diff options
Diffstat (limited to 'modules/common')
| -rw-r--r-- | modules/common/default.nix | 37 | ||||
| -rw-r--r-- | modules/common/networking.nix | 15 | ||||
| -rw-r--r-- | modules/common/nix-settings.nix | 38 |
3 files changed, 90 insertions, 0 deletions
diff --git a/modules/common/default.nix b/modules/common/default.nix new file mode 100644 index 0000000..f338823 --- /dev/null +++ b/modules/common/default.nix @@ -0,0 +1,37 @@ +{ config, lib, pkgs, ... }: + +{ + imports = [ ./nix-settings.nix ./networking.nix ]; + + # Time and Locale + time.timeZone = "UTC"; + i18n.defaultLocale = "en_US.UTF-8"; + console = { + font = "Lat2-Terminus16"; + keyMap = "us"; + }; + + # Default Packages Set + environment.systemPackages = with pkgs; [ vim htop wget nftables wireguard-tools ]; + + # Security + networking.firewall.enable = false; + security.sudo.wheelNeedsPassword = false; + services.openssh = { + enable = true; + settings = { + PasswordAuthentication = false; + PermitRootLogin = "no"; + }; + }; + + # CPU + powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand"; + hardware.cpu.amd.updateMicrocode = + lib.mkDefault config.hardware.enableRedistributableFirmware; + hardware.cpu.intel.updateMicrocode = + lib.mkDefault config.hardware.enableRedistributableFirmware; + + # System state version + system.stateVersion = lib.mkDefault "23.05"; +} diff --git a/modules/common/networking.nix b/modules/common/networking.nix new file mode 100644 index 0000000..0f9aaca --- /dev/null +++ b/modules/common/networking.nix @@ -0,0 +1,15 @@ +{ config, lib, pkgs, ... }: + +{ + networking = { + usePredictableInterfaceNames = false; + enableIPv6 = true; + tempAddresses = "disabled"; + interfaces.eth0.useDHCP = true; + nameservers = [ "1.1.1.1" "8.8.8.8" ]; + + dhcpcd.extraConfig = '' + nohook resolv.conf + ''; + }; +} diff --git a/modules/common/nix-settings.nix b/modules/common/nix-settings.nix new file mode 100644 index 0000000..9e2eeb9 --- /dev/null +++ b/modules/common/nix-settings.nix @@ -0,0 +1,38 @@ +{ config, nixpkgs, lib, pkgs, ... }: + +{ + environment.etc = { + "nix/channels/nixpkgs".source = nixpkgs.outPath; + }; + + nix = { + extraOptions = '' + keep-outputs = true + keep-derivations = true + experimental-features = nix-command flakes + ''; + + registry = { + nixpkgs.flake = nixpkgs; + }; + + nixPath = [ + "nixpkgs=/etc/nix/channels/nixpkgs" + ]; + + settings = { + trusted-users = [ "@wheel" ]; + auto-optimise-store = true; + + substituters = [ + "https://cache.nixos.org/" + "https://nix-community.cachix.org" + ]; + + trusted-public-keys = [ + "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + ]; + }; + }; +} |