From 3a44b124561f544c229c0042cd0b91d055a33409 Mon Sep 17 00:00:00 2001 From: Mark Nipper Date: Thu, 11 Apr 2024 01:37:43 -0700 Subject: Add work VM and redo entire flake layout --- hosts/richese/default.nix | 200 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 200 insertions(+) create mode 100644 hosts/richese/default.nix (limited to 'hosts/richese/default.nix') diff --git a/hosts/richese/default.nix b/hosts/richese/default.nix new file mode 100644 index 0000000..f068784 --- /dev/null +++ b/hosts/richese/default.nix @@ -0,0 +1,200 @@ +{ config, pkgs, ... }: { + boot = { + initrd.kernelModules = [ "zfs" ]; + kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages; + loader.grub.device = "/dev/sda"; + supportedFilesystems = [ "zfs" ]; + zfs.devNodes = "/dev/disk/by-label"; + }; + + documentation.dev.enable = true; + documentation.man.enable = true; + + environment.systemPackages = with pkgs; [ + acl + ansible + autoconf + automake + bash + bc + bind + binutils + bpftools + bzip2 + cmake + colordiff + conntrack-tools + coreutils + cpio + curl + diffutils + dig + dmenu + enscript + ethtool + evince + expect + feh + file + findutils + fio + fortune + fping + gcc + gcr + geeqie + ghostscript + #gimp-with-plugins + gimp + git + gnugrep + gnupatch + gnused + gnutar + google-chrome + gv + gzip + helm + i3 + i3status + imagemagick + inkscape + inxi + iotop + ipcalc + iperf + iproute2 + iputils + jq + less + libreoffice + lshw + lsof + lvm2 + mariadb + mutt + nano + netcat-openbsd + nettools + nix-index + nmap + oath-toolkit + openldap + openssl + openstackclient + patchelf + (pass.withExtensions (ext: with ext; [pass-otp])) + pass + pavucontrol + pciutils + perl + pkg-config + polkit_gnome + poppler_utils + procps + psmisc + pv + pwgen + python3 + qpwgraph + qrencode + recode + rsync + sqlite + st + stoken + strace + sysstat + tcpdump + traceroute + tree + unixtools.xxd + unrar + unzip + util-linux + vim + virtualenv + wdiff + weechat + wget + wireshark + whois + xclip + xdotool + xorg.xdpyinfo + xsnow + xz + zip + zstd + ]; + + imports = [ + ./hardware-configuration.nix + ../common/core + ../common/optional/pipewire.nix + ../common/optional/services/openssh.nix + ../common/optional/services/xorg.nix + ../common/optional/zfs.nix + ../common/users/nipsy + ../common/users/root + ]; + + networking = { + hostId = "2d990f74"; + hostName = "richese"; + nftables.enable = true; + }; + + programs.atop.enable = true; + programs.firefox.enable = true; + programs.gnupg.agent = { + enable = true; + enableSSHSupport = true; + }; + programs.iftop.enable = true; + programs.mtr.enable = true; + programs.tmux.enable = true; + programs.zsh.enable = true; + + security.polkit = { + enable = true; + extraConfig = '' + polkit.addRule(function(action, subject) { + if ( + subject.isInGroup("users") + && ( + action.id == "org.freedesktop.login1.reboot" || + action.id == "org.freedesktop.login1.reboot-multiple-sessions" || + action.id == "org.freedesktop.login1.power-off" || + action.id == "org.freedesktop.login1.power-off-multiple-sessions" + ) + ) + { + return polkit.Result.YES; + } + }) + ''; + }; + + systemd = { + user.services.polkit-gnome-authentication-agent-1 = { + description = "polkit-gnome-authentication-agent-1"; + wantedBy = [ "graphical-session.target" ]; + wants = [ "graphical-session.target" ]; + after = [ "graphical-session.target" ]; + serviceConfig = { + Type = "simple"; + ExecStart = "${pkgs.polkit_gnome}/libexec/polkit-gnome-authentication-agent-1"; + Restart = "on-failure"; + RestartSec = 1; + TimeoutStopSec = 10; + }; + }; + }; + + system.stateVersion = "23.11"; + + virtualisation.virtualbox.guest.enable = true; + # no longer in unstable apparently + #virtualisation.virtualbox.guest.x11 = true; +} -- cgit v1.2.3