nixos-config/common.nix

{ config, pkgs, ... }:

{
  imports =
    [
      /etc/nixos/hardware-configuration.nix
      ./i3.nix
      ./basic-tools.nix
      ./common-sw.nix
    ];

  boot.kernelPackages = pkgs.linuxPackages_latest;

  nix.useSandbox = true;
  nix.binaryCaches = [ https://cache.nixos.org ];
  nix.trustedBinaryCaches = [ https://cache.nixos.org ];
  nix.extraOptions = ''
    auto-optimise-store = true
    binary-caches-parallel-connections = 10
  '';

  networking.networkmanager.enable = true;
  networking.firewall.enable = true;

  time.timeZone = "Europe/Vienna";

  # Enable the OpenSSH daemon.
  services.openssh = {
    enable = true;
    permitRootLogin = "no";
    passwordAuthentication = false;
  };
  programs.ssh.startAgent = false;

  # Enable CUPS to print documents.
  services.avahi.enable = true; # cups browsing support
  services.printing = {
    enable = true;
    browsing = true;
    drivers = [ pkgs.hplip ];
  };
  # services.colord.enable = true;

  boot.kernel.sysctl = {
    "kernel.perf_event_paranoid" = "0";
    "kernel.kptr_restrict" = pkgs.lib.mkForce "0";

    # IntelliJ
    "fs.inotify.max_user_watches" = 524288;
  };

  # gapt: `ulimit -n` was 256
  security.pam.loginLimits = [
    { domain = "*"; type = "-"; item = "nofile"; value = "4096"; }
  ];

  fileSystems."/mnt/vaccaria" = {
    device = "//vaccaria.mtlaa.gebner.org/export";
    fsType = "cifs";
    options = [ "noauto" "x-systemd.automount" "credentials=/etc/smbcredentials/vaccaria" ];
  };

  fileSystems."/mnt/aruanus" = {
    device = "//aruanus.htdf.gebner.org/export";
    fsType = "cifs";
    options = [ "noauto" "x-systemd.automount" "credentials=/etc/smbcredentials/aruanus" ];
  };

  users.extraUsers.gebner = {
    isNormalUser = true;
    extraGroups = [ "wheel" "networkmanager" ];
    # shell = "${pkgs.zsh}/bin/zsh";

    password = if config.virtualisation != null then "" else null;
  };

  system.fsPackages = [ pkgs.ntfs3g ];

}
Refactoring common parts. 2015-05-21 14:13:47 +00:00			`{ config, pkgs, ... }:`

			`{`
			`imports =`
			`[`
			`/etc/nixos/hardware-configuration.nix`
Switch to i3. 2015-05-27 16:52:02 +00:00			`./i3.nix`
Move small command-line tools to basic-tools.nix. 2015-09-14 08:39:15 +00:00			`./basic-tools.nix`
Refactor systemPackages. Do not install everything on euhadra. 2016-07-22 11:01:40 +00:00			`./common-sw.nix`
Refactoring common parts. 2015-05-21 14:13:47 +00:00			`];`

virtualbox has been upgraded in nixpkgs 2016-08-31 06:38:22 +00:00			`boot.kernelPackages = pkgs.linuxPackages_latest;`
Refactoring common parts. 2015-05-21 14:13:47 +00:00
updates 2016-06-02 18:55:12 +00:00			`nix.useSandbox = true;`
Disable hydra cache. 2016-04-24 14:57:21 +00:00			`nix.binaryCaches = [ https://cache.nixos.org ];`
			`nix.trustedBinaryCaches = [ https://cache.nixos.org ];`
Reduce number of parallel connections to cache. https://github.com/NixOS/nixpkgs/issues/9453 2015-08-26 10:17:52 +00:00			`nix.extraOptions = ''`
			`auto-optimise-store = true`
			`binary-caches-parallel-connections = 10`
			`'';`
Refactoring common parts. 2015-05-21 14:13:47 +00:00
			`networking.networkmanager.enable = true;`
			`networking.firewall.enable = true;`

			`time.timeZone = "Europe/Vienna";`

			`# Enable the OpenSSH daemon.`
			`services.openssh = {`
			`enable = true;`
			`permitRootLogin = "no";`
			`passwordAuthentication = false;`
			`};`
			`programs.ssh.startAgent = false;`

			`# Enable CUPS to print documents.`
			`services.avahi.enable = true; # cups browsing support`
enable hplip for cups 2015-12-24 12:06:29 +00:00			`services.printing = {`
			`enable = true;`
Make office printer work. 2017-05-24 12:51:51 +00:00			`browsing = true;`
enable hplip for cups 2015-12-24 12:06:29 +00:00			`drivers = [ pkgs.hplip ];`
			`};`
Disable in-development colord support. 2015-06-02 14:39:37 +00:00			`# services.colord.enable = true;`
Refactoring common parts. 2015-05-21 14:13:47 +00:00
add perf 2016-09-21 13:11:24 +00:00			`boot.kernel.sysctl = {`
			`"kernel.perf_event_paranoid" = "0";`
Use my own emacs, with gtk3 and webkit. 2016-12-26 16:22:22 +00:00			`"kernel.kptr_restrict" = pkgs.lib.mkForce "0";`
add perf 2016-09-21 13:11:24 +00:00
			`# IntelliJ`
			`"fs.inotify.max_user_watches" = 524288;`
			`};`
Refactoring common parts. 2015-05-21 14:13:47 +00:00
set `ulimit -n` to 4096. 2015-06-02 10:38:56 +00:00			# gapt: `ulimit -n` was 256
			`security.pam.loginLimits = [`
			`{ domain = "*"; type = "-"; item = "nofile"; value = "4096"; }`
			`];`

Refactoring common parts. 2015-05-21 14:13:47 +00:00			`fileSystems."/mnt/vaccaria" = {`
			`device = "//vaccaria.mtlaa.gebner.org/export";`
			`fsType = "cifs";`
do not use deprecated comma-separated fs options 2016-02-19 20:05:16 +00:00			`options = [ "noauto" "x-systemd.automount" "credentials=/etc/smbcredentials/vaccaria" ];`
Refactoring common parts. 2015-05-21 14:13:47 +00:00			`};`

			`fileSystems."/mnt/aruanus" = {`
			`device = "//aruanus.htdf.gebner.org/export";`
			`fsType = "cifs";`
do not use deprecated comma-separated fs options 2016-02-19 20:05:16 +00:00			`options = [ "noauto" "x-systemd.automount" "credentials=/etc/smbcredentials/aruanus" ];`
Refactoring common parts. 2015-05-21 14:13:47 +00:00			`};`

			`users.extraUsers.gebner = {`
			`isNormalUser = true;`
			`extraGroups = [ "wheel" "networkmanager" ];`
switch to bash 2015-09-20 08:45:13 +00:00			`# shell = "${pkgs.zsh}/bin/zsh";`
Remove deprecated haskellngPackages. 2015-09-01 12:16:20 +00:00
			`password = if config.virtualisation != null then "" else null;`
Refactoring common parts. 2015-05-21 14:13:47 +00:00			`};`

enable ntfs-3g 2015-08-09 17:35:31 +00:00			`system.fsPackages = [ pkgs.ntfs3g ];`

Refactoring common parts. 2015-05-21 14:13:47 +00:00			`}`