-
Notifications
You must be signed in to change notification settings - Fork 0
/
standard.nix
160 lines (149 loc) · 3.65 KB
/
standard.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
{ config, pkgs, ... }:
{
# Select internationalisation properties.
console.font = "Lat2-Terminus16";
#console.keyMap = "dvorak";
i18n.defaultLocale = "en_US.UTF-8";
console.useXkbConfig = true;
services.xserver = {
xkb = {
layout = "us";
variant = "dvorak";
options = "ctrl:nocaps, terminate:ctrl_alt_bksp, compose:ralt";
};
autoRepeatDelay = 160;
autoRepeatInterval = 45;
};
# Set your time zone.
time.timeZone = "America/Chicago";
environment.systemPackages = with pkgs; [
wget
vim
screen
powertop
htop
lsof
psmisc
pwgen
traceroute
tree
tcpdump
zip
unzip
pciutils
ethtool
sdparm
lsscsi
rlwrap
file
usbutils
bsdgames
fping
hdparm
iotop
finger_bsd
openssl
inetutils
smartmontools
sysstat
beep
numactl
# unar
sg3_utils
nvme-cli
ddrescue
rsync
strace
elfutils
dmidecode
lshw
hwinfo
neofetch # Pretty system info display
memtester
fio
cryptsetup
btrfs-progs
xfsprogs
lynx
w3m
git
git-annex
ack
binutils
ocaml
ripgrep # rg
du-dust # more graphical du / less graphical fsv
fd # faster find alternative
hyperfine # cmdline benchmarking tool
rxvt-unicode-unwrapped.terminfo
linuxPackages.bcc
mkpasswd
lm_sensors
s-tui
stress
pv # monitor the progress of data through a pipe
iperf # network bandwidth measurement tool
nvd # NixOS diff tool
];
# Set $WORDLIST to a reasonable equivalent to /usr/share/dict/words
# https://github.com/NixOS/nixpkgs/issues/16545#issuecomment-1050281281
environment.wordlist.enable = true;
# Default changed in 5a5db609e5bd83bc589f36eef394f3ad172d6648 and 9df79de1a115920bd96a7d4e66bc3782865c8146
programs.command-not-found.enable = true;
programs.mtr.enable = true;
services.netdata.enable = true;
services.tailscale.enable = true;
# Strict reverse path filtering breaks Tailscale exit node use and some subnet routing setups.
networking.firewall.checkReversePath = "loose";
# Define a user account. Don't forget to set a password with ‘passwd’.
users.extraUsers = {
ivan = {
isNormalUser = true;
uid = 1000;
extraGroups = [ "cdrom" "plugdev" ];
};
aij = {
isNormalUser = true;
uid = 1001;
# If you crack this, let me know and I will send you a cookie. ;)
initialHashedPassword = "$6$rounds=999999$aijinitialpass$DKAI93olFt5z4AKpcXK/QiQBqqPU1pHbG8.zMCnzbeGRhsss/WTUTE2azNsTBk3t0tuRdm6aGsuCC7/e/BnBe1";
};
ijager = {
isNormalUser = true;
uid = 1002;
};
bob = {
isNormalUser = true;
uid = 1003;
};
ljager = {
isNormalUser = true;
uid = 1004;
};
duff = {
isNormalUser = true;
uid = 1098;
};
lshelby = {
isNormalUser = true;
uid = 1099;
description = "Leonard Shelby";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDTGD3FImr4dsW6pmGT5muMDjEoOTPMxxvhwWMMyAcpC ivan@tobati"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIORLMYgWkpO8Psfx9cI/kLtgrxo7M4sbgBL/4wNKQDvL ivan@ita"
];
};
};
nix.daemonCPUSchedPolicy = "batch";
nix.settings = {
sandbox = true;
trusted-users = [ "bob" ];
experimental-features = [ "nix-command" "flakes" ];
};
# pcspkr won't load automatically because it is blacklisted by
# /etc/modprobe.d/ubuntu.conf
# TODO: Patch/override pkgs.kmod-blacklist-ubuntu instead?
boot.kernelModules = [ "pcspkr" ];
boot.loader.grub.configurationLimit = 10;
boot.loader.systemd-boot.configurationLimit = 10;
}