nixos-config/nixos/machines/cherry/configuration.nix

133 lines
3.1 KiB
Nix
Raw Normal View History

2023-12-17 13:06:57 +01:00
{ config, pkgs, lib, ... }:
{
imports = [
2023-12-17 19:17:59 +01:00
../../components
2024-03-03 14:56:49 +01:00
../../modules
2023-12-17 13:06:57 +01:00
2024-03-03 14:56:49 +01:00
./hardware-configuration
2023-12-17 13:06:57 +01:00
./syncthing.nix
./tinc.nix
./qemu.nix
./wireguard.nix
2023-12-28 16:40:53 +01:00
./37c3.nix
2024-05-14 22:36:08 +02:00
./telemetry/opentelemetry.nix
./telemetry/prometheus.nix
2024-05-15 01:31:07 +02:00
./telemetry/prometheus-exporter-node.nix
2024-05-14 22:36:08 +02:00
./telemetry/telegraf.nix
2023-12-17 13:06:57 +01:00
];
2023-12-17 16:17:28 +01:00
2023-12-17 19:05:25 +01:00
sops.secrets.pushover_user_key = { };
sops.secrets.pushover_api_key = { };
2023-12-17 16:17:28 +01:00
2023-12-17 13:06:57 +01:00
components.gui.enable = true;
components.mainUser.enable = true;
components.media.enable = true;
components.media.tts-client.enable = false;
components.network.enable = true;
2024-04-12 22:23:06 +02:00
components.network.sshd.sshguard.enable = false;
2023-12-17 13:06:57 +01:00
components.network.wifi.enable = true;
components.terminal.enable = true;
home-manager.users.mainUser.home.sessionPath = [ "$HOME/.timewarrior/scripts" ];
sops.secrets.yubikey_u2fAuthFile = { };
components.gui.taskwarrior.config = {
general = {
targets = [ "terranix" "my_github" ];
log_level = "INFO";
static_fields = [ "priority" ];
merge_annotations = false;
};
terranix = {
service = "github";
login = "mrVanDalo";
token = "@oracle:eval:${pkgs.pass}/bin/pass development/github/mrVanDalo/bugwarriorAccessToken";
username = "mrVanDalo";
default_priority = "";
description_template = "{{githubtitle}} {{githuburl}}";
add_tags = "github";
project_template = "terranix";
involved_issues = true;
query = "org:terranix is:open";
include_user_issues = false;
include_user_repos = false;
};
my_github = {
service = "github";
login = "mrVanDalo";
token = "@oracle:eval:${pkgs.pass}/bin/pass development/github/mrVanDalo/bugwarriorAccessToken";
username = "mrVanDalo";
description_template = "{{githubtitle}} {{githuburl}}";
add_tags = "github";
include_user_issues = true;
include_user_repos = true;
exclude_repos = [ "azubi" "csv-to-qif" "stepp0r" ];
};
# todo : add github issues
};
users.users.mainUser.extraGroups = [ "pipewire" ];
services.nginx.enable = true;
networking.hostName = "cherry";
# make sure battery is charged in a way to live for a long time
services.power-profiles-daemon.enable = false;
services.tlp = {
enable = true;
settings = {
CPU_BOOST_ON_BAT = 0;
CPU_SCALING_GOVERNOR_ON_BATTERY = "powersave";
START_CHARGE_THRESH_BAT0 = 30;
STOP_CHARGE_THRESH_BAT0 = 85;
RUNTIME_PM_ON_BAT = "auto";
};
};
security.wrappers = {
pmount = {
source = "${pkgs.pmount}/bin/pmount";
setuid = true;
owner = "root";
group = "root";
};
pumount = {
source = "${pkgs.pmount}/bin/pumount";
setuid = true;
owner = "root";
group = "root";
};
};
services.printing.enable = true;
virtualisation = {
docker.enable = true;
podman.enable = true;
virtualbox = {
host.enable = false;
guest.x11 = false;
guest.enable = false;
};
};
# for congress and streaming
hardware.opengl = {
enable = true;
};
system.stateVersion = "23.11";
}