index — nix @ da8020538b76918be929594f24d89d1723bbca38

My first nix server; runs a minecraft server

configuration.nix (view raw)

 1
 2
 3
 4
 5
 6
 7
 8
 9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
 100
 101
 102
 103
 104
 105
 106
 107
 108
 109
 110
 
{ config, lib, pkgs, ... }:

{
  imports =
    [
      ./hardware-configuration.nix
    ];

  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;

  boot.kernelPackages = pkgs.linuxPackages_latest;

  networking.hostName = "RFC-7168"; 

  networking.networkmanager.enable = true;

  time.timeZone = "Europe/Berlin";

  services.pipewire = {
    enable = true;
    pulse.enable = true;
  };

   services.logind.settings.Login = {
     HandleLidSwitch = "ignore";
     HandleLidSwitchDocked = "ignore";
     HandleLidSwitchExternalPower = "ignore";

     HandlePowerKey = "ignore";
     HandleRebootKey = "ignore";
     HandleSuspendKey = "ignore";
     HandleHibernateKey = "ignore";
   };

  systemd.services.foo = {
    enable = true;
    script = ''
    echo "0" > /sys/class/backlight/nv_backlight/brightness
    '';
    wantedBy = [ "multi-user.target" ];
    serviceConfig = {
      Restart = "on-failure";
      RestartSec = "3";
    };
  };

  # Enable touchpad support (enabled default in most desktopManager).
  services.libinput.enable = true;

  # Define a user account. Don't forget to set a password with ‘passwd’.
  users.users.crispy = {
    isNormalUser = true;
    extraGroups = [ "wheel" ];
    packages = with pkgs; [
      tree
    ];
  };

  programs.firefox.enable = true;

  environment.systemPackages = with pkgs; [
    vim
    curl 
    microfetch
    gdu
    age
  ];

  programs.gnupg.agent = {
    enable = true;
    enableSSHSupport = true;
  };

  age.secrets.wg0-key = {
    file = ./secrets/wg0-key.age;
  };

  networking.wg-quick.interfaces = {
    wg0 = {
      address = ["10.0.0.18/32"];
      privateKeyFile = config.age.secrets.wg0-key.path;
      peers = [
        {
          endpoint = "202.61.203.128:51820";
          publicKey = "dGeLAqZD81XYcZQBJ5SELiUGh7hD//G+o1rahSpxY0s=";
          allowedIPs = [ "10.0.0.1/32" ];
        }
      ];
    };
  };

  programs.git = {
    enable = true;
    config = {
      user = {
        email = "crispy@crispy-caesus.eu";
	name = "crispy-caesus";
      };
    };
  };

  services.openssh.enable = true;

  networking.firewall.allowedTCPPorts = [ 22 ];

  system.stateVersion = "25.11";

}