about summary refs log tree commit diff
path: root/users/tazjin/nixos/modules/physical.nix
blob: baae1b6b5bfe0b89b9a75d7e97fb42fe06411009 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
# Default configuration settings for physical machines that I use.
{ lib, pkgs, config, depot, ... }:

let
  pass-otp = pkgs.pass.withExtensions (e: [ e.pass-otp ]);
in
{
  options = with lib; {
    tazjin.emacs = mkOption {
      type = types.package;
      default = depot.users.tazjin.emacs;
      description = ''
        Derivation with my Emacs package, with configuration included.
      '';
    };
  };

  config = {
    # Install all the default software.
    environment.systemPackages =
      # programs from the depot
      (with depot; [
        config.tazjin.emacs
        third_party.agenix.cli
        tools.when
        users.tazjin.chase-geese
        users.tazjin.eaglemode
        users.tazjin.screenLock
      ]) ++

      # programs from nixpkgs
      (with pkgs; [
        (aspellWithDicts (d: [ d.ru ]))
        amber
        bat
        curl
        ddcutil
        direnv
        dnsutils
        electrum
        firefox
        config.tazjin.emacs.emacs # emacsclient
        expect
        fd
        file
        gdb
        git
        gnupg
        go
        gopls
        gotools
        gtk3 # for gtk-launch
        htop
        hyperfine
        iftop
        imagemagick
        josh
        jq
        lieer
        maim
        man-pages
        moreutils
        mosh
        msmtp
        networkmanagerapplet
        nix-prefetch-github
        nmap
        notmuch
        openssh
        openssl
        pass-otp
        pavucontrol
        pinentry
        pinentry-emacs
        pulseaudio # for pactl
        pwgen
        quasselClient
        radicle-node
        rink
        ripgrep
        rustup
        screen
        tig
        tokei
        tree
        unzip
        vlc
        volumeicon
        whois
        xclip
        xsecurelock
        zoxide
      ]);

    # Run services & configure programs for all machines.
    services.fwupd.enable = true;

    # Disable the broken NetworkManager-wait-online.service
    systemd.services.NetworkManager-wait-online.enable = lib.mkForce false;

    # Disable the thing that prints annoying warnings when trying to
    # run manually patchelfed binaries
    environment.stub-ld.enable = false;

    # Enable yggdrasil network.
    services.yggdrasil = {
      enable = true;
      persistentKeys = true;
      settings.IfName = "ygg0";
    };

    programs = {
      fish.enable = true;
      mosh.enable = true;
      ssh.startAgent = true;
    };

    # Automatically collect garbage from the Nix store.
    services.depot.automatic-gc = {
      enable = true;
      interval = "1 hour";
      diskThreshold = 16; # GiB
      maxFreed = 50; # GiB
      preserveGenerations = "14d";
    };
  };
}