Refactoring LoutreOS

2018-09-04 14:05:06 +02:00 · 2018-09-04 14:05:06 +02:00 · 8de365b923
commit 8de365b923
parent 3792a3a19e
3 changed files with 377 additions and 347 deletions
--- a/systems/LoutreOS/configuration.nix
+++ b/systems/LoutreOS/configuration.nix
@ -5,37 +5,35 @@
 { config, pkgs, ... }:

 {
-  imports =
-    [ # Include the results of the hardware scan.
-      ./hardware-configuration.nix
-      ./users.nix
-      ./services.nix
-    ];
+  imports = [
+    ./hardware-configuration.nix
+    ./users.nix
+    ./services.nix
+  ];

-  # Use the systemd-boot EFI boot loader.
-  boot.loader.systemd-boot.enable = true;
-  boot.loader.efi.canTouchEfiVariables = true;
+  boot = {
+    loader = {
+      systemd-boot.enable = true;
+      efi.canTouchEfiVariables = true;
+    };

-  boot.supportedFilesystems = [ "zfs" ];
+    supportedFilesystems = [ "zfs" ];

-  services.zfs.autoSnapshot.enable = true;
-  services.zfs.autoScrub.enable = true;
+    tmpOnTmpfs = true;
+  };

-  networking.hostName = "loutreos"; # Define your hostname.
-  networking.hostId = "7e66e347";
+  services.zfs = {
+    autoSnapshot.enable = true;
+    autoScrub.enable = true;
+  };

-  # Select internationalisation properties.
-  # i18n = {
-  #   consoleFont = "Lat2-Terminus16";
-  #   consoleKeyMap = "en";
-  #   defaultLocale = "en_US.UTF-8";
-  # };
+  networking = {
+    hostName = "loutreos"; # Define your hostname.
+    hostId = "7e66e347";
+  };

-  # Set your time zone.
  time.timeZone = "Europe/Paris";

-  # List packages installed in system profile. To search by name, run:
-  # $ nix-env -qaP | grep wget
  nixpkgs.overlays = [
    (import ../../overlays/riot-web.nix)
    (import ../../overlays/sudo.nix)
@ -86,30 +84,23 @@

  environment.variables = { EDITOR = "nvim"; };

-  # Some programs need SUID wrappers, can be configured further or are
-  # started in user sessions.
-  # programs.bash.enableCompletion = true;
-  # programs.mtr.enable = true;
-  # programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
+  services.openssh = {
+    enable = true;
+    permitRootLogin = "no";
+    passwordAuthentication = false;
+  };

-  # List services that you want to enable:
-
-  # Enable the OpenSSH daemon.
-  services.openssh.enable = true;
-  services.openssh.permitRootLogin = "no";
-  services.openssh.passwordAuthentication = false;
-
-  networking.firewall.allowedTCPPorts = [  ];
-  networking.firewall.allowedUDPPorts = [  ];
-  networking.firewall.enable = true;
+  networking.firewall = {
+    allowedTCPPorts = [  ];
+    allowedUDPPorts = [  ];
+    enable = true;
+  };

  security.sudo.wheelNeedsPassword = false;

  system.autoUpgrade.enable = true;
  systemd.services.nixos-upgrade.path = with pkgs; [ gzip gnutar xz.bin config.nix.package.out ];

-  services.fstrim.enable = true;
-
  nix.gc.automatic = true;
  nix.gc.options = "--delete-older-than 15d";