| 
									
										
										
										
											2025-08-03 12:47:46 -04:00
										 |  |  | # Edit this configuration file to define what should be installed on | 
					
						
							|  |  |  | # your system. Help is available in the configuration.nix(5) man page, on | 
					
						
							|  |  |  | # https://search.nixos.org/options and in the NixOS manual (`nixos-help`). | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2025-08-08 17:00:47 -04:00
										 |  |  | { config, lib, pkgs, self, paths, keys, ... }: | 
					
						
							| 
									
										
										
										
											2025-08-03 12:47:46 -04:00
										 |  |  | 
 | 
					
						
							|  |  |  | { | 
					
						
							| 
									
										
										
										
											2025-08-08 17:00:47 -04:00
										 |  |  |   # NAS Mounting | 
					
						
							|  |  |  |   hoardingcow-mount.enable = true; | 
					
						
							| 
									
										
										
										
											2025-08-03 12:47:46 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2025-08-03 15:42:02 -04:00
										 |  |  |   # Flakesss | 
					
						
							|  |  |  |   nix.settings.experimental-features = [ "nix-command" "flakes" ]; | 
					
						
							| 
									
										
										
										
											2025-08-04 22:15:59 -04:00
										 |  |  |   nix.settings.trusted-users = [ "root" "gortium" ]; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2025-08-08 17:00:47 -04:00
										 |  |  |   # Garbage collection | 
					
						
							| 
									
										
										
										
											2025-08-04 22:15:59 -04:00
										 |  |  |   nix.gc = { | 
					
						
							|  |  |  |     automatic = true; | 
					
						
							| 
									
										
										
										
											2025-08-08 17:00:47 -04:00
										 |  |  |     dates = "daily";  # You can also use "daily" or a cron-like spec | 
					
						
							| 
									
										
										
										
											2025-08-04 22:15:59 -04:00
										 |  |  |     options = "--delete-older-than 7d";  # Keep only 7 days of unreferenced data | 
					
						
							|  |  |  |   }; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |   nix.settings = { | 
					
						
							| 
									
										
										
										
											2025-08-08 17:00:47 -04:00
										 |  |  |     keep-derivations = true; | 
					
						
							|  |  |  |     keep-outputs = true; | 
					
						
							|  |  |  |     auto-optimise-store = true; | 
					
						
							| 
									
										
										
										
											2025-08-04 22:15:59 -04:00
										 |  |  |   }; | 
					
						
							| 
									
										
										
										
											2025-08-03 15:42:02 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2025-08-03 12:47:46 -04:00
										 |  |  |   # Use the systemd-boot EFI boot loader. | 
					
						
							|  |  |  |   boot.loader.systemd-boot.enable = true; | 
					
						
							|  |  |  |   boot.loader.efi.canTouchEfiVariables = false; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2025-08-04 22:15:59 -04:00
										 |  |  |   networking.hostName = "lazyworkhorse"; # Define your hostname. | 
					
						
							| 
									
										
										
										
											2025-08-03 12:47:46 -04:00
										 |  |  |   # Pick only one of the below networking options. | 
					
						
							|  |  |  |   # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant. | 
					
						
							|  |  |  |   networking.networkmanager.enable = true;  # Easiest to use and most distros use this by default. | 
					
						
							| 
									
										
										
										
											2025-08-04 22:15:59 -04:00
										 |  |  |   networking.hostId = "deadbeef"; | 
					
						
							| 
									
										
										
										
											2025-08-03 12:47:46 -04:00
										 |  |  | 
 | 
					
						
							|  |  |  |   # Set your time zone. | 
					
						
							|  |  |  |   time.timeZone = "America/Montreal"; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2025-08-08 17:00:47 -04:00
										 |  |  |   # Locales | 
					
						
							| 
									
										
										
										
											2025-08-04 22:15:59 -04:00
										 |  |  |   i18n.defaultLocale = "en_CA.UTF-8"; | 
					
						
							| 
									
										
										
										
											2025-08-08 17:00:47 -04:00
										 |  |  |   i18n.supportedLocales = [ | 
					
						
							|  |  |  |     "en_CA.UTF-8/UTF-8" | 
					
						
							|  |  |  |   ]; | 
					
						
							| 
									
										
										
