128 lines
3.5 KiB
Nix
128 lines
3.5 KiB
Nix
{ pkgs, ... }: {
|
|
imports = [
|
|
# Base Config
|
|
../../features/base.nix
|
|
../../features/headless.nix
|
|
|
|
# Features
|
|
../../features/br0.nix
|
|
../../features/dockge.nix
|
|
../../features/docker.nix
|
|
../../features/libvirt.nix
|
|
|
|
# Tweaks
|
|
../../tweaks/zfs.nix
|
|
../../tweaks/zram.nix
|
|
../../tweaks/disable_firewall.nix
|
|
../../tweaks/systemd-resolved_nonsense.nix
|
|
|
|
# Dotspace
|
|
../../secrets/dotspace.nix
|
|
|
|
# Users
|
|
../../users/lauren_lagarde/lauren_lagarde.nix
|
|
../../users/ashley_funkhouser/ashley_funkhouser.nix
|
|
];
|
|
|
|
##############################################################################
|
|
##############################################################################
|
|
##############################################################################
|
|
# Bootloader / Kernel
|
|
|
|
boot.loader.efi.canTouchEfiVariables = true;
|
|
boot.loader.grub = {
|
|
enable = true;
|
|
zfsSupport = true;
|
|
efiSupport = true;
|
|
};
|
|
|
|
##############################################################################
|
|
##############################################################################
|
|
##############################################################################
|
|
# Local Filesystems
|
|
|
|
fileSystems = {
|
|
"/" = {
|
|
device = "bastion-root/root";
|
|
fsType = "zfs";
|
|
};
|
|
};
|
|
|
|
##############################################################################
|
|
##############################################################################
|
|
##############################################################################
|
|
# Services
|
|
|
|
services.cron = {
|
|
enable = true;
|
|
mailto = "";
|
|
systemCronJobs = [
|
|
"* * * * * lauren_lagarde /home/lauren_lagarde/bin/PublishStats > /dev/null"
|
|
];
|
|
};
|
|
|
|
services.samba = {
|
|
enable = true;
|
|
openFirewall = true;
|
|
settings = {
|
|
Frigate = {
|
|
path = "/exports/Frigate";
|
|
comment = "NVR Local Storage";
|
|
writable = "yes";
|
|
browseable = "yes";
|
|
|
|
"force user" = "nobody";
|
|
"force group" = "users";
|
|
|
|
"create mask" = "775";
|
|
"force create mode" = "775";
|
|
"security mask" = "775";
|
|
"force security mode" = "775";
|
|
|
|
"directory mask" = "2775";
|
|
"force directory mode" = "2775";
|
|
"directory security mask" = "2775";
|
|
"force directory security mode" = "2775";
|
|
};
|
|
|
|
MyBook = {
|
|
path = "/exports/MyBook";
|
|
comment = "External Storage";
|
|
writable = "yes";
|
|
browseable = "yes";
|
|
|
|
"force user" = "nobody";
|
|
"force group" = "users";
|
|
|
|
"create mask" = "775";
|
|
"force create mode" = "775";
|
|
"security mask" = "775";
|
|
"force security mode" = "775";
|
|
|
|
"directory mask" = "2775";
|
|
"force directory mode" = "2775";
|
|
"directory security mask" = "2775";
|
|
"force directory security mode" = "2775";
|
|
};
|
|
};
|
|
};
|
|
|
|
##############################################################################
|
|
##############################################################################
|
|
##############################################################################
|
|
# System Users
|
|
|
|
users.users = {
|
|
bastion = {
|
|
isNormalUser = true;
|
|
extraGroups = [ "wheel" ];
|
|
initialHashedPassword = "$y$j9T$WThHVbTQdHbv4mI0m4EjK/$LA.4Uf95jD/rJpLVf0kbfH0wFBj4FHCimV6xiDfLOD/";
|
|
};
|
|
dotspace = {
|
|
isNormalUser = true;
|
|
shell = pkgs.shadow;
|
|
initialHashedPassword = "$y$j9T$cH1b/0aafCTaHyWigarb70$bS6WFrbYV4xUZwVtqDCepydOhEol1DqmokBfkGmvRcA";
|
|
};
|
|
};
|
|
}
|