dotfiles/nixos/common.nix

{
  config,
  pkgs,
  lib,
  inputs,
  nixpkgs-nixos-unstable-and-unfree,
  nixpkgs-veracrypt,
  ...
}: let
  stateVersion = "23.05";
  username = "cyryl";
in {
  imports = [
    ./common-hardware.nix
    ./common-services.nix
    ./security.nix
    ./syncthing.nix
  ];

  security.allowUserNamespaces = true;

  environment.enableDebugInfo = true;

  environment.systemPackages = with pkgs; [
    ccache
    curl
    davfs2
    dnsutils
    fd
    git
    gnupg
    home-manager
    htop
    pciutils
    powertop
    sshfs
    tmux
    usbutils
    wget
    nixpkgs-veracrypt.veracrypt
  ];

  i18n.defaultLocale = "en_GB.UTF-8";

  users.users."${username}" = {
    isNormalUser = true;
    extraGroups = [
      "adbusers"
      "davfs2"
      "dialout"
      "docker"
      "libvirtd"
      "lp"
      "networkmanager"
      "scanner"
      "vboxusers"
      "video"
      "wheel"
      "wireshark"
    ];
    shell = pkgs.zsh;
  };

  networking.nameservers = ["9.9.9.9" "2620:fe::fe" "149.112.112.112" "2620:fe::9"];

  networking.hosts = {"10.11.99.1" = ["remarkable"];};

  programs.light.enable = true;
  programs.adb.enable = true;
  programs.wireshark.enable = true;

  programs.ssh.extraConfig = ''
    Host vpsfree1 vpsfree1.cyplo.dev vpsfree1.raptor-carp.ts.net
        HostName vpsfree1
        Port 2222
    StrictHostKeyChecking=accept-new
  '';

  virtualisation.docker = {
    enable = true;
    autoPrune.enable = true;
    daemon.settings = {
      "insecure-registries" = ["vpsfree1.raptor-carp.ts.net:5000"];
    };
  };

  fonts.fontconfig = {
    enable = true;
    defaultFonts.monospace = ["BerkeleyMono Nerd Font"];
  };

  fonts.fonts = with pkgs; [
    inconsolata
    (fetchzip {
      url = "file://" + ./fonts/berkeley.tar.xz;
      sha256 = "sha256-nsDqdQikT65vJVMq7r2MAOxd3xqj8vJ0Ky2y9CfI/bg==";
    })
    (fetchzip {
      url = "file://" + ./fonts/tragicastle.tar.xz;
      sha256 = "sha256-AjvaPmjlyDjBDxeVp1A1yPin0FrwbBib87ywF4GHqS0=";
    })
  ];

  nix = {
    settings.auto-optimise-store = true;
    gc.automatic = true;
    optimise.automatic = true;
    package = pkgs.nixUnstable;
    extraOptions = ''
      experimental-features = nix-command flakes
      stalled-download-timeout = 30
    '';
  };

  system = {inherit stateVersion;};
  system.activationScripts.diff = ''
    ${pkgs.nvd}/bin/nvd --nix-bin-dir=${pkgs.nix}/bin diff /run/current-system "$systemConfig"
  '';
}
reformat all files using alejandra 2023-08-13 17:00:41 +01:00			`{`
			`config,`
			`pkgs,`
			`lib,`
			`inputs,`
			`nixpkgs-nixos-unstable-and-unfree,`
pin new version of veracrypt as older one is crashing 2023-11-18 13:08:25 +00:00			`nixpkgs-veracrypt,`
reformat all files using alejandra 2023-08-13 17:00:41 +01:00			`...`
			`}: let`
update and switch servers to 23.05 2023-07-06 22:41:43 +01:00			`stateVersion = "23.05";`
extract state version 2022-12-02 13:43:26 +00:00			`username = "cyryl";`
			`in {`
Add new fonts 2022-03-08 15:45:44 +00:00			`imports = [`
			`./common-hardware.nix`
			`./common-services.nix`
			`./security.nix`
			`./syncthing.nix`
			`];`
Add nixos system configuration 2019-03-26 10:12:24 +00:00
nixpkgs-fmt 2021-11-22 19:32:26 +00:00			`security.allowUserNamespaces = true;`
hardened 2020-02-16 09:23:31 +00:00
nixpkgs-fmt 2021-11-22 19:32:26 +00:00			`environment.enableDebugInfo = true;`
clean up unfree 2021-06-12 16:15:00 +01:00
nixpkgs-fmt 2021-11-22 19:32:26 +00:00			`environment.systemPackages = with pkgs; [`
sort packages and groups 2022-08-20 00:00:50 +01:00			`ccache`
			`curl`
add remote filesystem tools 2023-01-11 08:52:44 +00:00			`davfs2`
sort packages and groups 2022-08-20 00:00:50 +01:00			`dnsutils`
			`fd`
nixpkgs-fmt 2021-11-22 19:32:26 +00:00			`git`
			`gnupg`
			`home-manager`
sort packages and groups 2022-08-20 00:00:50 +01:00			`htop`
nixpkgs-fmt 2021-11-22 19:32:26 +00:00			`pciutils`
			`powertop`
add remote filesystem tools 2023-01-11 08:52:44 +00:00			`sshfs`
sort packages and groups 2022-08-20 00:00:50 +01:00			`tmux`
nixpkgs-fmt 2021-11-22 19:32:26 +00:00			`usbutils`
sort packages and groups 2022-08-20 00:00:50 +01:00			`wget`
pin new version of veracrypt as older one is crashing 2023-11-18 13:08:25 +00:00			`nixpkgs-veracrypt.veracrypt`
nixpkgs-fmt 2021-11-22 19:32:26 +00:00			`];`

