nix-config-tn/nixos/profiles/global.nix

{ config, lib, pkgs, imports, modulesPath, ... }:

with lib;
{
  # Generated by nixos-config-generate
  imports =
    [
      (modulesPath + "/installer/scan/not-detected.nix")
    ];

  mySystem = {

    # basics for all devices
    time.timeZone = "Australia/Melbourne";
    security.increaseWheelLoginLimits = true;
  };

  i18n = {
    defaultLocale = lib.mkDefault "en_AU.UTF-8";
  };

  # TODO refactor this shit out wow
  nix = {
    settings = {
      trusted-substituters = [
        "https://nix-community.cachix.org"
        "https://numtide.cachix.org"
      ];

      trusted-public-keys = [
        "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
        "numtide.cachix.org-1:2ps1kLBUWjxIneOy1Ik6cQjb41X0iXVXeHigGmycPPE="
      ];

      trusted-users = [ "root" "@wheel" ];

      # hardlink duplicates of builds
      auto-optimise-store = lib.mkDefault true;


      # Fallback quickly if substituters are not available.
      connect-timeout = 5;

      # Enable flakes
      experimental-features = [
        "nix-command"
        "flakes"
      ];

      warn-dirty = false;

      # The default at 10 is rarely enough.
      log-lines = lib.mkDefault 25;

      # Avoid copying unnecessary stuff over SSH
      builders-use-substitutes = true;
    };

    # automatically garbage collect nix store
    gc = {
      # garbage collection
      automatic = true;
      options = "--delete-older-than 30d";
      persistent = true;
    };

  };

  # SOPS settings
  # https://github.com/Mic92/sops-nix

  sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];


  nixpkgs = {
    # Configure your nixpkgs instance
    config = {
      # Disable if you don't want unfree packages
      allowUnfree = true;
    };
  };

  system = {
    # Enable printing changes on nix build etc with nvd
    activationScripts.report-changes = ''
      PATH=$PATH:${lib.makeBinPath [ pkgs.nvd pkgs.nix ]}
      nvd diff $(ls -dv /nix/var/nix/profiles/system-*-link | tail -2)
    '';
    # Do not change unless you know what you are doing
    stateVersion = "23.11"; # THERE BE DRAGONS
  };

  networking.useDHCP = lib.mkDefault true;

  environment.systemPackages = with pkgs; [
    jq
    yq
    btop
    vim
    git
    dnsutils
    nix

    # TODO Move
    nil
    nixpkgs-fmt
    statix
    nvd
    gh
  ];

  programs.direnv = {
    # TODO move to home-manager
    enable = true;
    nix-direnv.enable = true;
  };
  programs.mtr.enable = true;

}
feat: continued refactor 2024-03-24 07:21:13 -05:00			`{ config, lib, pkgs, imports, modulesPath, ... }:`
feat: initial global profile refactor 2024-03-24 02:34:14 -05:00
			`with lib;`
			`{`
feat: continued refactor 2024-03-24 07:21:13 -05:00			`# Generated by nixos-config-generate`
			`imports =`
			`[`
			`(modulesPath + "/installer/scan/not-detected.nix")`
			`];`
feat: initial global profile refactor 2024-03-24 02:34:14 -05:00
feat: continued refactor 2024-03-24 07:21:13 -05:00			`mySystem = {`
feat: initial global profile refactor 2024-03-24 02:34:14 -05:00
feat: continued refactor 2024-03-24 07:21:13 -05:00			`# basics for all devices`
			`time.timeZone = "Australia/Melbourne";`
			`security.increaseWheelLoginLimits = true;`
			`};`

			`i18n = {`
			`defaultLocale = lib.mkDefault "en_AU.UTF-8";`
			`};`

			`# TODO refactor this shit out wow`
			`nix = {`
			`settings = {`
			`trusted-substituters = [`
			`"https://nix-community.cachix.org"`
			`"https://numtide.cachix.org"`
			`];`

			`trusted-public-keys = [`
			`"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="`
			`"numtide.cachix.org-1:2ps1kLBUWjxIneOy1Ik6cQjb41X0iXVXeHigGmycPPE="`
			`];`

			`trusted-users = [ "root" "@wheel" ];`

			`# hardlink duplicates of builds`
			`auto-optimise-store = lib.mkDefault true;`



			`# Fallback quickly if substituters are not available.`
			`connect-timeout = 5;`

			`# Enable flakes`
			`experimental-features = [`
			`"nix-command"`
			`"flakes"`
			`];`

			`warn-dirty = false;`

			`# The default at 10 is rarely enough.`
			`log-lines = lib.mkDefault 25;`

			`# Avoid copying unnecessary stuff over SSH`
			`builders-use-substitutes = true;`
feat: initial global profile refactor 2024-03-24 02:34:14 -05:00			`};`
feat: continued refactor 2024-03-24 07:21:13 -05:00
			`# automatically garbage collect nix store`
			`gc = {`
			`# garbage collection`
			`automatic = true;`
			`options = "--delete-older-than 30d";`
			`persistent = true;`
			`};`

			`};`

			`# SOPS settings`
			`# https://github.com/Mic92/sops-nix`

			`sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];`


			`nixpkgs = {`
			`# Configure your nixpkgs instance`
			`config = {`
			`# Disable if you don't want unfree packages`
			`allowUnfree = true;`
			`};`
			`};`

			`system = {`
			`# Enable printing changes on nix build etc with nvd`
			`activationScripts.report-changes = ''`
			`PATH=$PATH:${lib.makeBinPath [ pkgs.nvd pkgs.nix ]}`
			`nvd diff $(ls -dv /nix/var/nix/profiles/system-*-link \| tail -2)`
			`'';`
			`# Do not change unless you know what you are doing`
			`stateVersion = "23.11"; # THERE BE DRAGONS`
			`};`

			`networking.useDHCP = lib.mkDefault true;`

			`environment.systemPackages = with pkgs; [`
			`jq`
			`yq`
			`btop`
			`vim`
			`git`
			`dnsutils`
			`nix`

			`# TODO Move`
			`nil`
			`nixpkgs-fmt`
			`statix`
			`nvd`
			`gh`
			`];`

			`programs.direnv = {`
			`# TODO move to home-manager`
			`enable = true;`
			`nix-direnv.enable = true;`
			`};`
			`programs.mtr.enable = true;`

feat: initial global profile refactor 2024-03-24 02:34:14 -05:00			`}`
feat: continued refactor 2024-03-24 07:21:13 -05:00