john/ad-nix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
07d1bd6e06406ec3b150b1bf393093c20d840f32
ad-nix/configuration.nix
John Lancaster 07d1bd6e06 moved gh
2025-04-04 01:04:23 -05:00

79 lines
2.3 KiB
Nix
Raw Blame History

{ pkgs, lib, userSettings, systemSettings, ... }:
{
imports = [
(import ./home-manager {inherit systemSettings userSettings lib pkgs;})
./nixos
./scripts
];
system.stateVersion = systemSettings.stateVersion;
time.timeZone = "${systemSettings.timeZone}";
nix.settings.trusted-users = [ "root" "@wheel" ];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nix.settings.download-buffer-size = 524288000; # 500MB
programs.nix-ld.enable = true;
sops.defaultSopsFile = ./secrets/encrypted_secrets.yaml;
sops.defaultSopsFormat = "yaml";
# This is needed for nix to access the secrets at build time.
# It doesn't affect for the `sops ...` command
# Optional if the system has the key age for /etc/ssh/ssh_host_ed25519_key in .sops.yaml
# sops.age.keyFile = "${userSettings.adHome}/.config/sops/age/keys.txt";
environment.systemPackages = with pkgs; [
bash
git
eza
sops
gdbm
];
virtualisation.docker.enable = true;
virtualisation.oci-containers.backend = "docker";
services.vscode-server.enable = true;
services.openssh.enable = true;
services.tailscale.enable = true;
services.cron = {
enable = true;
systemCronJobs = [
"30 2 * * * /run/current-system/sw/bin/nfsu > /etc/nixos/auto_update.log 2>&1"
];
};
# systemd.timers."auto-update" = {
# wantedBy = [ "timers.target" ];
# timerConfig = {
# OnCalendar="*-*-* 4:00:00";
# Unit = "auto-update.service";
# };
# };
# systemd.services."auto-update" = {
# script = ''
# ${pkgs.coreutils}/bin/echo "Running auto-update"
# FLAKE=$(${pkgs.coreutils}/bin/readlink -f /etc/nixos)
# ${pkgs.coreutils}/bin/echo "FLAKE: $FLAKE"
# ${pkgs.nix}/bin/nix flake update --flake $FLAKE --impure
# ${pkgs.git}/bin/git -C $FLAKE add "$FLAKE/flake.lock" > /dev/null 2>&1
# ${pkgs.sudo}/bin/sudo ${pkgs.nixos-rebuild}/bin/nixos-rebuild switch --flake $FLAKE#${systemSettings.hostName} --impure
# '';
# serviceConfig = {
# Type = "oneshot";
# User = "${userSettings.userName}";
# };
# };
# https://nixos.wiki/wiki/Storage_optimization
nix.gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 30d";
};
nix.optimise.automatic = true;
nix.optimise.dates = [ "Mon *-*-* 05:00:00" ];
}
Reference in New Issue View Git Blame Copy Permalink