nixos-config/nixos/machines/cream/configuration.nix
2024-05-31 21:02:22 +02:00

144 lines
3.5 KiB
Nix

{ config, pkgs, lib, ... }:
{
imports = [
../../components
../../modules
./hardware-configuration.nix
./syncthing.nix
./tinc.nix
./tinc_retiolum.nix
./qemu.nix
./wireguard.nix
./borg.nix
];
system.stateVersion = "22.11";
sops.secrets.pushover_user_key = { };
sops.secrets.pushover_api_key = { };
# Use the systemd-boot EFI boot loader, not grub
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.tmp.useTmpfs = true; # make /tmp a tmpfs (performance!)
components.gui.enable = true;
components.gui.xorg.enable = true;
components.gui.wayland.enable = false;
components.mainUser.enable = true;
components.media.enable = true;
components.media.tts-client.enable = false;
components.network.enable = true;
components.network.wifi.enable = true;
components.terminal.enable = true;
components.monitor.enable = true;
components.monitor.opentelemetry.exporter.endpoint = "10.100.0.1:4317"; # orbi
components.monitor.exporters.zfs.enable = false;
home-manager.users.mainUser.home.sessionPath = [ "$HOME/.timewarrior/scripts" ];
home-manager.users.mainUser.bugwarrior.config = {
general = {
targets = [ "terranix" "my_github" ];
log_level = "INFO";
static_fields = [ "priority" ];
merge_annotations = false;
};
terranix = {
service = "github";
login = "mrVanDalo";
token = "@oracle:eval:${pkgs.pass}/bin/pass development/github/mrVanDalo/bugwarriorAccessToken";
username = "mrVanDalo";
default_priority = "";
description_template = "{{githubtitle}} {{githuburl}}";
add_tags = "github";
project_template = "terranix";
involved_issues = true;
query = "org:terranix is:open";
include_user_issues = false;
include_user_repos = false;
};
my_github = {
service = "github";
login = "mrVanDalo";
token = "@oracle:eval:${pkgs.pass}/bin/pass development/github/mrVanDalo/bugwarriorAccessToken";
username = "mrVanDalo";
description_template = "{{githubtitle}} {{githuburl}}";
add_tags = "github";
include_user_issues = true;
include_user_repos = true;
exclude_repos = [ "azubi" "csv-to-qif" "stepp0r" ];
};
# todo : add github issues
};
users.users.mainUser.extraGroups = [ "pipewire" ];
services.nginx.enable = true;
networking.hostName = "cream";
#services.flatpak.enable = true;
# make sure battery is charged in a way to live for a long time
services.power-profiles-daemon.enable = false;
services.tlp = {
enable = true;
settings = {
CPU_BOOST_ON_BAT = 0;
CPU_SCALING_GOVERNOR_ON_BATTERY = "powersave";
START_CHARGE_THRESH_BAT0 = 30;
STOP_CHARGE_THRESH_BAT0 = 85;
RUNTIME_PM_ON_BAT = "auto";
};
};
security.wrappers = {
pmount = {
source = "${pkgs.pmount}/bin/pmount";
setuid = true;
owner = "root";
group = "root";
};
pumount = {
source = "${pkgs.pmount}/bin/pumount";
setuid = true;
owner = "root";
group = "root";
};
};
services.printing.enable = true;
virtualisation = {
docker.enable = true;
podman.enable = true;
virtualbox = {
host.enable = false;
guest.enable = false;
};
};
samba-share = {
enable = false;
folders = {
share = "/home/share";
video = "/home/video-material";
};
};
# for congress and streaming
hardware.opengl = {
enable = true;
};
}