summary refs log tree commit diff stats
path: root/system/prefect.nix
blob: f9146e8e66da51dd0fd8dd5e7485a6621fc5f8d1 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
{ config, pkgs, ... }:

{ imports = [
    ./hardware-configuration.nix
    <nixos-hardware/common/pc/ssd>
    <nixos-hardware/common/cpu/amd>

    ./settings/satoshipay.nix
    ./settings/base.nix
    ./settings/configuration/berlin.nix
    ./settings/configuration/british-english.nix
    ./settings/configuration/nix.nix
    ./settings/configuration/user.nix
    ./settings/hardware/audio.nix
    ./settings/hardware/bare-metal.nix
    ./settings/hardware/personal-computer.nix
    ./settings/hardware/bluetooth.nix
    ./settings/hardware/nvme-root.nix
    ./settings/hardware/connman.nix
    ./settings/hardware/mouse.nix
    ./settings/hardware/grub2.nix
    ./settings/hardware/nvidia-gpu.nix
    ./settings/hardware/keyboard.nix
    ./settings/hardware/keyboardio-model01.nix
    ./settings/hardware/trackball.nix
    ./settings/hardware/trezor.nix
    ./settings/services/syncthing.nix
    ./settings/services/zeroconf.nix
    ./settings/user-interface.nix
    ./settings/programs/base.nix
    ./settings/programs/gnupg.nix
    ./settings/programs/i3.nix
    ./settings/programs/shell.nix
    ./settings/gaming.nix
    ./settings/programs/tor.nix
    ./settings/programs/barrier.nix
  ];
  hardware.cpu.amd.updateMicrocode = true;

  services.xserver.screenSection = ''
    Option "MetaModes" "2560x1440_120 +0+0 { ForceFullCompositionPipeline = On }"
    Option "AllowIndirectGLXProtocol" "off"
    Option "TripleBuffer" "on"
  '';
  boot.loader.timeout = 3;
  boot.loader.grub.default = 2; # Default to Windows

  boot.kernelPackages = (import <nixos-unstable> { config = config.nixpkgs.config; }).linuxPackages_zen;
  boot.extraModulePackages = with config.boot.kernelPackages; [
    zenpower
  ];

  fileSystems."/data" = {
    label = "Data";
    fsType = "ntfs";
    options = ["rw" "uid=1000" "noauto" "x-systemd.automount"];
  };
  fileSystems."/windows" = {
   label = "Windows";
   fsType = "ntfs";
   options = ["rw" "uid=1000" "noauto" "x-systemd.automount"];
  };

  services.xserver = {
    xautolock.enable = pkgs.lib.mkForce false;
  };
  services.postgresql = {
    enableTCPIP = true;
    authentication = ''
      # TYPE  DATABASE        USER            ADDRESS                 METHOD
      host    all             all             samenet                 md5
    '';
  };
  networking.firewall.allowedTCPPorts = [ config.services.postgresql.port ];

  services.openssh = {
    enable = true;
    openFirewall = false;
    startWhenNeeded = true;
  };
  networking.firewall.extraCommands = ''
    iptables  -A nixos-fw -p udp --source 172.30.44.0/24       -j nixos-fw-accept
    iptables  -A nixos-fw -p tcp --source 172.30.44.0/24       -j nixos-fw-accept
    ip6tables -A nixos-fw -p tcp --source fd12:d04f:65d:0::/64 -j nixos-fw-accept
    ip6tables -A nixos-fw -p udp --source fd12:d04f:65d:0::/64 -j nixos-fw-accept
  '';

  networking = {
    hostName = "prefect";
  };

  system.stateVersion = "20.09";
}