From 70b453279b3412db0afd7ead089dbd46e8b3d665 Mon Sep 17 00:00:00 2001 From: Mira Date: Wed, 3 Jul 2024 12:58:48 -0400 Subject: [PATCH] initial leptin config --- auxin/configuration.nix | 1 + flake.nix | 8 +++++ leptin/configuration.nix | 66 ++++++++++++++++++++++++++++++++++++++++ 3 files changed, 75 insertions(+) create mode 100644 leptin/configuration.nix diff --git a/auxin/configuration.nix b/auxin/configuration.nix index f2a94a7..f44098c 100644 --- a/auxin/configuration.nix +++ b/auxin/configuration.nix @@ -248,6 +248,7 @@ ]; bantime-increment.enable = true; }; + # TODO: check security settings samba = { enable = true; shares = { diff --git a/flake.nix b/flake.nix index 8985615..69f6758 100644 --- a/flake.nix +++ b/flake.nix @@ -20,5 +20,13 @@ ]; }; }; + darwinConfigurations = { + leptin = nixpkgs.lib.darwinSystem { + system = "aarch64-darwin"; + modules = [ + ./leptin/configuration.nix + ]; + }; + }; }; } diff --git a/leptin/configuration.nix b/leptin/configuration.nix new file mode 100644 index 0000000..5ccbdac --- /dev/null +++ b/leptin/configuration.nix @@ -0,0 +1,66 @@ +{ + config, + lib, + pkgs, + ... +}: { + imports = []; + + nix = { + package = pkgs.nixFlakes; + optimise.automatic = true; + extraOptions = '' + experimental-features = nix-command flakes + ''; + }; + networking = { + hostName = "leptin"; + }; + time.timeZone = "America/New_York"; + environment.systemPackages = with pkgs; [ + caddy + cargo + bat + chezmoi + delta + git + difftastic + btop + alejandra + neovim + hyperfine + lazygit + docker + lsd + zsh + sheldon + starship + tealdeer + statix + tmux + viddy + yazi + zoxide + fzf + mcfly + wget + ]; + programs = { + nh = { + enable = true; + clean.enable = true; + clean.extraArgs = "--keep-since 4d --keep 3"; + flake = "/Users/mira/nix-config"; + }; + }; + fail2ban = { + enable = true; + ignoreIP = ["10.0.0.0/8" "172.16.0.0/12" "192.168.0.0/16"]; + }; + virtualisation.docker = { + enableOnBoot = true; + enable = true; + autoPrune.enable = true; + extraOptions = "--userns-remap=default"; + }; +}