nixos/modules/basic.nix

{ hostName }: inputs:
{
	config =
	{
		nixpkgs.hostPlatform = inputs.lib.mkDefault "x86_64-linux";
		nix =
		{
			settings =
			{
				experimental-features = [ "nix-command" "flakes" ];
				keep-outputs = true;
				system-features = [ "big-parallel" ];
				keep-failed = true;
				auto-optimise-store = true;
			};
			daemonIOSchedClass = "idle";
			daemonCPUSchedPolicy = "idle";
			registry =
			{
				nixpkgs.flake = inputs.topInputs.nixpkgs;
				nixos-config.flake = inputs.topInputs.self;
			};
			# nixPath =
			# [
			# 	"nixpkgs=/etc/channels/nixpkgs"
			# 	"nixos-config=/etc/nixos/configuration.nix"
			# 	"/nix/var/nix/profiles/per-user/root/channels"
			# ];
		};
		networking.hostName = hostName;
		time.timeZone = "Asia/Shanghai";
		system =
		{
			stateVersion = "22.11";
			configurationRevision = inputs.topInputs.self.rev or "dirty";
		};
		nixpkgs.config.allowUnfree = true;
		systemd =
		{
			extraConfig =
			"
				DefaultTimeoutStopSec=10s
				DefaultLimitNOFILE=1048576:1048576
			";
			user.extraConfig = "DefaultTimeoutStopSec=10s";
			sleep.extraConfig =
			"
				SuspendState=freeze
				HibernateMode=shutdown
			";
			services.nix-daemon.serviceConfig = { Slice = "-.slice"; Nice = "19"; };
		};
		programs.nix-ld.enable = true;
		boot = { supportedFilesystems = [ "ntfs" ]; consoleLogLevel = 7; };
		hardware.enableAllFirmware = true;
		security.pam =
		{
			u2f = { enable = true; cue = true; authFile = ./u2f_keys; };
			services = builtins.listToAttrs (builtins.map (name: { inherit name; value = { u2fAuth = true; }; })
				[ "login" "sudo" "su" "kde" "polkit-1" ]);
		};
		systemd.nspawn =
			let
				f = name: { inherit name; value =
				{
					execConfig.PrivateUsers = false;
					networkConfig.VirtualEthernet = false;
				}; };
			in
				builtins.listToAttrs (builtins.map f [ "arch" "ubuntu-22.04" ]);
		environment.etc."channels/nixpkgs".source = inputs.topInputs.nixpkgs.outPath;
		# environment.pathsToLink = [ "/include" ];
		# environment.variables.CPATH = "/run/current-system/sw/include";
		# environment.variables.LIBRARY_PATH = "/run/current-system/sw/lib";
	};
}
use wrapper to call modules 2023-06-24 23:00:02 +08:00			`{ hostName }: inputs:`
完成分割（home manager 除外） 2023-06-09 20:54:03 +08:00			`{`
			`config =`
			`{`
全局启用native，但排除个别包极其依赖 2023-06-14 00:35:11 +08:00			`nixpkgs.hostPlatform = inputs.lib.mkDefault "x86_64-linux";`
make nix daemon low priority 2023-06-10 03:21:34 +08:00			`nix =`
Merge branch 'split' 2023-06-09 21:09:52 +08:00			`{`
make nix daemon low priority 2023-06-10 03:21:34 +08:00			`settings =`
			`{`
			`experimental-features = [ "nix-command" "flakes" ];`
			`keep-outputs = true;`
			`system-features = [ "big-parallel" ];`
			`keep-failed = true;`
auto optimize store 2023-06-21 01:01:33 +08:00			`auto-optimise-store = true;`
make nix daemon low priority 2023-06-10 03:21:34 +08:00			`};`
			`daemonIOSchedClass = "idle";`
			`daemonCPUSchedPolicy = "idle";`
