rouven.seifert/nixos-config
1
1
Fork 0
mirror of https://git.sr.ht/~rouven/nixos-config synced 2024-11-15 05:13:10 +01:00
Code Issues Packages Projects Releases Wiki Activity
nixos-config/hosts/thinkpad/default.nix
Rouven Seifert 2281866548 ran deadnix
2024-09-10 13:12:09 +02:00

153 lines
3.8 KiB
Nix
Executable file
Raw Blame History

{ pkgs, ... }:
{
imports =
[
./hardware-configuration.nix
./modules/backup
./modules/graphics
./modules/greetd
./modules/networks
./modules/printing
./modules/security
./modules/sound
./modules/virtualisation
];
nix.settings.system-features = [ "gccarch-tigerlake" ];
systemd.additionalUpstreamSystemUnits = [
"soft-reboot.target"
"systemd-soft-reboot.service"
];
# Use the systemd-boot EFI boot loader.
boot = {
kernelModules = [ "v4l2loopback" ];
kernelPackages = pkgs.linuxPackages_latest;
# extraModulePackages = [
# config.boot.kernelPackages.v4l2loopback
# ];
# extraModprobeConfig = ''
# options v4l2loopback exclusive_caps=1 card_label="Virtual Camera"
# '';
tmp.useTmpfs = true;
};
environment.persistence."/nix/persist/system" = {
directories = [
"/etc/nixos" # bind mounted from /nix/persist/system/etc/nixos to /etc/nixos
"/etc/ssh"
"/etc/secureboot"
"/root/.ssh"
"/root/.borgmatic"
"/root/.local/share/zsh"
];
files = [
"/etc/machine-id"
];
};
time.timeZone = "Europe/Berlin";
i18n.defaultLocale = "en_US.UTF-8";
console.keyMap = "dvorak";
services.openldap = {
enable = true;
urlList = [ "ldap:///" ];
settings = {
attrs = {
olcLogLevel = "conns config";
};
children = {
"cn=schema".includes = [
"${pkgs.openldap}/etc/schema/core.ldif"
# attributetype ( 9999.1.1 NAME 'isMemberOf'
# DESC 'back-reference to groups this user is a member of'
# SUP distinguishedName )
"${pkgs.openldap}/etc/schema/cosine.ldif"
"${pkgs.openldap}/etc/schema/inetorgperson.ldif"
"${pkgs.openldap}/etc/schema/nis.ldif"
# "${pkgs.writeText "openssh.schema" ''
# attributetype ( 9999.1.2 NAME 'sshPublicKey'
# DESC 'SSH public key used by this user'
# SUP name )
# ''}"
];
"olcDatabase={1}mdb".attrs = {
objectClass = [ "olcDatabaseConfig" "olcMdbConfig" ];
olcDatabase = "{1}mdb";
olcDbDirectory = "/var/lib/openldap/data";
olcSuffix = "dc=ifsr,dc=de";
/* your admin account, do not use writeText on a production system */
olcRootDN = "cn=portunus,dc=ifsr,dc=de";
olcRootPW = "{CRYPT}$y$j9T$xdf4HigfhmQWXn.bw9MgH/$91evhYAV1GP7olNCkQoCpUZrghh5P8dDXcZdAtpiD32";
olcAccess = [
/* custom access rules for userPassword attributes */
''{0}to attrs=userPassword
by self write
by anonymous auth
by * none''
/* allow read on anything else */
''{1}to *
by * read''
];
};
};
};
};
services = {
envfs.enable = true; #usr/bin fixes
blueman.enable = true; # bluetooth
devmon.enable = true; # automount stuff
upower.enable = true;
fwupd.enable = true; # firmware updates
btrfs.autoScrub.enable = true;
mullvad-vpn = {
enable = true;
enableExcludeWrapper = false;
};
};
hardware.bluetooth = {
enable = true;
settings = {
General = {
Experimental = true;
};
};
};
services.logind = {
lidSwitch = "suspend-then-hibernate";
lidSwitchDocked = "suspend";
lidSwitchExternalPower = "suspend";
extraConfig = ''
HandlePowerKey = ignore
'';
};
services.tlp = {
enable = true;
settings = {
START_CHARGE_THRESH_BAT0 = 70;
STOP_CHARGE_THRESH_BAT0 = 90;
RESTORE_DEVICE_STATE_ON_STARTUP = 1;
};
};
documentation = {
dev.enable = true;
};
environment.systemPackages = [ pkgs.man-pages ];
system.stateVersion = "22.11";
}
Reference in a new issue View git blame Copy permalink