										
											2025-08-04 22:15:59 -04:00
										 |  |  |   i18n.extraLocaleSettings = { | 
					
						
							|  |  |  |     LC_ADDRESS = "en_CA.UTF-8"; | 
					
						
							|  |  |  |     LC_IDENTIFICATION = "en_CA.UTF-8"; | 
					
						
							|  |  |  |     LC_MEASUREMENT = "en_CA.UTF-8"; | 
					
						
							|  |  |  |     LC_MONETARY = "en_CA.UTF-8"; | 
					
						
							|  |  |  |     LC_NAME = "en_CA.UTF-8"; | 
					
						
							|  |  |  |     LC_NUMERIC = "en_CA.UTF-8"; | 
					
						
							|  |  |  |     LC_PAPER = "en_CA.UTF-8"; | 
					
						
							|  |  |  |     LC_TELEPHONE = "en_CA.UTF-8"; | 
					
						
							|  |  |  |     LC_TIME = "en_CA.UTF-8"; | 
					
						
							| 
									
										
										
										
											2025-08-08 17:00:47 -04:00
										 |  |  |     LC_CTYPE = "en_CA.UTF-8"; | 
					
						
							|  |  |  |   }; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |   # Private host ssh key | 
					
						
							|  |  |  |   age = { | 
					
						
							|  |  |  |     identityPaths = paths.identities; | 
					
						
							|  |  |  |     secrets = { | 
					
						
							|  |  |  |       lazyworkhorse_host_ssh_key = { | 
					
						
							|  |  |  |         file = "${self}/secrets/lazyworkhorse_host_ssh_key.age"; | 
					
						
							|  |  |  |         owner = "root"; | 
					
						
							|  |  |  |         group = "root"; | 
					
						
							|  |  |  |         mode = "0600"; | 
					
						
							|  |  |  |         path = "/etc/ssh/ssh_host_ed25519_key"; | 
					
						
							|  |  |  |       }; | 
					
						
							|  |  |  |     }; | 
					
						
							| 
									
										
										
										
											2025-08-04 22:15:59 -04:00
										 |  |  |   }; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2025-08-08 17:00:47 -04:00
										 |  |  |   # Public host ssh key | 
					
						
							|  |  |  |   environment.etc."ssh/ssh_host_ed25519_key.pub".text = keys.hosts.lazyworkhorse.main; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |   # Prevent sshd from generating new keys and use this one | 
					
						
							|  |  |  |   services.openssh.hostKeys = [ | 
					
						
							|  |  |  |     { | 
					
						
							|  |  |  |       path = "/etc/ssh/ssh_host_ed25519_key"; | 
					
						
							|  |  |  |       type = "ed25519"; | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  |   ]; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2025-08-03 12:47:46 -04:00
										 |  |  |   # Configure network proxy if necessary | 
					
						
							|  |  |  |   # networking.proxy.default = "http://user:password@proxy:port/"; | 
					
						
							|  |  |  |   # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |   # Select internationalisation properties. | 
					
						
							| 
									
										
										
										
											2025-08-04 22:15:59 -04:00
										 |  |  |   # i18n.defaultLocale = "en_US.UTF-8"; | 
					
						
							|  |  |  |   # console = { | 
					
						
							|  |  |  |   #   font = "Lat2-Terminus16"; | 
					
						
							|  |  |  |   #   keyMap = "us"; | 
					
						
							|  |  |  |   #   useXkbConfig = true; # use xkb.options in tty. | 
					
						
							|  |  |  |   # }; | 
					
						
							| 
									
										
										
										
											2025-08-03 12:47:46 -04:00
										 |  |  | 
 | 
					
						
							|  |  |  |   # Configure keymap in X11 | 
					
						
							|  |  |  |   # services.xserver.xkb.layout = "us"; | 
					
						
							|  |  |  |   # services.xserver.xkb.options = "eurosign:e,caps:escape"; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |   # Enable CUPS to print documents. | 
					
						
							|  |  |  |   services.printing.enable = true; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |   # Enable sound. | 
					
						
							|  |  |  |   # services.pulseaudio.enable = true; | 
					
						
							|  |  |  |   # OR | 
					
						
							|  |  |  |   services.pipewire = { | 
					
						
							|  |  |  |     enable = true; | 
					
						
							|  |  |  |     pulse.enable = true; | 
					
						
							|  |  |  |   }; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2025-08-08 17:00:47 -04:00
										 |  |  |   environment.sessionVariables = { | 
					
						
							|  |  |  |     NH_FLAKE = paths.flake; | 
					
						
							|  |  |  |   }; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2025-08-03 12:47:46 -04:00
										 |  |  |   # Enable touchpad support (enabled default in most desktopManager). | 
					
						
							|  |  |  |   # services.libinput.enable = true; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2025-08-04 22:15:59 -04:00
										 |  |  |   # nvim please | 
					
						
							| 
									
										
										
										
											2025-08-08 17:00:47 -04:00
										 |  |  |   environment.variables.EDITOR = "nvim"; | 
					
						
							| 
									
										
										
										
											2025-08-03 12:47:46 -04:00
										 |  |  | 
 | 
					
						
							|  |  |  |   # programs.firefox.enable = true; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |   # List packages installed in system profile. | 
					
						
							| 
									
										
										
										
											2025-08-08 17:00:47 -04:00
										 |  |  |   # You can use https://Search.nixos.org/ to find more packages (and options). | 
					
						
							| 
									
										
										
										
											2025-08-03 12:47:46 -04:00
										 |  |  |   environment.systemPackages = with pkgs; [ | 
					
						
							| 
									
										
										
										
											2025-08-08 17:00:47 -04:00
										 |  |  |     agenix | 
					
						
							| 
									
										
										
										
											2025-08-03 12:47:46 -04:00
										 |  |  |     neovim | 
					
						
							| 
									
										
										
										
											2025-08-08 17:00:47 -04:00
										 |  |  |     docker-compose | 
					
						
							| 
									
										
										
										
											2025-08-03 12:47:46 -04:00
										 |  |  |     wget | 
					
						
							| 
									
										
										
										
											2025-08-04 22:15:59 -04:00
										 |  |  |     age | 
					
						
							|  |  |  |     git | 
					
						
							| 
									
										
										
										
											2025-08-08 17:00:47 -04:00
										 |  |  |     nh | 
					
						
							| 
									
										
										
										
											2025-08-03 12:47:46 -04:00
										 |  |  |   ]; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |   # Some programs need SUID wrappers, can be configured further or are | 
					
						
							|  |  |  |   # started in user sessions. | 
					
						
							|  |  |  |   # programs.mtr.enable = true; | 
					
						
							|  |  |  |   # programs.gnupg.agent = { | 
					
						
							|  |  |  |   #   enable = true; | 
					
						
							|  |  |  |   #   enableSSHSupport = true; | 
					
						
							|  |  |  |   # }; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |   # List services that you want to enable: | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |   # Enable the OpenSSH daemon. | 
					
						
							| 
									
										
										
										
											2025-08-04 22:15:59 -04:00
										 |  |  |   services.openssh = { | 
					
						
							|  |  |  |     enable = true; | 
					
						
							|  |  |  |     settings.PermitRootLogin = "no"; | 
					
						
							|  |  |  |   }; | 
					
						
							| 
									
										
										
										
											2025-08-03 12:47:46 -04:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2025-08-08 17:00:47 -04:00
										 |  |  |  # Open ports in the firewall. | 
					
						
							| 
									
										
										
										
											2025-08-03 12:47:46 -04:00
										 |  |  |   # networking.firewall.allowedTCPPorts = [ ... ]; | 
					
						
							|  |  |  |   # networking.firewall.allowedUDPPorts = [ ... ]; | 
					
						
							|  |  |  |   # Or disable the firewall altogether. | 
					
						
							|  |  |  |   # networking.firewall.enable = false; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |   # Copy the NixOS configuration file and link it from the resulting system | 
					
						
							|  |  |  |   # (/run/current-system/configuration.nix). This is useful in case you | 
					
						
							|  |  |  |   # accidentally delete configuration.nix. | 
					
						
							| 
									
										
										
										
											2025-08-04 22:15:59 -04:00
										 |  |  |   # system.copySystemConfiguration = true; | 
					
						
							| 
									
										
										
										
											2025-08-03 12:47:46 -04:00
										 |  |  | 
 | 
					
						
							|  |  |  |   # This option defines the first version of NixOS you have installed on this particular machine, | 
					
						
							|  |  |  |   # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. | 
					
						
							|  |  |  |   # | 
					
						
							|  |  |  |   # Most users should NEVER change this value after the initial install, for any reason, | 
					
						
							|  |  |  |   # even if you've upgraded your system to a new NixOS release. | 
					
						
							|  |  |  |   # | 
					
						
							|  |  |  |   # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, | 
					
						
							|  |  |  |   # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how | 
					
						
							|  |  |  |   # to actually do that. | 
					
						
							|  |  |  |   # | 
					
						
							|  |  |  |   # This value being lower than the current NixOS release does NOT mean your system is | 
					
						
							|  |  |  |   # out of date, out of support, or vulnerable. | 
					
						
							|  |  |  |   # | 
					
						
							|  |  |  |   # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, | 
					
						
							|  |  |  |   # and migrated your data accordingly. | 
					
						
							|  |  |  |   # | 
					
						
							|  |  |  |   # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . | 
					
						
							|  |  |  |   system.stateVersion = "25.05"; # Did you read the comment? | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 |