116 lines
3 KiB
Nix
116 lines
3 KiB
Nix
{ config
|
||
, pkgs
|
||
, modulesPath
|
||
, lib
|
||
, inputs
|
||
, system
|
||
, ...
|
||
}: {
|
||
imports = [
|
||
(modulesPath + "/profiles/qemu-guest.nix")
|
||
../../os-mods/common
|
||
../../os-mods/cachix
|
||
../../os-mods/desktop
|
||
../../os-mods/desktop/audio.nix
|
||
../../os-mods/desktop/printing.nix
|
||
../../os-mods/netdata
|
||
../../os-mods/network
|
||
];
|
||
|
||
# Bootloader.
|
||
boot = {
|
||
loader.grub = {
|
||
enable = true;
|
||
device = "/dev/sda";
|
||
useOSProber = true;
|
||
};
|
||
|
||
initrd = {
|
||
availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
|
||
kernelModules = [ ];
|
||
};
|
||
kernelModules = [ ];
|
||
extraModulePackages = [ ];
|
||
};
|
||
|
||
environment.systemPackages = with pkgs; [
|
||
netmaker
|
||
];
|
||
|
||
fileSystems."/" = {
|
||
device = "/dev/disk/by-uuid/8598929f-bf20-4f02-9f20-acf899eeee2c";
|
||
fsType = "ext4";
|
||
};
|
||
|
||
swapDevices = [ ];
|
||
zramSwap.enable = true;
|
||
|
||
networking.hostName = "nixos-karl-kvm-guest";
|
||
|
||
fileSystems."/etc/nixos" = {
|
||
device = lib.mkForce "/home/reopen5194/nix";
|
||
fsType = "none";
|
||
options = [ "bind" ];
|
||
};
|
||
|
||
security.polkit.extraConfig = ''
|
||
polkit.addRule(function(action, subject) {
|
||
if (action.id == "org.freedesktop.login1.suspend" ||
|
||
action.id == "org.freedesktop.login1.suspend-multiple-sessions" ||
|
||
action.id == "org.freedesktop.login1.hibernate" ||
|
||
action.id == "org.freedesktop.login1.hibernate-multiple-sessions")
|
||
{
|
||
return polkit.Result.NO;
|
||
}
|
||
});
|
||
'';
|
||
|
||
services.qemuGuest.enable = true;
|
||
|
||
# Define a user account. Don't forget to set a password with ‘passwd’.
|
||
users.users.reopen5194 = {
|
||
isNormalUser = true;
|
||
description = "reopen5194";
|
||
extraGroups = [ "docker" "networkmanager" "wheel" ];
|
||
openssh.authorizedKeys.keys = [
|
||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO4fBDj1/He/uimO97RgjGWZLAimTrLmIlYS2ekD73GC tristan@arch-pulse"
|
||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDP8ztBIgQsYh7LefSKtuDRYDWNheZWbmIr51T/Np/jc tristand@nixos-pulse"
|
||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ/tkVxnPZB+C6sK9A12pUsB38OhXieMNaij6pC3foSH admin@vault81.de"
|
||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMuH8L7mQDg86uJME6jndOu4niwLMASuJKpdbJU8Hfet tristan+desktop@vault81.de"
|
||
];
|
||
};
|
||
home-manager = {
|
||
useUserPackages = true;
|
||
useGlobalPkgs = true;
|
||
users.reopen5194 = import ../../users/admin-thin.nix {
|
||
username = "reopen5194";
|
||
|
||
inherit pkgs config inputs system lib;
|
||
};
|
||
};
|
||
|
||
# Some programs need SUID wrappers, can be configured further or are
|
||
# started in user sessions.
|
||
# programs.mtr.enable = true;
|
||
|
||
# Virtualization
|
||
virtualisation.docker = {
|
||
enable = true;
|
||
package = pkgs.docker;
|
||
# rootless = {
|
||
# enable = true;
|
||
# setSocketVariable = true;
|
||
# };
|
||
daemon.settings = {
|
||
# fixed-cidr-v6 = "fd00::/80";
|
||
# ipv6 = true;
|
||
dns = [ "9.9.9.9" "149.112.112.112" ];
|
||
};
|
||
};
|
||
# allow to bind to priv ports
|
||
# boot.kernel.sysctl = {
|
||
# "net.ipv4.ip_unprivileged_port_start" = 79;
|
||
# };
|
||
|
||
system.stateVersion = "23.05"; # Did you read the comment?
|
||
}
|