alisceon/nixos_config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
nixos_config/nixos/modules/base.nix
alisceon 9cb871275a vibed improved gc
2026-05-24 17:15:28 +02:00

243 lines
6.7 KiB
Nix
Raw Blame History

{ config, pkgs, lib, repoLocalPath, ... }:
let
autoUpgradeUser = "alisceon";
flakeRef = "path:${repoLocalPath}";
devFlakeGarbageCollect = pkgs.writeShellApplication {
name = "dev-flake-garbage-collect";
runtimeInputs = [
pkgs.coreutils
pkgs.findutils
pkgs.gnugrep
];
text = builtins.readFile ../../util/dev_flake_gc.sh;
};
in
{
boot = {
kernelPackages = lib.mkDefault pkgs.linuxPackages_latest;
kernel.sysctl = {
"net.ipv4.ip_unprivileged_port_start" = 0;
};
initrd = {
network = {
ssh.shell = pkgs.bash;
};
};
};
security.sudo-rs.enable = true;
system.stateVersion = "24.05";
system.autoUpgrade = {
enable = true;
persistent = true;
flake = flakeRef;
upgrade = false;
flags = [
"--print-build-logs"
"--no-write-lock-file"
];
dates = "03:40";
fixedRandomDelay = true;
randomizedDelaySec = "2h";
runGarbageCollection = true;
};
systemd = {
services = {
nixos-upgrade.preStart = ''
${pkgs.util-linux}/bin/runuser -u ${autoUpgradeUser} -- ${lib.getExe config.nix.package} flake update --flake ${lib.escapeShellArg flakeRef}
'';
dev-flake-garbage-collect = {
description = "Remove stale development flake caches and build symlinks";
wants = [ "nix-gc.service" ];
before = [ "nix-gc.service" ];
serviceConfig = {
Type = "oneshot";
ExecStart = lib.getExe devFlakeGarbageCollect;
Nice = 10;
IOSchedulingClass = "idle";
};
};
};
timers.dev-flake-garbage-collect = {
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "weekly";
Persistent = true;
RandomizedDelaySec = "3h";
};
};
};
nix = {
settings = {
experimental-features = [ "nix-command" "flakes" ];
auto-optimise-store = true;
min-free = 1024 * 1024 * 1024;
max-free = 5 * 1024 * 1024 * 1024;
trusted-users = [ "root" "alisceon" ];
};
gc = {
automatic = true;
persistent = true;
dates = "weekly";
randomizedDelaySec = "2h";
options = "--delete-older-than 14d";
};
registry = {
templates.to = {
type = "git";
url = "git+ssh://git@git.malice.zone/alisceon/devenv_templates.git";
};
nixpkgs.to = {
type = "github";
owner = "NixOS";
repo = "nixpkgs";
ref = "nixos-25.11";
};
nixpkgs-stable.to = {
type = "github";
owner = "NixOS";
repo = "nixpkgs";
ref = "nixos-25.11";
};
};
};
boot.loader.systemd-boot.configurationLimit = lib.mkDefault 10;
console.keyMap = "sv-latin1";
networking.networkmanager.enable = true;
time.timeZone = "Europe/Stockholm";
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "sv_SE.UTF-8";
LC_IDENTIFICATION = "sv_SE.UTF-8";
LC_MEASUREMENT = "sv_SE.UTF-8";
LC_MONETARY = "sv_SE.UTF-8";
LC_NAME = "sv_SE.UTF-8";
LC_NUMERIC = "sv_SE.UTF-8";
LC_PAPER = "sv_SE.UTF-8";
LC_TELEPHONE = "sv_SE.UTF-8";
LC_TIME = "sv_SE.UTF-8";
};
environment = {
systemPackages = with pkgs; [
libressl
git
wget
curl
btop
ripgrep
