-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathconfiguration-common.nix
100 lines (80 loc) · 2.3 KB
/
configuration-common.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
# see `nixos-help`, https://nixos.org/nixos/options.html
# https://github.com/ghuntley/dotfiles-nixos/blob/master/configuration-common.nix
# Most of the configuration is in here. This configuration is common to both
# conventional NixOS installs (see nixos-install) and NixOS installed by
# Nixops. For configuration specific to conventional installs and Nixops
# installs, see ./configuration.nix and ./nixops.nix respectively.
{ config, lib, pkgs, ... }:
with lib;
{
imports = [
./services/default.nix
./profiles/applications/vim
./users/ayik.nix
];
# Allow proprietary software (such as the NVIDIA drivers).
nixpkgs.config.allowUnfree = true;
boot = {
# See console messages during early boot.
initrd.kernelModules = [ "fbcon" ];
# Disable console blanking after being idle.
kernelParams = [ "consoleblank=0" ];
# Clean /tmp on boot
cleanTmpDir = true;
};
# disable autoupgrade
system.autoUpgrade = {
enable = false;
};
# Nix
nix = {
extraOptions = ''
auto-optimise-store = true
'';
gc = {
automatic = true;
dates = "02:15";
options = "--delete-older-than 30d";
};
};
# Basic Security
security = {
# sudo
sudo.enable = true;
# restrict process info access to owning user
hideProcessInformation = true;
# wheel
pam.services.su.requireWheel = true;
};
# Disable displaying the NixOS manual in a virtual console.
services.nixosManual.showManual = false;
# Disable the infamous systemd screen/tmux killer
services.logind = {
lidSwitch = "suspend";
lidSwitchDocked = "ignore";
lidSwitchExternalPower = "ignore";
extraConfig = ''
HandlePowerKey=suspend
KillUserProcesses=no
'';
};
# Increase the amount of inotify watchers
# Note that inotify watches consume 1kB on 64-bit machines.
boot.kernel.sysctl = {
"fs.inotify.max_user_watches" = 1048576; # default: 8192
"fs.inotify.max_user_instances" = 1024; # default: 128
"fs.inotify.max_queued_events" = 32768; # default: 16384
};
time.timeZone = "Asia/Jakarta";
i18n = {
defaultLocale = "en_US.UTF-8";
};
console = {
font = "Lat2-Terminus16";
useXkbConfig = true;
};
programs.gnupg.agent = {
enable = false;
enableSSHSupport = false;
};
}