diff options
Diffstat (limited to 'profiles')
-rw-r--r-- | profiles/core.nix | 14 | ||||
-rw-r--r-- | profiles/gentoo.nix | 44 | ||||
-rw-r--r-- | profiles/graphical.nix | 10 | ||||
-rw-r--r-- | profiles/network.nix | 23 | ||||
-rw-r--r-- | profiles/security.nix | 12 | ||||
-rw-r--r-- | profiles/ssh.nix | 10 | ||||
-rw-r--r-- | profiles/user.nix | 4 |
7 files changed, 71 insertions, 46 deletions
diff --git a/profiles/core.nix b/profiles/core.nix index 5f48baa..1cd8ab5 100644 --- a/profiles/core.nix +++ b/profiles/core.nix @@ -1,6 +1,10 @@ -{ pkgs, lib, config, inputs, ... }: - { + pkgs, + lib, + config, + inputs, + ... +}: { imports = [ ../profiles/security.nix ../profiles/network.nix @@ -23,10 +27,10 @@ users.mutableUsers = false; environment.defaultPackages = lib.mkForce []; - age.identityPaths = [ "/nix/persist/etc/ssh/ssh_host_ed25519_key" ]; + age.identityPaths = ["/nix/persist/etc/ssh/ssh_host_ed25519_key"]; programs.command-not-found.dbPath = inputs.programsdb.packages.${pkgs.system}.programs-sqlite; # save uid/guid - environment.persistence."/nix/persist".directories = [ "/var/lib/nixos" ]; + environment.persistence."/nix/persist".directories = ["/var/lib/nixos"]; }; -} \ No newline at end of file +} diff --git a/profiles/gentoo.nix b/profiles/gentoo.nix index 9755fd8..337a306 100644 --- a/profiles/gentoo.nix +++ b/profiles/gentoo.nix @@ -1,6 +1,10 @@ -{ pkgs, lib, config, inputs, ... }: - { + pkgs, + lib, + config, + inputs, + ... +}: { imports = []; config = { nix.binaryCaches = [ @@ -11,21 +15,23 @@ nix.binaryCachePublicKeys = [ "gravity.cs.illinois.edu-1:yymmNS/WMf0iTj2NnD0nrVV8cBOXM9ivAkEdO1Lro3U=" ]; - - nativeStdenv = prev.stdenvAdapters.withCFlags [ "-O3" "-pipe" "-march=native" ] - (prev.overrideCC prev.llvmPackages_latest.stdenv - (prev.wrapCCWith rec { - cc = prev.llvmPackages_latest.clang-unwrapped; - bintools = (final.wrapBintoolsWith { - coreutils = final.uutils-coreutils; - libc = final.musl; - bintools = final.binutils-unwrapped.overrideAttrs - (old: { - postInstall = '' - ln -sf ${final.mold}/bin/mold $out/bin/ld - ''; - }); - }); - })); + + nativeStdenv = + prev.stdenvAdapters.withCFlags ["-O3" "-pipe" "-march=native"] + (prev.overrideCC prev.llvmPackages_latest.stdenv + (prev.wrapCCWith rec { + cc = prev.llvmPackages_latest.clang-unwrapped; + bintools = final.wrapBintoolsWith { + coreutils = final.uutils-coreutils; + libc = final.musl; + bintools = + final.binutils-unwrapped.overrideAttrs + (old: { + postInstall = '' + ln -sf ${final.mold}/bin/mold $out/bin/ld + ''; + }); + }; + })); }; -} \ No newline at end of file +} diff --git a/profiles/graphical.nix b/profiles/graphical.nix index f3bff3a..a4fa0cd 100644 --- a/profiles/graphical.nix +++ b/profiles/graphical.nix @@ -1,6 +1,10 @@ -{ pkgs, lib, config, inputs, ... }: - { + pkgs, + lib, + config, + inputs, + ... +}: { config = { home-manager.users.tzlil = {...}: { fonts.fontconfig.enable = true; @@ -31,4 +35,4 @@ # }; }; }; -} \ No newline at end of file +} diff --git a/profiles/network.nix b/profiles/network.nix index 40e31cc..461106f 100644 --- a/profiles/network.nix +++ b/profiles/network.nix @@ -1,6 +1,10 @@ -{ pkgs, lib, config, inputs, ... }: - { + pkgs, + lib, + config, + inputs, + ... +}: { imports = []; config = { networking = { @@ -14,13 +18,12 @@ useDHCP = false; nameservers = ["127.0.0.1" "::1"]; networkmanager.dns = "none"; - extraHosts = - '' - 100.99.246.128 pc - 100.105.242.70 phone - 100.109.155.123 vm - 100.67.217.90 vps - ''; + extraHosts = '' + 100.99.246.128 pc + 100.105.242.70 phone + 100.109.155.123 vm + 100.67.217.90 vps + ''; }; # Don't wait for network startup @@ -54,4 +57,4 @@ StateDirectory = "dnscrypt-proxy"; }; }; -} \ No newline at end of file +} diff --git a/profiles/security.nix b/profiles/security.nix index e28431b..8ca89e3 100644 --- a/profiles/security.nix +++ b/profiles/security.nix @@ -1,6 +1,10 @@ -{ pkgs, lib, config, inputs, ... }: - { + pkgs, + lib, + config, + inputs, + ... +}: { imports = []; config = { security.auditd.enable = true; @@ -60,8 +64,8 @@ boot.kernel.sysctl."net.ipv4.conf.default.send_redirects" = false; security.chromiumSuidSandbox.enable = true; - + security.sudo.execWheelOnly = true; security.sudo.extraConfig = "Defaults lecture = never"; }; -} \ No newline at end of file +} diff --git a/profiles/ssh.nix b/profiles/ssh.nix index 49917f9..5a62fe2 100644 --- a/profiles/ssh.nix +++ b/profiles/ssh.nix @@ -1,6 +1,10 @@ -{ pkgs, lib, config, inputs, ... }: - { + pkgs, + lib, + config, + inputs, + ... +}: { config = { services.openssh = { enable = true; @@ -33,4 +37,4 @@ ]; }; }; -} \ No newline at end of file +} diff --git a/profiles/user.nix b/profiles/user.nix index 7f0ec8b..637c15d 100644 --- a/profiles/user.nix +++ b/profiles/user.nix @@ -41,7 +41,7 @@ backupFileExtension = "backup"; }; - home-manager.users.tzlil = {pkgs, ...}@hm: { + home-manager.users.tzlil = {pkgs, ...} @ hm: { home = { stateVersion = "22.05"; username = "tzlil"; @@ -56,4 +56,4 @@ }; }; }; -} \ No newline at end of file +} |