git ssb


0+

cryptix / dotcryptix



Tree: c475ad20c2c71140f39209984924cedf63e14d6d

Files: c475ad20c2c71140f39209984924cedf63e14d6d / common_configuration.nix

3424 bytesRaw
1{ config, pkgs, ... }:
2let
3 literals = import ./literals.nix {pkgs = pkgs; };
4in
5
6{
7
8 boot.cleanTmpDir = true;
9
10 nix = {
11 useSandbox = true;
12 #useChroot = true;
13 gc = {
14 automatic = true;
15 dates = "00:00";
16 };
17 };
18
19 nixpkgs.config = {
20 allowUnfree = true;
21 };
22
23 networking = {
24 extraHosts = literals.extraHosts;
25 networkmanager.enable = true;
26 firewall.enable = false;
27 };
28
29 i18n = {
30 consoleFont = "Lat2-Terminus16";
31 defaultLocale = "en_US.UTF-8";
32 };
33
34 hardware = {
35 cpu.intel.updateMicrocode = true;
36 pulseaudio = {
37 enable = true;
38 };
39 };
40
41
42 services = {
43 cron.systemCronJobs = [
44 #"20 * * * * jaga rsync --remove-source-files -rauz ${config.users.extraUsers.jaga.home}/{Dropbox/\"Camera Uploads\",yandex-disk/}"
45 #"22 * * * * root systemctl restart yandex-disk.service"
46 ];
47 journald.extraConfig = "SystemMaxUse=50M";
48 dbus.enable = true;
49 udisks2.enable = true;
50 smartd.enable = true;
51 ntp = {
52 enable = true;
53 servers = [ "2.europe.pool.ntp.org" "1.ch.pool.ntp.org" "2.de.pool.ntp.org" ];
54 };
55
56 dnsmasq = {
57 enable = true;
58 servers = [ "/.ssb/127.0.0.1#53053" ];
59 };
60 openssh = {
61 enable = true;
62 extraConfig = ''
63KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256
64Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
65MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256
66KeyRegenerationInterval 1800
67ServerKeyBits 4096
68PermitRootLogin no
69PubkeyAuthentication yes
70PasswordAuthentication no
71 '';
72 };
73 tor = {
74 client.enable = true;
75 tsocks.enable = true;
76 };
77 };
78
79
80 users.extraUsers.cryptix = {
81 home = "/home/cryptix";
82 group = "users";
83 extraGroups = [ "wheel" "networkmanager" "video" "power" ];
84 shell = "${pkgs.zsh}/bin/zsh";
85 uid = 1001;
86 openssh.authorizedKeys.keys = [
87"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGZ510w4dxqbAo9Z5pJGPqDSUUukXl671+zizIq1ZRl1 cryptix@higgs"
88"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICMx0HXcSTthCl8WB2VLT/LHSakX5s0MnmbhNIknJEoq cryptix@svahnry"
89"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC0ku5loH7CN+a8mXK99iBkRS3lFbbmScSKXOsCyrbR0Oxfvd5DpwgMD12oJ/xfrgpk1vPSSf6KeMZbhigUGsGne/pRUaOqa67n+2CUlEsVgvoW1P/nf4eG0+NEQRoedmWQnTwhiBwPXpbUELqowtjHs93ebGFBd1IizPi2qJz0TK6YeZ0/ZqqGK4bPUHjrCRsWrr/MtKI+9fBk60DS81JmYMHj9Ny+ksun3dOqpP/FtbRbI8OW3DTVLxmrxEegULQXt64vxuuSGRuIit8cdmN397aBkG5XKLqoaES5LpsU5tFN+o6ola+4/k/VTh+9mxO6/dtqY1clSpF/2Rdn13cBvZ5TQYicV9uEmYmBkFh8b8xiQcIkjaL6ADQj6Elnq1XVqmCpOAjRaNH2mwR4k6Gzi9PWWNzBljSYAqyfz3S8wZjw1UXFI3LySPAwPAP1G+X75KDEVx+tiDpkHqSk0BFtmNaSnVlHbgiJfHcMG5VPfwT5O/3ITw2uPo+WcVE54tviPQHJ75xA4WW1EFbEa7eBxfRb4FpRPcFJYNfj/qrtiHQGSCns5nh8wDDP5WVW2lIBVKo4JQGEMgPwL09rcF82WIyWSuyu3yzSEjdbq6tCdegvyxphFX2lnl9PVR6jS4GUrkxDREaurwi9duUYZ43oYUYtUzUwQzJHvTkmqs0K9w== cryptix@iPhone"
90 ];
91 };
92
93 time.timeZone = "Europe/Berlin";
94
95 environment.systemPackages = with pkgs; [
96 # base system
97 bash
98 zsh
99 file
100 lsof
101 htop
102 iotop
103 powertop
104 pmutils
105 wget
106 socat
107 unzip
108 tmux
109 mosh
110 gnupg
111 mtr
112 nmap
113 jq
114 rtorrent
115 openvpn
116 cifs_utils
117 unrar
118 zip
119 sshfsFuse
120 mercurial
121 pv
122 nethogs
123 ntfs3g
124 ms-sys
125 sysstat
126 smartmontools
127 ddrescue
128 pciutils
129 usbutils
130 ldns
131 ];
132}
133

Built with git-ssb-web