126 lines
2.8 KiB
Nix
126 lines
2.8 KiB
Nix
# Edit this configuration file to define what should be installed on
|
||
# your system. Help is available in the configuration.nix(5) man page
|
||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||
{
|
||
config,
|
||
pkgs,
|
||
...
|
||
}: let
|
||
globals = import ../../config/globals.nix ;
|
||
in {
|
||
nix.settings.experimental-features = ["nix-command" "flakes"];
|
||
imports = [
|
||
# Include the results of the hardware scan.
|
||
./hardware.nix
|
||
../../modules/common/nix.nix
|
||
../../modules/roles/server.nix
|
||
../../modules/common/base.nix
|
||
../../modules/common/smtp.nix
|
||
../../modules/common/qemu.nix
|
||
|
||
../../modules/services/goaccess.nix
|
||
../../modules/services/wikijs.nix
|
||
../../modules/services/forgejo.nix
|
||
../../modules/sites/porzh.me.nix
|
||
../../modules/sites/levr.porzh.me.nix
|
||
|
||
];
|
||
|
||
# Bootloader.
|
||
boot.loader.systemd-boot.enable = true;
|
||
boot.loader.efi.canTouchEfiVariables = true;
|
||
|
||
networking.hostName = "terre-neuvas"; # Define your hostname.
|
||
|
||
# Configure keymap in X11
|
||
services.xserver.xkb = {
|
||
layout = "fr";
|
||
variant = "azerty";
|
||
};
|
||
|
||
# Configure console keymap
|
||
console.keyMap = "fr";
|
||
|
||
users.users.lomig = {
|
||
isNormalUser = true;
|
||
extraGroups = ["lp" "wheel" "docker"];
|
||
shell = pkgs.zsh;
|
||
};
|
||
|
||
home-manager = {
|
||
useGlobalPkgs = true;
|
||
users.lomig = import ../../hm/users/lomig.nix;
|
||
};
|
||
|
||
nixpkgs.config.allowUnfree = true;
|
||
|
||
environment.systemPackages = with pkgs; [
|
||
neovim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
|
||
git
|
||
|
||
btrfs-progs
|
||
cifs-utils
|
||
lm_sensors
|
||
wakeonlan
|
||
wget
|
||
curl
|
||
ripgrep
|
||
fd
|
||
pciutils
|
||
usbutils
|
||
p7zip
|
||
gdu
|
||
glances
|
||
tmux
|
||
|
||
];
|
||
|
||
services.openssh = {
|
||
enable = true;
|
||
settings = {
|
||
PasswordAuthentication = false;
|
||
PubkeyAuthentication = true;
|
||
};
|
||
};
|
||
|
||
networking = {
|
||
useNetworkd = true;
|
||
firewall.allowedTCPPorts = [22 80 5900 5901 5902];
|
||
firewall.enable = true ;
|
||
interfaces.eno1.useDHCP = false;
|
||
interfaces.br0 = {
|
||
useDHCP = false;
|
||
ipv4.addresses = [
|
||
{
|
||
address = globals.network.terre-neuvas.ip;
|
||
prefixLength = 24;
|
||
}
|
||
];
|
||
};
|
||
defaultGateway = {
|
||
interface = "br0";
|
||
address = globals.network.gateway;
|
||
};
|
||
nameservers = [ globals.network.gateway "1.1.1.1"];
|
||
bridges.br0.interfaces = ["eno1"];
|
||
};
|
||
systemd.network = {
|
||
enable = true;
|
||
netdevs."br0" = {
|
||
netdevConfig = {
|
||
Name = "br0";
|
||
Kind = "bridge";
|
||
};
|
||
};
|
||
networks."br0" = {
|
||
matchConfig.Name = "br0";
|
||
};
|
||
networks."eno1" = {
|
||
matchConfig.Name = "eno1";
|
||
networkConfig.Bridge = "br0";
|
||
};
|
||
};
|
||
|
||
|
||
system.stateVersion = "25.05"; # Did you read the comment?
|
||
}
|