sstent/vmimages
1
0
Fork 0
mirror of https://github.com/sstent/vmimages.git synced 2026-01-25 14:41:44 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
197b1df047fc98461a822295f39b86c2a00da7b3
vmimages/hosts/common.nix
sstent 8062539971 sync
2024-01-25 00:57:20 +00:00

108 lines
2.8 KiB
Nix
Raw Blame History

# This file (and the global directory) holds config that i use on all hosts
{
lib,
inputs,
outputs,
pkgs,
config,
...
}: {
imports =
[
inputs.home-manager.nixosModules.home-manager
inputs.sops-nix.nixosModules.sops
]
++ (builtins.attrValues outputs.nixosModules);
###dotfiles path variable
options._dotfiles = lib.mkOption {
type = lib.types.str;
default = "${inputs.self}/home-manager/dotfiles";
description = "Path to the dotfiles in this repository";
};
###secrets path variable
options._secrets = lib.mkOption {
type = lib.types.str;
default = "/run/user/1000/secrets";
description = "Path to the Secrets runtime";
};
###secretstore path variable
options._secretstore = lib.mkOption {
type = lib.types.str;
default = "${inputs.self}/secrets";
description = "Path to the Secrets storage";
};
config = {
system.stateVersion = "23.05";
sops = {
defaultSopsFile = "${config._secretstore}/host-secrets.yaml";
age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"];
};
home-manager = {
useUserPackages = true;
extraSpecialArgs = {inherit inputs outputs;};
sharedModules = [
inputs.sops-nix.homeManagerModules.sops
];
};
nixpkgs.config.allowUnfree = true;
programs.fuse.userAllowOther = true;
security.sudo.wheelNeedsPassword = false;
virtualisation.docker.enable = true;
nixpkgs.overlays = builtins.attrValues outputs.overlays;
# nixpkgs.overlays = [
# outputs.overlays.unstable-packages
# outputs.overlays.modifications
# outputs.overlays.additions
# ];
# Enable nix flakes
nix.package = pkgs.nixFlakes;
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
nix.nixPath = ["nixpkgs=${inputs.nixpkgs}"];
# nix.nixPath = [ "nixpkgs=pkgs.outPath" ];
networking.search = ["node.dc1.consul" "service.dc1.consul"];
networking.nameservers = ["192.168.1.1" "1.1.1.1"];
# Enable networking
networking.networkmanager.enable = true;
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "en_US.UTF-8";
LC_IDENTIFICATION = "en_US.UTF-8";
LC_MEASUREMENT = "en_US.UTF-8";
LC_MONETARY = "en_US.UTF-8";
LC_NAME = "en_US.UTF-8";
LC_PAPER = "en_US.UTF-8";
LC_TELEPHONE = "en_US.UTF-8";
};
#services.envfs.enable = true;
environment.systemPackages = [
pkgs.git
pkgs.home-manager
pkgs.sops
pkgs.ssh-to-age
pkgs.age
pkgs.bitwarden-cli
# pkgs.unstable.nano
];
nix.gc = {
automatic = true; # Enable the automatic garbage collector
dates = "03:15"; # When to run the garbage collector
options = "-d"; # Arguments to pass to nix-collect-garbage
};
};
}
Reference in New Issue View Git Blame Copy Permalink