nix-config/configs/nixos/common.nix
2024-11-06 14:00:50 +01:00

74 lines
1.9 KiB
Nix

{
config,
pkgs,
inputs,
lib,
...
}: let
# hash for "nixos"
defaultPasswordHash = "$y$j9T$u0O3PELyRv3GOemCReQhA0$Qb4Sl6dXnafYwZeDYrJGwS4xp3v6vGriWFMYomHH2w3";
in {
nix = {
package = pkgs.nixVersions.stable;
extraOptions = ''
experimental-features = nix-command flakes
'';
optimise.automatic = true;
settings = {
auto-optimise-store = true;
trusted-users = ["root" "gabe"];
};
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
};
# Allow unfree packages
nixpkgs.config.allowUnfree = true;
time.timeZone = lib.mkDefault "Europe/Berlin";
# Select internationalisation properties.
i18n.defaultLocale = lib.mkDefault "en_US.UTF-8";
# Configure keymap in X11
services.xserver = {
xkb.layout = lib.mkDefault "us";
xkb.variant = lib.mkDefault "";
};
# packages that should be on every system.
environment.systemPackages = with pkgs; [
neovim
rsync
];
programs.zsh.enable = lib.mkDefault true;
environment.shells = lib.mkDefault [pkgs.zsh];
# if we arent setting our password from nix secrets, we need to allow changing it.
users.mutableUsers = !inputs ? nix-secrets;
users.users.${config.host.user} = {
isNormalUser = true;
hashedPassword =
if inputs ? nix-secrets
then (lib.removeSuffix "\n" (builtins.readFile "${inputs.nix-secrets}/password-hash"))
else defaultPasswordHash;
description = config.host.fullName;
shell = pkgs.zsh;
extraGroups = ["wheel"];
};
users.users.root.password =
if inputs ? nix-secrets
then (lib.removeSuffix "\n" (builtins.readFile "${inputs.nix-secrets}/password-hash"))
else defaultPasswordHash;
imports = [
../../modules/nixos
];
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = {inherit inputs;};
}