2023-06-24 23:00:02 +08:00
|
|
|
{ hostName }: inputs:
|
2023-06-09 20:54:03 +08:00
|
|
|
{
|
|
|
|
config =
|
|
|
|
{
|
2023-06-14 00:35:11 +08:00
|
|
|
nixpkgs.hostPlatform = inputs.lib.mkDefault "x86_64-linux";
|
2023-06-10 03:21:34 +08:00
|
|
|
nix =
|
2023-06-09 21:09:52 +08:00
|
|
|
{
|
2023-06-10 03:21:34 +08:00
|
|
|
settings =
|
|
|
|
{
|
|
|
|
experimental-features = [ "nix-command" "flakes" ];
|
|
|
|
keep-outputs = true;
|
|
|
|
system-features = [ "big-parallel" ];
|
|
|
|
keep-failed = true;
|
2023-06-21 01:01:33 +08:00
|
|
|
auto-optimise-store = true;
|
2023-06-10 03:21:34 +08:00
|
|
|
};
|
|
|
|
daemonIOSchedClass = "idle";
|
|
|
|
daemonCPUSchedPolicy = "idle";
|
2023-06-09 21:09:52 +08:00
|
|
|
};
|
2023-06-09 20:54:03 +08:00
|
|
|
networking.hostName = hostName;
|
|
|
|
time.timeZone = "Asia/Shanghai";
|
2023-06-23 13:02:33 +08:00
|
|
|
system =
|
|
|
|
{
|
|
|
|
stateVersion = "22.11";
|
2023-06-24 21:26:41 +08:00
|
|
|
configurationRevision = inputs.topInputs.self.rev or "dirty";
|
2023-06-23 13:02:33 +08:00
|
|
|
};
|
2023-06-09 20:54:03 +08:00
|
|
|
nixpkgs.config.allowUnfree = true;
|
2023-06-10 03:21:34 +08:00
|
|
|
systemd =
|
|
|
|
{
|
2023-06-21 11:49:39 +08:00
|
|
|
extraConfig =
|
|
|
|
"
|
|
|
|
DefaultTimeoutStopSec=10s
|
|
|
|
DefaultLimitNOFILE=1048576:1048576
|
|
|
|
";
|
2023-06-10 03:21:34 +08:00
|
|
|
user.extraConfig = "DefaultTimeoutStopSec=10s";
|
2023-06-21 09:47:25 +08:00
|
|
|
sleep.extraConfig = "SuspendState=freeze";
|
2023-06-14 23:28:45 +08:00
|
|
|
services.nix-daemon.serviceConfig = { Slice = "-.slice"; Nice = "19"; };
|
2023-06-10 03:44:28 +08:00
|
|
|
};
|
2023-06-13 13:41:44 +08:00
|
|
|
programs.nix-ld.enable = true;
|
2023-06-21 09:31:03 +08:00
|
|
|
boot = { supportedFilesystems = [ "ntfs" ]; consoleLogLevel = 7; };
|
2023-06-24 23:25:35 +08:00
|
|
|
hardware.enableAllFirmware = true;
|
2023-06-27 17:26:27 +08:00
|
|
|
security.pam =
|
|
|
|
{
|
|
|
|
u2f = { enable = true; cue = true; authFile = inputs.config.sops.secrets."u2f".path; };
|
|
|
|
services = { login.u2fAuth = true; sudo.u2fAuth = true; };
|
|
|
|
};
|
|
|
|
sops.secrets.u2f.neededForUsers = true;
|
2023-06-09 20:54:03 +08:00
|
|
|
};
|
|
|
|
}
|