{ config, pkgs, callPackage, ... }: let unstable = import <nixpkgs-unstable> { config = { allowUnfree = true; }; }; in { imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix <stockholm/mb> ]; krebs.build.host = config.krebs.hosts.p1nk; boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; boot.initrd.luks.devices = [ { name = "root"; device = "/dev/disk/by-uuid/0392257b-f6cf-484d-8c46-e20aab4fddb7"; preLVM = true; allowDiscards = true; } ]; fileSystems."/".options = [ "noatime" "nodiratime" "discard" ]; fileSystems."/mnt/public" = { device = "//192.168.0.4/public"; fsType = "cifs"; options = let automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"; in [ "${automount_opts},user,rw,username=mb0,iocharset=utf8,credentials=${config.users.users.mb.home}/.smbcredentials" ]; }; i18n = { consoleFont = "Lat2-Terminus16"; consoleKeyMap = "de"; defaultLocale = "en_US.UTF-8"; }; time.timeZone = "Europe/Berlin"; fonts = { enableCoreFonts = true; enableGhostscriptFonts = true; fonts = with pkgs; [ anonymousPro corefonts dejavu_fonts envypn-font fira gentium gohufont inconsolata liberation_ttf powerline-fonts source-code-pro terminus_font ttf_bitstream_vera ubuntu_font_family unifont unstable.cherry xorg.fontbitstream100dpi xorg.fontbitstream75dpi xorg.fontbitstreamtype1 ]; }; nixpkgs.config.packageOverrides = super: { openvpn = super.openvpn.override { pkcs11Support = true; useSystemd = false; }; }; nixpkgs.config.allowUnfree = true; environment.systemPackages = with pkgs; [ adapta-gtk-theme aircrackng ag arandr binutils chromium cifs-utils curl evince exfat feh file firefox freetype gimp git gnupg graphite2 hicolor_icon_theme htop i3lock jq keepassx2 kvm lxappearance man-pages moc mpv mpvc mupdf ncdu nmap openvpn pass p7zip powertop ranger rofi sshfs tcpdump tmux traceroute tree unstable.alacritty unstable.ponyc unstable.sublime3 youtube-dl vim virt-viewer virtmanager vulnix wcalc wget xz ]; environment.shellAliases = { ll = "ls -alh"; ls = "ls --color=tty"; }; virtualisation.libvirtd.enable = true; virtualisation.kvmgt.enable = true; programs.gnupg.agent = { enable = true; enableSSHSupport = true; }; sound.enable = true; hardware.pulseaudio.enable = true; hardware.pulseaudio.support32Bit = true; services.xserver = { enable = true; layout = "de"; xkbOptions = "nodeadkeys"; libinput.enable = true; desktopManager = { default = "xfce"; xterm.enable = false; xfce = { enable = true; noDesktop = true; enableXfwm = false; }; }; windowManager.ratpoison.enable = true; }; services.openssh.enable = true; services.openssh.passwordAuthentication = false; krebs.iptables.enable = true; networking.networkmanager.enable = false; networking.wireless.enable = true; networking.nameservers = [ "8.8.8.8" "141.1.1.1" ]; networking.enableIPv6 = false; programs.fish = { enable = true; shellInit = '' function ssh_agent --description 'launch the ssh-agent and add the id_rsa identity' if begin set -q SSH_AGENT_PID and kill -0 $SSH_AGENT_PID and grep -q '^ssh-agent' /proc/$SSH_AGENT_PID/cmdline end echo "ssh-agent running on pid $SSH_AGENT_PID" else eval (command ssh-agent -c | sed 's/^setenv/set -Ux/') end set -l identity $HOME/.ssh/id_rsa set -l fingerprint (ssh-keygen -lf $identity | awk '{print $2}') ssh-add -l | grep -q $fingerprint or ssh-add $identity end ''; promptInit = '' function fish_prompt --description 'Write out the prompt' set -l color_cwd set -l suffix set -l nix_shell_info ( if test "$IN_NIX_SHELL" != "" echo -n " <nix-shell>" end ) switch "$USER" case root toor if set -q fish_color_cwd_root set color_cwd $fish_color_cwd_root else set color_cwd $fish_color_cwd end set suffix '#' case '*' set color_cwd $fish_color_cwd set suffix '>' end echo -n -s "$USER" @ (set_color magenta) (prompt_hostname) (set_color normal) "$nix_shell_info" ' ' (set_color $color_cwd) (prompt_pwd) (set_color normal) "$suffix " end ''; }; nix.maxJobs = 4; nix.buildCores = 4; system.autoUpgrade.enable = false; system.autoUpgrade.channel = "https://nixos.org/channels/nixos-19.03"; system.stateVersion = "19.03"; }