/etc/nixos/configuration.nix for a thinkpad t430s
uploaded to media.unturf.com
Description
################################################################################
# █▄░█ █ ▀▄▀ █▀█ █▀ ▄▄ █░█ █▀█
# █░▀█ █ █░█ █▄█ ▄█ ░░ █▄█ █▀▀
#
# This NixOS installation brought to you by nixos-up!
# Please consider supporting the project (https://github.com/samuela/nixos-up)
# and the NixOS Foundation (https://opencollective.com/nixos)!
################################################################################
# Run this command after you change this file.
# nixos-rebuild switch
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running ‘nixos-help’).
{ lib, config, pkgs, ... }:
let
home-manager = fetchTarball "https://github.com/nix-community/home-manager/archive/release-24.11.tar.gz";
kubeMasterIP = "192.168.1.15";
kubeMasterHostname = "nixos.foxhop.net";
kubeMasterAPIServerPort = 6443;
in
{
# Your home-manager configuration! Check out https://rycee.gitlab.io/home-manager/ for all possible options.
home-manager.users.fox = { pkgs, ... }: {
home.packages = with pkgs; [ hello ];
home.stateVersion = "24.11";
};
# Include other .nix config files
imports = [
"${home-manager}/nixos"
# the results of the hardware scan.
./hardware-configuration.nix
];
# Use the GRUB 2 boot loader.
boot.loader.grub.enable = true;
#boot.loader.grub.version = 2;
boot.loader.grub.device = "/dev/sda";
# boot.loader.grub.efiSupport = true;
# boot.loader.grub.efiInstallAsRemovable = true;
# boot.loader.efi.efiSysMountPoint = "/boot/efi";
# Define on which hard drive you want to install Grub.
# boot.loader.grub.device = "/dev/sda"; # or "nodev" for efi only
networking.hostName = "nixos"; # Define your hostname.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# resolve master hostname
networking.extraHosts = "${kubeMasterIP} ${kubeMasterHostname}";
# Set your time zone.
time.timeZone = "America/New_York";
# The global useDHCP flag is deprecated, therefore explicitly set to false here.
# Per-interface useDHCP will be mandatory in the future, so this generated config
# replicates the default behaviour.
networking.useDHCP = false;
networking.interfaces.eno1.useDHCP = true;
networking.nameservers = ["192.168.1.22"];
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Select internationalisation properties.
# i18n.defaultLocale = "en_US.UTF-8";
# console = {
# font = "Lat2-Terminus16";
# keyMap = "us";
# };
# Enable the X11 windowing system.
services.xserver.enable = true;
# Enable the GNOME Desktop Environment.
services.xserver.displayManager.gdm.enable = true;
services.xserver.desktopManager.gnome.enable = true;
#services.xserver.videoDrivers = [ "nvidia" ];
# configured a predicate to allow specific non-free packages:
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
#"nvidia"
#"nvidia-x11"
#"nvidia-settings"
"steam-run"
"steam"
"steam-original"
"steam-runtime"
"steam-unwrapped"
];
# Configure keymap in X11
# services.xserver.layout = "us";
# services.xserver.xkbOptions = "eurosign:e";
# Enable CUPS to print documents.
services.printing.enable = true;
# Enable sound.
#sound.enable = true;
#hardware.pulseaudio.enable = true;
# Enable touchpad support (enabled default in most desktopManager).
services.libinput.enable = true;
# Enable steam.
programs.steam.enable = true;
# if you want to use steam contorller or index, uncomment.
# hardware.steam-hardware.enable = true;
# services.openssh = {
# enable = true;
# permitRootLogin = "yes";
# }
users.mutableUsers = false;
users.users.fox = {
isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" "libvirt" "docker" ];
hashedPasswordFile = "/etc/passwordFile-fox";
};
# Disable password-based login for root.
users.users.root.hashedPassword = "!";
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
# Do not forget to add an editor to edit configuration.nix!
# The Nano editor is also installed by default.
vim
git
dig
wget
unzip
firefox
yggdrasil
# autoformatting this file.
nixpkgs-fmt
# virtual machines!
virt-manager
# unix password store
pass
pass-wayland
pinentry
pinentry-gnome3
pinentry-curses
# gpg
gnupg
gnumake
# rust people really do cargo cult hard, sorta wierd.
rustc
cargo
docker
docker-compose
# kubernetes
# https://nixos.wiki/wiki/Kubernetes
kompose
kubectl
kubernetes
# try to install python3
(let
my-python-packages = python-packages: with python-packages; [
requests
];
python-with-my-packages = python3.withPackages my-python-packages;
in
python-with-my-packages)
];
environment.variables.EDITOR = "vim";
services.yggdrasil = {
enable = true;
persistentKeys = true;
# The NixOS module will generate new keys and a new IPv6 address each time
# it is started if persistentKeys is not enabled.
settings = {
Peers = [
# Yggdrasil will automatically connect and "peer" with other nodes it
# discovers via link-local multicast annoucements. Unless this is the
# case (it probably isn't) a node needs peers within the existing
# network that it can tunnel to.
"tcp://50.236.201.218:56088"
# Public peers can be found at
# https://github.com/yggdrasil-network/public-peers
];
};
};
virtualisation.libvirtd = {
enable = true;
onBoot = "ignore";
onShutdown = "shutdown";
qemu = {
ovmf = {
enable = true;
};
runAsRoot = false;
};
};
# enable docker service.
virtualisation.docker.enable = true;
# kubernetes.
services.kubernetes = {
roles = ["master" "node"];
masterAddress = kubeMasterHostname;
apiserverAddress = "https://${kubeMasterHostname}:${toString kubeMasterAPIServerPort}";
easyCerts = true;
apiserver = {
securePort = kubeMasterAPIServerPort;
advertiseAddress = kubeMasterIP;
};
# use coredns
addons.dns.enable = true;
# needed if you use swap
kubelet.extraOpts = "--fail-swap-on=false";
};
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
services.pcscd.enable = true;
# List services that you want to enable:
# Enable the OpenSSH daemon.
services.openssh.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. It‘s perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "21.11"; # Did you read the comment?
# Configure swap file. Sizes are in megabytes. Default swap is
# max(1GB, sqrt(RAM)) = 1024. If you want to use hibernation with
# this device, then it's recommended that you use
# RAM + max(1GB, sqrt(RAM)) = 8940.000.
swapDevices = [{ device = "/swapfile"; size = 1024; }];
}
Leave a Comment