summary refs log tree commit diff stats
path: root/system/prefect.nix
blob: f3696efeafd7d3647f961050bfb848b605bb8300 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
{ config, pkgs, ... }:

{ imports = [
    ./hardware-configuration.nix
    <nixos-hardware/common/pc/ssd>
    <nixos-hardware/common/cpu/intel>

    ./settings/satoshipay.nix
    ./settings/base.nix
    ./settings/configuration/berlin.nix
    ./settings/configuration/british-english.nix
    ./settings/configuration/nix.nix
    ./settings/configuration/user.nix
    ./settings/hardware/audio.nix
    ./settings/hardware/bare-metal.nix
    ./settings/hardware/mouse.nix
    ./settings/hardware/grub2.nix
    ./settings/hardware/nvidia-gpu.nix
    ./settings/hardware/keyboard.nix
    ./settings/hardware/trackball.nix
    ./settings/hardware/trezor.nix
    ./settings/services/syncthing.nix
    ./settings/services/zeroconf.nix
    ./settings/user-interface.nix
    ./settings/programs/gnupg.nix
    ./settings/programs/i3.nix
    ./settings/programs/shell.nix
    ./settings/gaming.nix
    ./settings/programs/tor.nix
    ./settings/programs/barrier.nix
  ];
  services.xserver.screenSection = ''
    Option "MetaModes" "2560x1440_120 +0+0 { ForceFullCompositionPipeline = On }"
    Option "AllowIndirectGLXProtocol" "off"
    Option "TripleBuffer" "on"
  '';
  boot.loader.timeout = 3;
  boot.loader.grub.default = 2; # Default to Windows

  fileSystems."/data" = {
    label = "Data";
    fsType = "ntfs";
    options = ["rw" "uid=1000"];
  };
  fileSystems."/windows" = {
    label = "Windows";
    fsType = "ntfs";
    options = ["rw" "uid=1000"];
  };

  services.xserver = {
    xautolock.enable = pkgs.lib.mkForce false;
  };
  services.postgresql = {
    enableTCPIP = true;
    authentication = ''
      # TYPE  DATABASE        USER            ADDRESS                 METHOD
      host    all             all             samenet                 md5
    '';
  };
  networking.firewall.allowedTCPPorts = [ config.services.postgresql.port ];

  networking.firewall.extraCommands = ''
    iptables  -A nixos-fw -p udp --source 172.30.44.0/24        -j nixos-fw-accept
    iptables  -A nixos-fw -p tcp --source 172.30.44.0/24        -j nixos-fw-accept
    ip6tables -A nixos-fw -p tcp --source fdbf:4d14:b5de:0::/64 -j nixos-fw-accept
    ip6tables -A nixos-fw -p udp --source fdbf:4d14:b5de:0::/64 -j nixos-fw-accept
  '';

  services.samba = {
    enable = true;
    shares = {
      Music = {
        path = "/data/Home/Music/";
        browseable = true;
        "guest ok" = true;
      };
      Videos = {
        path = "/data/Home/Videos/";
        browseable = true;
        "guest ok" = true;
      };
    };
    extraConfig = ''
      hide files = desktop.ini
    '';
  };

  powerManagement.enable = false;
  powerManagement.cpuFreqGovernor = "performance";
  networking = {
    hostName = "prefect";
    search = ["alanpearce.eu"];
  };

  system.stateVersion = "20.09";
}