blob: f9146e8e66da51dd0fd8dd5e7485a6621fc5f8d1 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
|
{ config, pkgs, ... }:
{ imports = [
./hardware-configuration.nix
<nixos-hardware/common/pc/ssd>
<nixos-hardware/common/cpu/amd>
./settings/satoshipay.nix
./settings/base.nix
./settings/configuration/berlin.nix
./settings/configuration/british-english.nix
./settings/configuration/nix.nix
./settings/configuration/user.nix
./settings/hardware/audio.nix
./settings/hardware/bare-metal.nix
./settings/hardware/personal-computer.nix
./settings/hardware/bluetooth.nix
./settings/hardware/nvme-root.nix
./settings/hardware/connman.nix
./settings/hardware/mouse.nix
./settings/hardware/grub2.nix
./settings/hardware/nvidia-gpu.nix
./settings/hardware/keyboard.nix
./settings/hardware/keyboardio-model01.nix
./settings/hardware/trackball.nix
./settings/hardware/trezor.nix
./settings/services/syncthing.nix
./settings/services/zeroconf.nix
./settings/user-interface.nix
./settings/programs/base.nix
./settings/programs/gnupg.nix
./settings/programs/i3.nix
./settings/programs/shell.nix
./settings/gaming.nix
./settings/programs/tor.nix
./settings/programs/barrier.nix
];
hardware.cpu.amd.updateMicrocode = true;
services.xserver.screenSection = ''
Option "MetaModes" "2560x1440_120 +0+0 { ForceFullCompositionPipeline = On }"
Option "AllowIndirectGLXProtocol" "off"
Option "TripleBuffer" "on"
'';
boot.loader.timeout = 3;
boot.loader.grub.default = 2; # Default to Windows
boot.kernelPackages = (import <nixos-unstable> { config = config.nixpkgs.config; }).linuxPackages_zen;
boot.extraModulePackages = with config.boot.kernelPackages; [
zenpower
];
fileSystems."/data" = {
label = "Data";
fsType = "ntfs";
options = ["rw" "uid=1000" "noauto" "x-systemd.automount"];
};
fileSystems."/windows" = {
label = "Windows";
fsType = "ntfs";
options = ["rw" "uid=1000" "noauto" "x-systemd.automount"];
};
services.xserver = {
xautolock.enable = pkgs.lib.mkForce false;
};
services.postgresql = {
enableTCPIP = true;
authentication = ''
# TYPE DATABASE USER ADDRESS METHOD
host all all samenet md5
'';
};
networking.firewall.allowedTCPPorts = [ config.services.postgresql.port ];
services.openssh = {
enable = true;
openFirewall = false;
startWhenNeeded = true;
};
networking.firewall.extraCommands = ''
iptables -A nixos-fw -p udp --source 172.30.44.0/24 -j nixos-fw-accept
iptables -A nixos-fw -p tcp --source 172.30.44.0/24 -j nixos-fw-accept
ip6tables -A nixos-fw -p tcp --source fd12:d04f:65d:0::/64 -j nixos-fw-accept
ip6tables -A nixos-fw -p udp --source fd12:d04f:65d:0::/64 -j nixos-fw-accept
'';
networking = {
hostName = "prefect";
};
system.stateVersion = "20.09";
}
|