dotfiles.nix/nixos/viridian/configuration.nix

68 lines
1.3 KiB
Nix
Raw Normal View History

2024-01-21 21:03:57 +08:00
{ outputs, pkgs, ... }:
2023-10-30 19:03:16 +08:00
{
imports = [
2024-01-21 21:03:57 +08:00
../common/global
../common/users/sajenim
../common/optional/wireguard
2023-10-31 05:46:44 +08:00
2024-01-21 21:03:57 +08:00
./services
./containers
2023-10-30 19:03:16 +08:00
./hardware-configuration.nix
2024-01-21 21:03:57 +08:00
outputs.nixosModules.qbittorrent
2023-10-30 19:03:16 +08:00
];
2024-01-21 21:03:57 +08:00
boot.kernel.sysctl = {
"net.ipv4.ip_unprivileged_port_start" = 0;
2023-11-07 07:53:50 +08:00
};
2023-11-07 07:53:17 +08:00
hardware.opengl = {
enable = true;
extraPackages = with pkgs; [
intel-media-driver
vaapiIntel
vaapiVdpau
libvdpau-va-gl
2024-01-21 21:03:57 +08:00
intel-compute-runtime
2023-11-07 07:53:17 +08:00
];
};
2023-10-31 05:46:44 +08:00
networking = {
hostName = "viridian";
networkmanager.enable = true;
firewall = {
enable = true;
allowedTCPPorts = [
2023-11-05 22:14:06 +08:00
53 # adguardhome (DNS)
2023-10-31 05:46:44 +08:00
80 # traefik (HTTP)
443 # traefik (HTTPS)
32372 # qbittorrent
];
allowedUDPPorts = [
2023-11-05 22:14:06 +08:00
53 # adguardhome (DNS)
2023-10-31 05:46:44 +08:00
80 # traefik (HTTP)
443 # traefik (HTTPS)
32372 # qbittorrent
2023-11-20 06:38:12 +08:00
51820 # Wireguard
2023-10-31 05:46:44 +08:00
];
};
};
2023-10-30 19:03:16 +08:00
2024-01-21 21:03:57 +08:00
programs = {
2023-11-05 22:14:06 +08:00
zsh.enable = true;
};
2024-01-21 21:03:57 +08:00
virtualisation.docker = {
enable = true;
liveRestore = false;
2023-10-30 19:03:16 +08:00
};
2024-01-23 09:49:45 +08:00
# Required for smooth remote deployments
security.sudo.wheelNeedsPassword = false;
2023-10-30 19:03:16 +08:00
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
system.stateVersion = "23.05";
}