foosinn/nix
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
nix/roles/base.nix
Stefan Schwarz 44ed4f7a5c fix lorri confi
2024-03-15 11:15:51 +01:00

185 lines
4.1 KiB
Nix
Raw Permalink Blame History

{ config, lib, pkgs, ... }:
let unstable = import <nixos-unstable> { };
in {
environment.systemPackages = with pkgs; [
acpi
aspell
aspellDicts.de
aspellDicts.en
bash
bash-completion
bat
borgbackup
curl
direnv
fd
file
fzf
git
gnupg
htop
jq
mtr
ncdu
nix-index
nload
nnn
ntfs3g
openssl
patchelf
pv
restic
ripgrep
starship
sysstat
tcpdump
tmux
unzip
wget
zoxide
(import ../packages/neovim.nix)
];
environment = {
etc = { "starship.toml".source = ../dotfiles/starship.toml; };
variables = {
BAT_THEME = "ansi";
EDITOR = "nvim";
STARSHIP_CONFIG = "/etc/starship.toml";
HISTCONTROL = "ignoreboth";
NIXOS_OZONE_WL = "y";
};
};
programs.bash = {
promptInit = ''
. <(starship init bash)
'';
interactiveShellInit = ''
if [ -f ~/.ssh/agent.env ] ; then
. ~/.ssh/agent.env > /dev/null
if ! kill -0 "$SSH_AGENT_PID" > /dev/null 2>&1; then
echo "Stale agent file found. Spawning a new agent. "
eval `ssh-agent | tee ~/.ssh/agent.env`
ssh-add
fi
else
echo "Starting ssh-agent"
eval `ssh-agent | tee ~/.ssh/agent.env`
ssh-add
fi
set_win_title() {
echo -ne "\033]0;$USER@$HOSTNAME: $PWD\007"
}
starship_precmd_user_func=set_win_title
. "$(fzf-share)/key-bindings.bash"
. "$(fzf-share)/completion.bash"
. <(zoxide init bash)
. <(direnv hook bash)
. ${pkgs.bash-completion}/etc/profile.d/bash_completion.sh
alias cat="bat -pp"
alias docker="sudo -g docker docker"
alias docker-compose="sudo -g docker docker-compose"
alias less="bat -p"
alias ls="ls --color=auto"
alias vim="nvim"
alias k="kubectl"
alias n="nix-shell -p"
alias nu="nix-shell -I nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos-unstable -p"
sink() {
VAULT_TOKEN=$(vault token lookup -format=json | jq -r .data.id) \
ENVIRONMENTS=staging \
~/git/bitsbeats/vault-sink/sink
}
vsink() {
if ! grep -q /values.yaml .gitignore; then
echo refusing to sink with missing gitignore
return 1
fi
sink < ./helm/*/values.yaml > ./values.yaml
}
for script in "$HOME"/dotfiles/bashrc/*.sh; do
. "$script"
done
if [[ -z $DISPLAY ]] \
&& [[ $(tty) = /dev/tty1 ]] \
&& [[ "$USER" = "stefan" ]] \
&& [[ -x /run/current-system/sw/bin/startsway ]]
then
exec startsway
fi
'';
shellAliases = {
cat = "bat -pp";
less = "bat -p";
ls = "ls --color=auto";
vim = "nvim";
};
};
users.users.stefan = {
extraGroups = [ "wheel" "dialout" "libvirtd" "input" ];
home = "/home/stefan";
isNormalUser = true;
uid = 1000;
};
security.sudo.extraConfig = ''
Defaults timestamp_timeout=5
Defaults env_keep+=SSH_AUTH_SOCK
'';
services.fwupd.enable = true;
services.resolved.enable = true;
services.lorri.enable = true;
systemd.user.services.lorri.serviceConfig = {
ProtectSystem = pkgs.lib.mkForce "full";
ProtectHome = pkgs.lib.mkForce false;
};
security.wrappers.gvfsd-nfs = {
source = "${pkgs.gnome.gvfs}/libexec/gvfsd-nfs";
owner = "nobody";
group = "nogroup";
capabilities = "cap_net_bind_service+ep";
};
services.gvfs = {
enable = true;
package = lib.mkForce (pkgs.gnome.gvfs.overrideAttrs (oldAttrs: {
postInstall = ''
ln -sf /run/wrappers/bin/gvfsd-nfs $out/libexec/gvfsd-nfs
'';
}));
};
services.zfs.autoSnapshot = {
enable = true;
frequent = 8;
monthly = 6;
};
i18n = {
defaultLocale = "en_US.UTF-8";
extraLocaleSettings = {
LC_TIME = "de_DE.UTF-8";
LC_NUMERIC = "de_DE.UTF-8";
LC_PAPER = "de_DE.UTF-8";
LC_MONETARY = "de_DE.UTF-8";
LC_MEASUREMENT = "de_DE.UTF-8";
LC_NAME = "de_DE.UTF-8";
LC_TELEPHONE = "de_DE.UTF-8";
LC_IDENTIFICATION = "de_DE.UTF-8";
};
};
}
Reference in a new issue View git blame Copy permalink