77 lines
1.3 KiB
Nix
77 lines
1.3 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
pkgs,
|
|
...
|
|
}:
|
|
with lib; let
|
|
cfg = config.local.sys.baseline;
|
|
in {
|
|
options.local.sys.baseline = {
|
|
enable = mkEnableOption "Basic system settings";
|
|
};
|
|
config = mkIf cfg.enable {
|
|
system.stateVersion = "24.05"; # DO NOT CHANGE
|
|
|
|
nix = {
|
|
package = pkgs.nixVersions.stable;
|
|
|
|
extraOptions = ''
|
|
experimental-features = nix-command flakes
|
|
'';
|
|
|
|
# Not interested in the global flake registry
|
|
settings.flake-registry = "";
|
|
};
|
|
|
|
console = {
|
|
keyMap = "us";
|
|
};
|
|
|
|
programs = {
|
|
zsh.enable = true;
|
|
fuse.userAllowOther = true;
|
|
};
|
|
|
|
environment = {
|
|
pathsToLink = [
|
|
"/share/zsh"
|
|
];
|
|
|
|
systemPackages = with pkgs;
|
|
[
|
|
git
|
|
vim
|
|
]
|
|
++ optionals (!config.boot.isContainer) [
|
|
lm_sensors
|
|
lshw
|
|
parted
|
|
pciutils
|
|
smartmontools
|
|
usbutils
|
|
];
|
|
};
|
|
|
|
services = {
|
|
openssh.enable = mkDefault true;
|
|
|
|
earlyoom = {
|
|
enable = mkDefault true;
|
|
enableNotifications = true;
|
|
};
|
|
};
|
|
|
|
# Coredumps are a security risk and may use up a lot of disk space
|
|
systemd.coredump.extraConfig = ''
|
|
Storage=none
|
|
ProcessSizeMax=0
|
|
'';
|
|
|
|
security.dhparams = {
|
|
enable = true;
|
|
defaultBitSize = 4096;
|
|
};
|
|
};
|
|
}
|