Created
October 7, 2021 00:45
-
-
Save spotlightishere/b630d8f90b5418aae709ee70c1265c0e to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { config, pkgs, ... }: | |
| { | |
| imports = | |
| [ | |
| ./hardware-configuration.nix | |
| ]; | |
| # Use the systemd-boot EFI boot loader. | |
| boot.loader.systemd-boot.enable = true; | |
| boot.loader.efi.canTouchEfiVariables = true; | |
| # (regretfully) enable Broadcom wireless drivers. | |
| boot.kernelModules = ["wl"]; | |
| boot.extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ]; | |
| nixpkgs.config.allowUnfree = true; | |
| # Set your time zone. | |
| time.timeZone = "Etc/UTC"; | |
| networking = { | |
| hostName = "calypso"; | |
| useDHCP = false; | |
| interfaces = { | |
| # Ensure Ethernet has DHCP if required. | |
| enp2s0f0.useDHCP = true; | |
| # It's nearly mandated for wireless! | |
| wlp3s0.useDHCP = true; | |
| }; | |
| # Broadcom firmware | |
| enableB43Firmware = true; | |
| wireless = { | |
| enable = true; | |
| networks = { | |
| FoxNet = { | |
| pskRaw = "redacted"; | |
| }; | |
| }; | |
| }; | |
| firewall = { | |
| enable = true; | |
| # 22 for SSH, 139/445 for SMB, 548/636 for Zeroconf | |
| allowedTCPPorts = [ 22 139 445 548 636 ]; | |
| # 137/138 for SMB | |
| allowedUDPPorts = [ 137 138 ]; | |
| allowPing = true; | |
| }; | |
| }; | |
| # Select internationalisation properties. | |
| i18n.defaultLocale = "en_US.UTF-8"; | |
| # Configure users | |
| users.users = { | |
| # Me, myself and I | |
| spotlight = { | |
| isNormalUser = true; | |
| extraGroups = [ "wheel" ]; | |
| shell = pkgs.zsh; | |
| openssh.authorizedKeys.keys = [ "blah blah blah" ]; | |
| }; | |
| # The user we'll use to back up with | |
| time-machine = { | |
| isSystemUser = true; | |
| group = "time-machine"; | |
| # This will also be where our backup data is. | |
| home = "/var/lib/time-machine"; | |
| }; | |
| }; | |
| users.groups.time-machine = {}; | |
| environment.systemPackages = with pkgs; [ | |
| git | |
| vim | |
| wget | |
| zsh | |
| ]; | |
| services = { | |
| # Ensure we have OpenSSH | |
| openssh = { | |
| enable = true; | |
| passwordAuthentication = false; | |
| }; | |
| # Provide samba via the time-machine user | |
| samba = { | |
| enable = true; | |
| shares = { | |
| "Time Machine" = { | |
| path = "/var/lib/time-machine"; | |
| "valid users" = "time-machine"; | |
| public = "no"; | |
| writeable = "yes"; | |
| "force user" = "time-machine"; | |
| "fruit:aapl" = "yes"; | |
| "fruit:time machine" = "yes"; | |
| # We're an iPhone 3GS. Don't question it. | |
| "fruit:model" = "N88AP"; | |
| "vfs objects" = "catia fruit streams_xattr"; | |
| }; | |
| }; | |
| }; | |
| # Announce that we host Time Machine | |
| avahi = { | |
| enable = true; | |
| publish = { | |
| enable = true; | |
| userServices = true; | |
| }; | |
| }; | |
| }; | |
| # This value determines the NixOS release from which the default | |
| # settings for stateful data, like file locations and database versions | |
| # on your system were taken. It‘s perfectly fine and recommended to leave | |
| # this value at the release version of the first install of this system. | |
| # Before changing this value read the documentation for this option | |
| # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). | |
| system.stateVersion = "21.05"; # Did you read the comment? | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment