87 lines
2.5 KiB
Nix
87 lines
2.5 KiB
Nix
{
|
|
inputs,
|
|
outputs,
|
|
lib,
|
|
config,
|
|
pkgs,
|
|
pkgs-edge,
|
|
...
|
|
}: {
|
|
imports = [
|
|
./locale
|
|
./packages
|
|
];
|
|
sops.age.keyFile = ../../../../../../var/secrets/keys.txt;
|
|
sops.secrets."lillian-password".neededForUsers = true;
|
|
|
|
#TODO: remove this when unneeded for freetube
|
|
nixpkgs.config.permittedInsecurePackages = [
|
|
#"python3.12-youtube-dl-2021.12.17"
|
|
];
|
|
nix = {
|
|
package = pkgs.lix;
|
|
gc = {
|
|
automatic = true;
|
|
dates = "weekly";
|
|
options = "--delete-older-than 7d";
|
|
};
|
|
# This will add each flake input as a registry
|
|
# To make nix3 commands consistent with your flake
|
|
registry = lib.mapAttrs (_: value: {flake = value;}) inputs;
|
|
|
|
# This will additionally add your inputs to the system's legacy channels
|
|
# Making legacy nix commands consistent as well, awesome!
|
|
nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
|
|
|
|
settings = {
|
|
# Enable flakes and new 'nix' command
|
|
experimental-features = "nix-command flakes";
|
|
# Deduplicate and optimize nix store
|
|
auto-optimise-store = true;
|
|
extra-substituters = [
|
|
"https://cache.lix.systems"
|
|
"https://nix-community.cachix.org"
|
|
"https://nixpkgs-unfree.cachix.org"
|
|
"https://0uptime.cachix.org"
|
|
];
|
|
trusted-public-keys = [
|
|
"cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o="
|
|
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
|
"nixpkgs-unfree.cachix.org-1:hqvoInulhbV4nJ9yJOEr+4wxhDV4xq2d1DK7S6Nj6rs="
|
|
"0uptime.cachix.org-1:ctw8yknBLg9cZBdqss+5krAem0sHYdISkw/IFdRbYdE="
|
|
];
|
|
};
|
|
};
|
|
|
|
catppuccin.flavor = "macchiato";
|
|
catppuccin.enable = true;
|
|
|
|
console.catppuccin.enable = true;
|
|
|
|
home-manager.backupFileExtension = "backup";
|
|
|
|
users.users.lillian = {
|
|
isNormalUser = true;
|
|
extraGroups = ["sudo" "networkmanager" "wheel" "vboxsf" "docker"];
|
|
shell = pkgs.zsh;
|
|
hashedPasswordFile = config.sops.secrets."lillian-password".path;
|
|
openssh.authorizedKeys.keys = [
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILhwA+ZdP2tEBYQNdzLHZzFHxocyeqzhXI6tFpaZA3PZ lillian@EDI"
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH30G2PJOnI6jnAtxOQV0SpLFUva0adarLZLvaoZvjGE lillian@GLaDOS"
|
|
];
|
|
};
|
|
|
|
programs.zsh = {
|
|
enable = true;
|
|
};
|
|
|
|
# Enable completion of system packages by zsh
|
|
environment.pathsToLink = ["/share/zsh"];
|
|
|
|
users.mutableUsers = false;
|
|
|
|
users.users.root = {
|
|
hashedPassword = "*";
|
|
};
|
|
}
|