			`i18n.defaultLocale = "en_GB.UTF-8";`

extract state version 2022-12-02 13:43:26 +00:00			`users.users."${username}" = {`
nixpkgs-fmt 2021-11-22 19:32:26 +00:00			`isNormalUser = true;`
Add new fonts 2022-03-08 15:45:44 +00:00			`extraGroups = [`
sort packages and groups 2022-08-20 00:00:50 +01:00			`"adbusers"`
add remote filesystem tools 2023-01-11 08:52:44 +00:00			`"davfs2"`
sort packages and groups 2022-08-20 00:00:50 +01:00			`"dialout"`
			`"docker"`
			`"libvirtd"`
			`"lp"`
Add new fonts 2022-03-08 15:45:44 +00:00			`"networkmanager"`
			`"scanner"`
			`"vboxusers"`
sort packages and groups 2022-08-20 00:00:50 +01:00			`"video"`
			`"wheel"`
Add new fonts 2022-03-08 15:45:44 +00:00			`"wireshark"`
			`];`
nixpkgs-fmt 2021-11-22 19:32:26 +00:00			`shell = pkgs.zsh;`
			`};`

reformat all files using alejandra 2023-08-13 17:00:41 +01:00			`networking.nameservers = ["9.9.9.9" "2620:fe::fe" "149.112.112.112" "2620:fe::9"];`
Add nameservers explicitly 2022-03-06 09:41:19 +00:00
reformat all files using alejandra 2023-08-13 17:00:41 +01:00			`networking.hosts = {"10.11.99.1" = ["remarkable"];};`
nixpkgs-fmt 2021-11-22 19:32:26 +00:00
			`programs.light.enable = true;`
			`programs.adb.enable = true;`
			`programs.wireshark.enable = true;`

make sure vpsfree ssh settings are widespread 2023-03-05 11:17:25 +00:00			`programs.ssh.extraConfig = ''`
			`Host vpsfree1 vpsfree1.cyplo.dev vpsfree1.raptor-carp.ts.net`
			`HostName vpsfree1`
			`Port 2222`
			`StrictHostKeyChecking=accept-new`
			`'';`

nixpkgs-fmt 2021-11-22 19:32:26 +00:00			`virtualisation.docker = {`
			`enable = true;`
			`autoPrune.enable = true;`
docker registry 2022-07-25 17:04:03 +01:00			`daemon.settings = {`
reformat all files using alejandra 2023-08-13 17:00:41 +01:00			`"insecure-registries" = ["vpsfree1.raptor-carp.ts.net:5000"];`
docker registry 2022-07-25 17:04:03 +01:00			`};`
nixpkgs-fmt 2021-11-22 19:32:26 +00:00			`};`

use new fonts 2022-03-08 15:50:45 +00:00			`fonts.fontconfig = {`
			`enable = true;`
reformat all files using alejandra 2023-08-13 17:00:41 +01:00			`defaultFonts.monospace = ["BerkeleyMono Nerd Font"];`
use new fonts 2022-03-08 15:50:45 +00:00			`};`

add tragicastle font 2023-04-15 13:02:24 +01:00			`fonts.fonts = with pkgs; [`
add koreader 2023-06-22 13:33:57 +01:00			`inconsolata`
add tragicastle font 2023-04-15 13:02:24 +01:00			`(fetchzip {`
			`url = "file://" + ./fonts/berkeley.tar.xz;`
NerdFont-ify default berkeley font 2023-06-21 09:54:10 +01:00			`sha256 = "sha256-nsDqdQikT65vJVMq7r2MAOxd3xqj8vJ0Ky2y9CfI/bg==";`
add tragicastle font 2023-04-15 13:02:24 +01:00			`})`
add tragicastle font 2023-04-15 17:01:31 +01:00			`(fetchzip {`
			`url = "file://" + ./fonts/tragicastle.tar.xz;`
			`sha256 = "sha256-AjvaPmjlyDjBDxeVp1A1yPin0FrwbBib87ywF4GHqS0=";`
add tragicastle font 2023-04-15 13:02:24 +01:00			`})`
			`];`
nixpkgs-fmt 2021-11-22 19:32:26 +00:00
			`nix = {`
upgrade to 22.11 2022-12-02 14:56:05 +00:00			`settings.auto-optimise-store = true;`
nixpkgs-fmt 2021-11-22 19:32:26 +00:00			`gc.automatic = true;`
			`optimise.automatic = true;`
			`package = pkgs.nixUnstable;`
			`extraOptions = ''`
			`experimental-features = nix-command flakes`
faster download stall detection 2022-12-25 17:42:42 +00:00			`stalled-download-timeout = 30`
nixpkgs-fmt 2021-11-22 19:32:26 +00:00			`'';`
			`};`
Add gnome shell extensions 2019-03-26 12:32:59 +00:00
reformat all files using alejandra 2023-08-13 17:00:41 +01:00			`system = {inherit stateVersion;};`
print diff on activation 2023-07-05 16:07:48 +01:00			`system.activationScripts.diff = ''`
			`${pkgs.nvd}/bin/nvd --nix-bin-dir=${pkgs.nix}/bin diff /run/current-system "$systemConfig"`
			`'';`
nixpkgs-fmt 2021-11-22 19:32:26 +00:00			`}`