formatted
This commit is contained in:
atagen
parent
ba1684c8d4
commit
737ca01e49
24 changed files with 468 additions and 411 deletions
|
|
@ -1,12 +1,16 @@
|
|||
|
||||
{ inputs, outputs, lib, config, pkgs, ... }:
|
||||
|
||||
# let
|
||||
{
|
||||
inputs,
|
||||
outputs,
|
||||
lib,
|
||||
config,
|
||||
pkgs,
|
||||
...
|
||||
}:
|
||||
# let
|
||||
# lemurs = callPackage ./system/syspkgs/lemurs.nix {};
|
||||
# ly = callPackage ./system/syspkgs/ly.nix {};
|
||||
# in
|
||||
{
|
||||
|
||||
nixpkgs = {
|
||||
overlays = [
|
||||
outputs.overlays.additions
|
||||
|
|
@ -15,50 +19,49 @@
|
|||
};
|
||||
|
||||
nix = {
|
||||
registry = lib.mapAttrs(_: value: { flake = value; }) inputs;
|
||||
registry = lib.mapAttrs (_: value: {flake = value;}) inputs;
|
||||
settings = {
|
||||
experimental-features = "nix-command flakes";
|
||||
};
|
||||
};
|
||||
|
||||
# imports = [
|
||||
# inputs.declarative-cachix
|
||||
# inputs.helix
|
||||
# inputs.declarative-cachix
|
||||
# inputs.helix
|
||||
# ];
|
||||
|
||||
|
||||
# cachix = [
|
||||
# "nix-community"
|
||||
# ];
|
||||
|
||||
|
||||
nix.extraOptions = ''
|
||||
keep-outputs = true
|
||||
keep-derivations = true
|
||||
'';
|
||||
|
||||
|
||||
systemd.services.NetworkManager-wait-online.enable = true;
|
||||
|
||||
environment.pathsToLink = [ "/share/zsh" ];
|
||||
environment.pathsToLink = ["/share/zsh"];
|
||||
|
||||
boot.loader.systemd-boot.consoleMode = "max";
|
||||
boot.loader.timeout = 3;
|
||||
|
||||
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.tmpOnTmpfs = true;
|
||||
|
||||
networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
|
||||
networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
|
||||
|
||||
time.timeZone = "Australia/Sydney";
|
||||
time.hardwareClockInLocalTime = true;
|
||||
|
||||
# Select internationalisation properties.
|
||||
i18n.defaultLocale = "en_AU.UTF-8";
|
||||
i18n.supportedLocales = [ "en_AU.UTF-8/UTF-8" ];
|
||||
i18n.supportedLocales = ["en_AU.UTF-8/UTF-8"];
|
||||
console = {
|
||||
font = "Lat2-Terminus16";
|
||||
useXkbConfig = true; # use xkbOptions in tty.
|
||||
font = "Lat2-Terminus16";
|
||||
useXkbConfig = true; # use xkbOptions in tty.
|
||||
};
|
||||
|
||||
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
hardware.opengl.enable = true;
|
||||
hardware.opengl.driSupport32Bit = true;
|
||||
|
|
@ -88,10 +91,9 @@
|
|||
|
||||
services.resolved = {
|
||||
enable = true;
|
||||
fallbackDns = [ "103.1.206.179" "168.138.8.38" "168.138.12.137" ];
|
||||
fallbackDns = ["103.1.206.179" "168.138.8.38" "168.138.12.137"];
|
||||
dnssec = "false";
|
||||
};
|
||||
|
||||
|
||||
# Enable sound.
|
||||
security.rtkit.enable = true;
|
||||
|
|
@ -109,12 +111,10 @@
|
|||
|
||||
programs.zsh.enable = true;
|
||||
users.defaultUserShell = pkgs.zsh;
|
||||
|
||||
|
||||
services.tailscale.enable = true;
|
||||
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
|
||||
rnix-lsp
|
||||
|
||||
tailscale
|
||||
|
|
@ -124,9 +124,9 @@
|
|||
|
||||
# helix
|
||||
ark
|
||||
|
||||
|
||||
curl
|
||||
|
||||
|
||||
git
|
||||
|
||||
zsh
|
||||
|
|
@ -137,53 +137,49 @@
|
|||
cachix
|
||||
|
||||
alejandra
|
||||
|
||||
];
|
||||
|
||||
# services.mullvad-vpn.enable = true;
|
||||
|
||||
networking.wg-quick.interfaces = {
|
||||
mullvad = {
|
||||
address = [ "10.67.227.64/32" ];
|
||||
dns = [ "10.64.0.1" ];
|
||||
address = ["10.67.227.64/32"];
|
||||
dns = ["10.64.0.1"];
|
||||
privateKey = "OOPAlePjy7x2DVpg6d7BoBqpST3lDJSYght185tSUl8=";
|
||||
peers = [
|
||||
{
|
||||
publicKey = "LXuRwa9JRTt2/UtldklKGlj/IVLORITqgET4II4DRkU=";
|
||||
allowedIPs = [ "0.0.0.0/0" ];
|
||||
allowedIPs = ["0.0.0.0/0"];
|
||||
endpoint = "146.70.200.194:51820";
|
||||
persistentKeepalive = 25;
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
networking.firewall.enable = true;
|
||||
networking.firewall = {
|
||||
trustedInterfaces = [ "tailscale0" ];
|
||||
trustedInterfaces = ["tailscale0"];
|
||||
checkReversePath = "loose";
|
||||
};
|
||||
|
||||
systemd.services.fixNetworkingForTailscale = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network.target" "mullvad-daemon.service" ];
|
||||
wantedBy = ["multi-user.target"];
|
||||
after = ["network.target" "mullvad-daemon.service"];
|
||||
description = "fix the damn routing table";
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
User = "root";
|
||||
ExecStart = ''${pkgs.bash}/bin/bash -c 'if [[ "$( ${pkgs.iproute2}/bin/ip rule | grep -e "62:.*52" | wc -l)" -eq 0 ]]; then ${pkgs.iproute2}/bin/ip rule add pref 62 table 52; fi'''';
|
||||
# ExecStop = ''${pkgs.iproute2}/bin/ip rule del pref 62 table 52'';
|
||||
ExecStart = '' ${pkgs.bash}/bin/bash -c 'if [[ "$( ${pkgs.iproute2}/bin/ip rule | grep -e "62:.*52" | wc -l)" -eq 0 ]]; then ${pkgs.iproute2}/bin/ip rule add pref 62 table 52; fi'''';
|
||||
# ExecStop = ''${pkgs.iproute2}/bin/ip rule del pref 62 table 52'';
|
||||
};
|
||||
};
|
||||
|
||||
security.pam.services.waylock = {
|
||||
text =''
|
||||
text = ''
|
||||
auth include login
|
||||
'';
|
||||
};
|
||||
|
||||
|
||||
system.stateVersion = "23.05"; # Did you read the comment? # lol no
|
||||
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue