TFC/tfc-nixos
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
tfc-nixos/modules/base.nix
Chris Cochrun 2c11804f32 adding root login
2025-06-06 15:28:39 -05:00

131 lines
3.3 KiB
Nix
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{ config, lib, pkgs, ... }:
with lib;
{
boot.kernelPackages = pkgs.linuxPackages_6_1;
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
nix = {
extraOptions = "experimental-features = nix-command flakes";
# package = pkgs.nixFlakes;
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 20d";
};
settings = {
auto-optimise-store = true;
substituters = [
"https://nix-community.cachix.org"
"https://ai.cachix.org"
"https://cache.nixos.org/"
];
trusted-public-keys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"ai.cachix.org-1:N9dzRK+alWwoKXQlnn0H6aUx0lU/mspIoz8hMvGvbbc="
];
};
};
# nixpkgs.config.allowUnFree = true;
system.autoUpgrade = {
enable = true;
dates = "04:40";
allowReboot = true;
flake = "/conf";
flags = [ "--update-input" "nixpkgs" "--commit-lock-file" ];
rebootWindow = {
lower = "04:40";
upper = "05:20";
};
};
# Set your time zone.
time.timeZone = "America/Chicago";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.utf8";
# Configure keymap in X11
services.xserver = {
xkb.layout = "us";
xkb.variant = "";
};
# Enable networking
networking.networkmanager.enable = true;
services.avahi = {
enable = true;
publish.enable = true;
publish.userServices = true;
};
# Define a user account. Don't forget to set a password with passwd.
users.users.chris = {
isNormalUser = true;
description = "Chris";
extraGroups = [ "networkmanager" "wheel" ];
packages = with pkgs; [];
};
environment.homeBinInPath = true;
programs.fish.enable = true;
virtualisation.docker.enable = true;
# virtualisation.containers.cdi.dynamic.nvidia.enable = true;
hardware.nvidia-container-toolkit.enable = true ;
services.openssh = {
enable = true;
settings.PermitRootLogin = "yes";
};
services.fstrim.enable = true;
services = {
nginx.virtualHosts."graf.tfcconnection.org" = {
forceSSL = true;
enableACME = true;
locations."/".proxyPass = "http://${config.services.grafana.settings.server.http_addr}:${toString config.services.grafana.settings.server.http_port}";
};
grafana = {
enable = true;
settings.server = {
http_port = 4358;
http_addr = "127.0.0.1";
enable_gzip = true;
};
};
prometheus = {
enable = true;
port = 4359;
exporters = {
node = {
enable = true;
enabledCollectors = [ "systemd" "processes" "drm" ];
port = 9002;
};
smartctl.enable = true;
process = {
enable = true;
settings.process_names = [
{ name = "{{.Matches.Wrapped}} {{ .Matches.Args }}"; cmdline = [ "^/nix/store[^ ]*/(?P<Wrapped>[^ /]*) (?P<Args>.*)" ]; }
];
};
};
scrapeConfigs = [
{
job_name = "shen";
static_configs = [{
targets = [
"127.0.0.1:${toString config.services.prometheus.exporters.node.port}"
"127.0.0.1:${toString config.services.prometheus.exporters.smartctl.port}"
];
}];
}
];
};
};
}
Reference in a new issue View git blame Copy permalink