nixos-config/machines/raspite/configuration.nix

64 lines
1.4 KiB
Nix
Raw Normal View History

2024-06-11 10:24:22 +00:00
{ config, lib, pkgs, ... }:
2023-04-16 05:18:23 +00:00
{
2024-06-11 10:24:22 +00:00
imports = [
./hass.nix
];
2023-04-16 05:18:23 +00:00
nixpkgs.overlays = [
# Workaround https://github.com/NixOS/nixpkgs/issues/126755#issuecomment-869149243
(final: super: {
makeModulesClosure = x:
super.makeModulesClosure (x // { allowMissing = true; });
})
];
2023-04-23 03:06:57 +00:00
environment.systemPackages = with pkgs; [
git
2024-06-11 10:24:22 +00:00
libraspberrypi
raspberrypi-eeprom
2023-04-23 03:06:57 +00:00
];
# Use mirror for binary cache
nix.settings.substituters = [
2024-06-11 10:24:22 +00:00
"https://mirrors.bfsu.edu.cn/nix-channels/store"
2023-04-23 03:06:57 +00:00
"https://mirrors.ustc.edu.cn/nix-channels/store"
];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
2024-06-11 10:24:22 +00:00
system.stateVersion = "24.05";
2023-04-16 05:18:23 +00:00
networking = {
2023-04-23 03:06:57 +00:00
hostName = "raspite";
2023-04-16 05:18:23 +00:00
useDHCP = false;
interfaces.eth0.useDHCP = true;
};
2024-06-11 10:24:22 +00:00
# boot.kernelPackages = pkgs.linuxPackages_stable;
2023-05-27 01:39:16 +00:00
2024-06-11 10:24:22 +00:00
custom.kanidm-client = {
2023-04-16 05:18:23 +00:00
enable = true;
2024-06-11 10:24:22 +00:00
uri = "https://auth.xinyang.life";
asSSHAuth = {
enable = true;
allowedGroups = [ "linux_users" ];
hardening = true;
};
sudoers = [ "xin@auth.xinyang.life" ];
2023-04-16 05:18:23 +00:00
};
2024-06-11 10:24:22 +00:00
security.sudo = {
execWheelOnly = true;
wheelNeedsPassword = false;
2023-04-16 05:18:23 +00:00
};
2024-06-11 10:24:22 +00:00
nix.settings = {
trusted-users = [ "@wheel" ];
};
# fileSystems."/".fsType = lib.mkForce "btrfs";
boot.supportedFilesystems.zfs = lib.mkForce false;
services.dae.enable = false;
services.dae.configFile = "/var/lib/dae/config.dae";
2023-11-15 07:50:26 +00:00
}