Extract headless common configuration.

This commit is contained in:
Gabriel Ebner 2017-07-23 15:09:52 +01:00
parent 29393be0a7
commit 9cf62db3d3
2 changed files with 80 additions and 70 deletions

79
common-headless.nix Normal file

@ -0,0 +1,79 @@
{ config, pkgs, ... }:
{
imports =
[
/etc/nixos/hardware-configuration.nix
./i3.nix
./basic-tools.nix
./common-sw.nix
];
boot.kernelPackages = pkgs.linuxPackages_latest;
nix.useSandbox = true;
nix.binaryCaches = [ https://cache.nixos.org ];
nix.trustedBinaryCaches = [ https://cache.nixos.org ];
nix.extraOptions = ''
auto-optimise-store = true
binary-caches-parallel-connections = 10
'';
networking.networkmanager.enable = true;
networking.firewall.enable = true;
time.timeZone = "Europe/Vienna";
# Enable the OpenSSH daemon.
services.openssh = {
enable = true;
permitRootLogin = "no";
passwordAuthentication = false;
};
programs.ssh.startAgent = false;
# Enable CUPS to print documents.
services.avahi.enable = true; # cups browsing support
services.printing = {
enable = true;
browsing = true;
drivers = [ pkgs.hplip ];
};
# services.colord.enable = true;
boot.kernel.sysctl = {
"kernel.perf_event_paranoid" = "0";
"kernel.kptr_restrict" = pkgs.lib.mkForce "0";
# IntelliJ
"fs.inotify.max_user_watches" = 524288;
};
# gapt: `ulimit -n` was 256
security.pam.loginLimits = [
{ domain = "*"; type = "-"; item = "nofile"; value = "4096"; }
];
fileSystems."/mnt/vaccaria" = {
device = "//vaccaria.mtlaa.gebner.org/export";
fsType = "cifs";
options = [ "noauto" "x-systemd.automount" "credentials=/etc/smbcredentials/vaccaria" ];
};
fileSystems."/mnt/aruanus" = {
device = "//aruanus.htdf.gebner.org/export";
fsType = "cifs";
options = [ "noauto" "x-systemd.automount" "credentials=/etc/smbcredentials/aruanus" ];
};
users.extraUsers.gebner = {
isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" ];
# shell = "${pkgs.zsh}/bin/zsh";
password = if config.virtualisation != null then "" else null;
};
system.fsPackages = [ pkgs.ntfs3g ];
}

@ -3,77 +3,8 @@
{ {
imports = imports =
[ [
/etc/nixos/hardware-configuration.nix ./common-headless.nix
./i3.nix ./i3.nix
./basic-tools.nix
./common-sw.nix
]; ];
boot.kernelPackages = pkgs.linuxPackages_latest;
nix.useSandbox = true;
nix.binaryCaches = [ https://cache.nixos.org ];
nix.trustedBinaryCaches = [ https://cache.nixos.org ];
nix.extraOptions = ''
auto-optimise-store = true
binary-caches-parallel-connections = 10
'';
networking.networkmanager.enable = true;
networking.firewall.enable = true;
time.timeZone = "Europe/Vienna";
# Enable the OpenSSH daemon.
services.openssh = {
enable = true;
permitRootLogin = "no";
passwordAuthentication = false;
};
programs.ssh.startAgent = false;
# Enable CUPS to print documents.
services.avahi.enable = true; # cups browsing support
services.printing = {
enable = true;
browsing = true;
drivers = [ pkgs.hplip ];
};
# services.colord.enable = true;
boot.kernel.sysctl = {
"kernel.perf_event_paranoid" = "0";
"kernel.kptr_restrict" = pkgs.lib.mkForce "0";
# IntelliJ
"fs.inotify.max_user_watches" = 524288;
};
# gapt: `ulimit -n` was 256
security.pam.loginLimits = [
{ domain = "*"; type = "-"; item = "nofile"; value = "4096"; }
];
fileSystems."/mnt/vaccaria" = {
device = "//vaccaria.mtlaa.gebner.org/export";
fsType = "cifs";
options = [ "noauto" "x-systemd.automount" "credentials=/etc/smbcredentials/vaccaria" ];
};
fileSystems."/mnt/aruanus" = {
device = "//aruanus.htdf.gebner.org/export";
fsType = "cifs";
options = [ "noauto" "x-systemd.automount" "credentials=/etc/smbcredentials/aruanus" ];
};
users.extraUsers.gebner = {
isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" ];
# shell = "${pkgs.zsh}/bin/zsh";
password = if config.virtualisation != null then "" else null;
};
system.fsPackages = [ pkgs.ntfs3g ];
} }