very server-centric.
+{ pkgs, lib, depot, config, ... }:
+
+let
+  me = "lukas";
+in
+
+{
+  config = {
+
+    # More common
+
+    time.timeZone = "Europe/Berlin";
+
+    nix = {
+      package = pkgs.nix_2_3;
+      settings = {
+        trusted-public-keys = lib.mkAfter [
+          "headcounter.org:/7YANMvnQnyvcVB6rgFTdb8p5LG1OTXaO+21CaOSBzg="
+        ];
+        substituters = lib.mkAfter [
+          "https://hydra.build"
+        ];
+        trusted-users = [ me ];
+      };
+    };
+    tvl.cache.enable = true;
+
+    programs.fish.enable = true;
+
+    users = {
+      users = {
+        root.openssh.authorizedKeys.keys = depot.users.sterni.keys.all;
+        ${me} = {
+          isNormalUser = true;
+          extraGroups = [ "wheel" "http" "git" ];
+          openssh.authorizedKeys.keys = depot.users.sterni.keys.all;
+          shell = pkgs.fish;
+        };
+      };
+    };
+
+    # Less common
+
+    services = {
+      journald.extraConfig = ''
+        SystemMaxUse=1024M
+      '';
+
+      openssh.enable = true;
+    };
+
+    programs = {
+      mosh.enable = true;
+      tmux.enable = true;
+    };
+
+    environment.systemPackages = [
+      pkgs.weechat
+      pkgs.wget
+      pkgs.git
+      pkgs.stow
+      pkgs.htop
+      pkgs.foot.terminfo
+      pkgs.vim
+    ];
+
+    security.acme = {
+      defaults.email = builtins.getAttr "email" (
+        builtins.head (
+          builtins.filter (attrs: attrs.username == "sterni") depot.ops.users
+        )
+      );
+      acceptTerms = true;
+    };
+  };
+}