diff options
| author | Preston Pan <ret2pop@gmail.com> | 2025-01-09 14:49:49 -0800 |
|---|---|---|
| committer | Preston Pan <ret2pop@gmail.com> | 2025-01-09 14:49:49 -0800 |
| commit | a410a402a5dc5c68208ab8d6610fade60c8639c0 (patch) | |
| tree | ad1a15f899ba2ca397c0919f74e2c3634502d6c9 /iso.nix | |
| parent | 87ce8be7319fa8612a7edcb9261272688ab099bb (diff) | |
use disko instead of rolling my own scripts and fixes
Diffstat (limited to 'iso.nix')
| -rw-r--r-- | iso.nix | 172 |
1 files changed, 0 insertions, 172 deletions
diff --git a/iso.nix b/iso.nix deleted file mode 100644 index 95d0750..0000000 --- a/iso.nix +++ /dev/null @@ -1,172 +0,0 @@ -{ pkgs, lib, ... }: -{ - documentation = { - enable = true; - man.enable = true; - dev.enable = true; - }; - - environment = { - etc = { - securetty.text = '' - # /etc/securetty: list of terminals on which root is allowed to login. - # See securetty(5) and login(1). - ''; - }; - }; - - networking = { - hostName = "iso"; - wireless.enable = lib.mkForce false; - networkmanager = { - enable = true; - # wifi.macAddress = ""; - }; - firewall = { - allowedTCPPorts = [ ]; - allowedUDPPorts = [ ]; - }; - }; - - hardware = { - cpu.intel.updateMicrocode = true; - graphics = { - enable = true; - }; - pulseaudio.enable = false; - }; - - services = { - qemuGuest.enable = true; - chrony = { - enable = true; - enableNTS = true; - servers = [ "time.cloudflare.com" "ptbtime1.ptb.de" "ptbtime2.ptb.de" ]; - }; - - jitterentropy-rngd.enable = true; - resolved.dnssec = true; - dbus = { - apparmor = "enabled"; - }; - - pipewire = { - enable = true; - alsa = { - enable = true; - support32Bit = true; - }; - pulse.enable = true; - jack.enable = true; - wireplumber.enable = true; - extraConfig.pipewire-pulse."92-low-latency" = { - "context.properties" = [ - { - name = "libpipewire-module-protocol-pulse"; - args = { }; - } - ]; - "pulse.properties" = { - "pulse.min.req" = "32/48000"; - "pulse.default.req" = "32/48000"; - "pulse.max.req" = "32/48000"; - "pulse.min.quantum" = "32/48000"; - "pulse.max.quantum" = "32/48000"; - }; - "stream.properties" = { - "node.latency" = "32/48000"; - "resample.quality" = 1; - }; - }; - }; - - openssh = { - enable = true; - settings = { - PasswordAuthentication = true; - AllowUsers = [ "nixos" ]; - PermitRootLogin = "yes"; - KbdInteractiveAuthentication = false; - }; - }; - }; - - programs = { - zsh.enable = true; - ssh.enableAskPassword = false; - }; - - nixpkgs.config = { - allowUnfree = true; - cudaSupport = false; - }; - - environment.systemPackages = with pkgs; [ - cryptsetup - restic - sbctl - linux-manual - man-pages - man-pages-posix - ]; - - users.extraUsers.root.password = "nixos"; - users.extraUsers.nixos.password = "nixos"; - users.users = { - nixos = { - isNormalUser = true; - description = "NixOS"; - extraGroups = [ "networkmanager" "wheel" "video" "docker" "jackaudio" "tss" "dialout" ]; - shell = pkgs.zsh; - packages = with pkgs; [ - git - curl - gum - (writeShellScriptBin "nix_installer" - ''#!/usr/bin/env bash -set -euo pipefail -if [ "$(id -u)" -eq 0 ]; then - echo "ERROR! $(basename "$0") should be run as a regular user" - exit 1 -fi - -if [ ! -d "$HOME/toughnix/" ]; then - cd $HOME - git clone https://git.nullring.xyz/toughnix.git -fi - -sudo nixos-generate-config -sudo cp /etc/nixos/hardware-configuration.nix ~/toughnix/ -sudo chown -R nixos:users "$HOME/toughnix" -cd "$HOME/toughnix" -git add . -cd "$HOME" -vim "$HOME/toughnix/vars.nix" -gum confirm --default=false \ - "🔥 🔥 🔥 WARNING!!!! This will ERASE ALL DATA on the disk $DISK. Are you sure you want to continue?" -sudo nix run 'github:nix-community/disko/latest#disko-install' -- --write-efi-boot-entries --flake './toughnix#continuity-dell' --disk main "$DISK" - '' - ) - ]; - }; - }; - - - nix.settings.experimental-features = "nix-command flakes"; - time.timeZone = "America/Vancouver"; - i18n.defaultLocale = "en_CA.UTF-8"; - - systemd = { - services.sshd.wantedBy = pkgs.lib.mkForce ["multi-user.target"]; - targets = { - sleep.enable = false; - suspend.enable = false; - hibernate.enable = false; - hybrid-sleep.enable = false; - }; - }; - - system = { - stateVersion = "24.11"; - }; -} |