fd
nh
jq
ncdu
pciutils
usbutils
tree
fzf
psmisc
pv
file
nix-tree
unzip
lsd
bash
nushell
fish
powershell
python3
python3Packages.python-lsp-server
podman
nixd
];
shells = with pkgs; [
bash
nushell
fish
powershell
xonsh
];
etc."current-system-packages".text =
let
packages = builtins.map (p: "${p.name}:\t${p}") config.environment.systemPackages;
sortedUnique = builtins.sort builtins.lessThan (pkgs.lib.lists.unique packages);
in
pkgs.lib.strings.concatLines sortedUnique;
};
virtualisation = {
libvirtd = {
enable = true;
qemu.swtpm.enable = true;
};
containers.enable = true;
docker.enable = true;
podman = {
enable = true;
dockerCompat = false;
defaultNetwork.settings.dns_enabled = true;
};
oci-containers.backend = "podman";
};
users = {
defaultUserShell = pkgs.bash;
groups.docker = { };
users.alisceon = {
isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" "podman" "docker" "libvirtd" ];
shell = pkgs.xonsh;
openssh.authorizedKeys.keys = [
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPN1Cd2UlHo03Jqgi5Yb4io/3gh/X4wCb8LcmKlpAovQa271CKDBtYOUKn+Fts03g6dBMfaWMty6VGPMGDMONmc= alisceon@electra"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCvRYyYjN8z0yoPrHtaTQXY0iEtPl79K6/uXVceuS+31JGjRnqJjuDYg6KxAykGSfhercNdAJ2BTYJRGpMsW0Xn7+iq07TItcjJjERm7rjQZko4vauS62NdnV6BEG+6ktasb9CcepzwoRkLEXQOad3XbLbo0V2sj6uI5Rgq2Cfh6f9x1E1DJ87o6Ngkm+vQzdv4NYeya/O4vuoAw6BNhp4vyr9k+0K+TRLjflYPUwtb8U/agoYI5RoLZMa6eBKdPbLVYyahpMlYjHwr90H4c9veHliILcDSA8h6upcXSDwZiCPyu6cI4zRbzGQVg84iLmIs5ocMWsnuDQbqn5iM3BTV37atnTPI3O2C9WBxuOaGpk4C338V0CAfTo6GG/OSaFzfLBFE29nY6uXcCPH7KiDpig0naVWlpHZhED5OQRoSXBeyu4BgadV6eZ43HOcdbOAqbLcB1nvkKPi52Vj+JqwS8zIjQpipX22Trx2u4ike99ijeK6/XeoTnEAcUS0fcYQ0FDqqfLmr/HuxkEQ2NZF0sFFqVGUlpVJMFblNOH4L8A2kApnsrmlxnlVE+r0tTnnnK5tfCpyou/LPDM+4TzGw2nV2cwsZKbGaHvMM/qIvVva90mTcYfuDvGB10eQ2P9tN1TIjseONVLDVKNjNGzDBFY4RMeMJOWWQy0aBh0FP5Q== user@hannah.afk"
];
};
};
programs = {
command-not-found.enable = true;
fzf.fuzzyCompletion = true;
xonsh = {
enable = true;
extraPackages = ps: with ps; [
pyperclip
xonsh.xontribs.xonsh-direnv
pkgs.nur.repos.xonsh-xontribs.xontrib-fish-completer
pkgs.nur.repos.xonsh-xontribs.xontrib-abbrevs
pkgs.nur.repos.xonsh-xontribs.xontrib-clp
pkgs.nur.repos.xonsh-xontribs.xontrib-bashisms
(
ps.buildPythonPackage
rec {
name = "xontrib-fzf-completions";
version = "v0.0.2";
format = "pyproject";
nativeBuildInputs = [ ps.setuptools ps.setuptools-scm ps.wheel ];
propagatedBuildInputs = [ ps.xonsh ];
src = pkgs.fetchFromGitHub {
owner = "doronz88";
repo = "${name}";
rev = "${version}";
sha256 = "sha256-1z5xHX4Psevn8686QkwIzv/LOJ5IMJc2nQ5Hg/2svTc=";
};
meta = {
homepage = "https://github.com/doronz88/xontrib-fzf-completions";
description = "fuzzy completions for xonsh";
license = pkgs.lib.licenses.mit;
maintainers = [ ];
};
}
)
];
config = builtins.readFile ../../home/conf/xonsh/xonshrc;
};
};
}
Reference in a new issue View git blame Copy permalink