90 lines
2.7 KiB
Nix
90 lines
2.7 KiB
Nix
{ pkgs, lib, ... }:
|
|
let
|
|
# FIXME(Krey): Figure out how to source this globally
|
|
nixFilesIn = path:
|
|
let
|
|
names = lib.filter (lib.hasSuffix ".nix") (lib.attrNames (builtins.readDir path));
|
|
in
|
|
map (x: path + "/${x}") names;
|
|
in {
|
|
imports = [
|
|
# NOTE(Krey): Include the auto-generated hardware configuration
|
|
./hardware-configuration.nix
|
|
];
|
|
|
|
# Xen
|
|
## DECIDE(Krey): Decide whether we want Xen on this system
|
|
## BUG(Krey): Breaks the boot on leonid and i didn't tested it on finaboo yet
|
|
virtualisation.xen.enable = false;
|
|
#boot.kernelModules = [ "kvm-intel" ];
|
|
#virtualisation.libvirtd.enable = true;
|
|
|
|
# NOTE(Krey): Disable any non-FLOSS components
|
|
nixpkgs.config.allowUnfree = false;
|
|
hardware.enableAllFirmware = false;
|
|
|
|
# Networking
|
|
networking.networkmanager = {
|
|
enable = true;
|
|
};
|
|
|
|
# Sound
|
|
## NOTE(Krey): This is a server so there shoudn't be any need for sound other then scaring hetzner's sysadmins
|
|
sound.enable = false;
|
|
hardware.pulseaudio.enable = false;
|
|
|
|
# Environment
|
|
# environment.systemPackages = with pkgs; [
|
|
# wineWowPackages.staging
|
|
|
|
# (winetricks.override { wine = wineWowPackages.staging; })
|
|
# ];
|
|
|
|
# Fonts
|
|
fonts.fonts = with pkgs; [
|
|
# NOTE(Krey): Fonts with liqurature support
|
|
fira-code
|
|
fira-code-symbols
|
|
];
|
|
|
|
# Local services
|
|
## TODO(Krey): Decide on LOKI
|
|
services.loki.enable = false;
|
|
services.tor.relay.enable = true;
|
|
services.tor.client.enable = true;
|
|
services.openssh.enable = true;
|
|
services.bind.enable = true;
|
|
# FIXME(Krey): Needs declaration in the zonefile of DNS
|
|
services.matrix-synapse.enable = false;
|
|
# BUG(Krey): Discourse fails to build https://github.com/NixOS/nixpkgs/issues/136547
|
|
services.discourse.enable = false;
|
|
services.nginx.enable = true;
|
|
# FIXME(Krey): Add email handling (postfix + dovecot)
|
|
# BUG(Krey): Doesn't work throws a bunch of error stack -- https://github.com/NixOS/nixpkgs/issues/136552
|
|
services.nextcloud.enable = false;
|
|
services.nextcloud.autoUpdateApps.enable = false;
|
|
|
|
# Boot configuration
|
|
## FIXME-CRYPT(Krey): This server should be encrypted
|
|
boot.loader.grub.enableCryptodisk = false;
|
|
#boot.initrd.luks.devices.root.preLVM = lib.mkForce(false);
|
|
boot.loader.grub.devices = [ "/dev/sda" ];
|
|
|
|
# Tor configuration
|
|
services.tor.settings.Nickname = "HEEEYAAAAY";
|
|
## NOTE(Krey): Set bandwidth limit
|
|
services.tor.settings.RelayBandwidthRate = "2621440"; # 20 mbit/s
|
|
|
|
# Filesystems on the system
|
|
fileSystems = {
|
|
# The root filesystem
|
|
"/" = {
|
|
label = "NIXOS";
|
|
device = "/dev/sda1";
|
|
fsType = "btrfs";
|
|
# NOTE(Krey): Not supported for btrfs
|
|
autoResize = false;
|
|
autoFormat = true;
|
|
};
|
|
};
|
|
} |