add nixos-config registry remove some nixPath 2023-07-10 19:29:32 +08:00			`registry =`
			`{`
			`nixpkgs.flake = inputs.topInputs.nixpkgs;`
			`nixos-config.flake = inputs.topInputs.self;`
			`};`
			`# nixPath =`
			`# [`
			`# "nixpkgs=/etc/channels/nixpkgs"`
			`# "nixos-config=/etc/nixos/configuration.nix"`
			`# "/nix/var/nix/profiles/per-user/root/channels"`
			`# ];`
Merge branch 'split' 2023-06-09 21:09:52 +08:00			`};`
完成分割（home manager 除外） 2023-06-09 20:54:03 +08:00			`networking.hostName = hostName;`
			`time.timeZone = "Asia/Shanghai";`
add system version 2023-06-23 13:02:33 +08:00			`system =`
			`{`
			`stateVersion = "22.11";`
rename inputs into topInputs 2023-06-24 21:26:41 +08:00			`configurationRevision = inputs.topInputs.self.rev or "dirty";`
add system version 2023-06-23 13:02:33 +08:00			`};`
完成分割（home manager 除外） 2023-06-09 20:54:03 +08:00			`nixpkgs.config.allowUnfree = true;`
make nix daemon low priority 2023-06-10 03:21:34 +08:00			`systemd =`
			`{`
add some sysctl configs 2023-06-21 11:49:39 +08:00			`extraConfig =`
			`"`
			`DefaultTimeoutStopSec=10s`
			`DefaultLimitNOFILE=1048576:1048576`
			`";`
make nix daemon low priority 2023-06-10 03:21:34 +08:00			`user.extraConfig = "DefaultTimeoutStopSec=10s";`
hibernate -> shutdown 2023-07-12 10:09:42 +08:00			`sleep.extraConfig =`
			`"`
			`SuspendState=freeze`
			`HibernateMode=shutdown`
			`";`
reset nice of nix-daemon 2023-06-14 23:28:45 +08:00			`services.nix-daemon.serviceConfig = { Slice = "-.slice"; Nice = "19"; };`
move nix daemon to root slice 2023-06-10 03:44:28 +08:00			`};`
enable nix-ld 2023-06-13 13:41:44 +08:00			`programs.nix-ld.enable = true;`
more log 2023-06-21 09:31:03 +08:00			`boot = { supportedFilesystems = [ "ntfs" ]; consoleLogLevel = 7; };`
merge boot and filesystem together 2023-06-24 23:25:35 +08:00			`hardware.enableAllFirmware = true;`
write u2f authfile 2023-06-27 17:26:27 +08:00			`security.pam =`
			`{`
明文存储u2f key 2023-06-29 22:26:09 +08:00			`u2f = { enable = true; cue = true; authFile = ./u2f_keys; };`
add more u2f auth 2023-06-29 22:03:24 +08:00			`services = builtins.listToAttrs (builtins.map (name: { inherit name; value = { u2fAuth = true; }; })`
			`[ "login" "sudo" "su" "kde" "polkit-1" ]);`
write u2f authfile 2023-06-27 17:26:27 +08:00			`};`
add ubuntu nspawn config 2023-07-19 18:40:46 +08:00			`systemd.nspawn =`
			`let`
			`f = name: { inherit name; value =`
			`{`
			`execConfig.PrivateUsers = false;`
			`networkConfig.VirtualEthernet = false;`
			`}; };`
			`in`
			`builtins.listToAttrs (builtins.map f [ "arch" "ubuntu-22.04" ]);`
set system registry 2023-07-08 17:28:07 +08:00			`environment.etc."channels/nixpkgs".source = inputs.topInputs.nixpkgs.outPath;`
do not link include 2023-07-08 16:56:36 +08:00			`# environment.pathsToLink = [ "/include" ];`
			`# environment.variables.CPATH = "/run/current-system/sw/include";`
			`# environment.variables.LIBRARY_PATH = "/run/current-system/sw/lib";`
完成分割（home manager 除外） 2023-06-09 20:54:03 +08:00			`};`
			`}`