{ config, lib, pkgs, ... }: let myIp = "68.107.97.20"; # hiddor-kahih gitDir = "/srv/git"; in { networking = { hostName = "lithium"; hosts = { "192.168.56.104" = [ "pprjam.localhost" ]; "127.0.0.1" = [ "localhost" "news.bnet" ]; "::1" = [ "localhost" "ipv6-localhost" "ipv6-loopback" ]; }; firewall = { allowedTCPPorts = [ 8096 22 8000 8443 443 500 10000 8080 8081]; allowedTCPPortRanges = [ { from = 3000; to = 3100; } # dev { from = 49152; to = 65535; } # jupyter kernel ]; checkReversePath = false; }; }; time.timeZone = "America/Los_Angeles"; environment.systemPackages = with pkgs; [ wget vnstat ]; fonts.fonts = with pkgs; [ google-fonts mononoki source-code-pro fantasque-sans-mono hack-font fira fira-code fira-code-symbols ]; nixpkgs = { config = { allowUnfree = true; allowBroken = true; }; }; hardware = { opengl.enable = true; pulseaudio = { enable = true; extraConfig = '' load-module module-loopback ''; }; }; programs = { bash.enableCompletion = true; command-not-found.enable = true; gnupg.agent = { enable = true; enableSSHSupport = true; }; mosh.enable = true; }; virtualisation = { docker = { enable = false; liveRestore = false; }; libvirtd.enable = true; virtualbox = { host = { enable = true; headless = false; addNetworkInterface = true; }; guest = { enable = true; x11 = false; }; }; }; services = { pcscd.enable = true; logind = { lidSwitch = "ignore"; extraConfig = "IdleAction=ignore"; }; openssh = { enable = true; forwardX11 = true; }; deluge = { enable = true; openFilesLimit = 10240; web.enable = true; }; printing.enable = true; xserver = { enable = true; layout = "us"; #displayManager.lightdm = { # enable = false; # background = "/home/ben/.background-image"; #}; desktopManager = { kodi.enable = true; gnome3 = { enable = true; extraGSettingsOverridePackages = with pkgs; [ gnome3.gnome_settings_daemon ]; extraGSettingsOverrides = '' [org.gnome.desktop.screensaver] lock-delay=3600 lock-enabled=true' [org.gnome.desktop.session] idle-delay=900 [org.gnome.settings-daemon.plugins.power] power-button-action='nothing' idle-dim=true sleep-inactive-battery-type='nothing' sleep-inactive-ac-timeout=3600 sleep-inactive-ac-type='nothing' sleep-inactive-battery-timeout=1800 ''; }; #xrandrHeads = [ # { # output = "HDMI1"; # primary = true; # monitorConfig = '' # DisplaySize 1920x1080 # ''; # } # #{ # # output = "DP1"; # # monitorConfig = '' # # DisplaySize 1920x1080 # # ''; # #} #]; }; }; redshift = { enable = true; latitude = "33.044444"; longitude = "-117.271667"; temperature = { day = 4000; night = 3500; }; }; jupyter = { enable = true; port = 3099; ip = "*"; password = "'sha1:4b14a407cabe:fbab8e5400f3f4f3ffbdb00e996190d6a84bf51e'"; kernels = { python3 = let env = (pkgs.python3.withPackages (p: with p; [ ipykernel pandas scikitlearn numpy matplotlib sympy ipywidgets ])); in { displayName = "py3"; argv = [ "${env.interpreter}" "-m" "ipykernel_launcher" "-f" "{connection_file}" ]; language = "python"; #logo32 = "${env.sitePackages}/lib/python3.6/site-packages/ipykernel/resources/logo-32x32.png"; #logo64 = "${env.sitePackages}/lib/python3.6/site-packages/ipykernel/resources/logo-64x64.png"; }; }; }; emby = { enable = true; user = "emby"; }; # just for hero development mysql = { enable = true; package = pkgs.mysql57; }; vnstat.enable = true; # security stuff fail2ban.enable = false; clamav = { daemon.enable = false; updater.enable = false; }; postgresql = { enable = true; package = pkgs.postgresql_10; authentication = '' local all pprjam md5 local all pprjam_test md5 ''; enableTCPIP = true; }; redis = { enable = true; }; }; # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; boot.initrd.luks.devices = [ { name = "root"; device = "/dev/disk/by-uuid/a0160f25-e0e3-4af0-8236-3e298eac957a"; preLVM = true; } ]; powerManagement.enable = false; nix = { gc = { automatic = true; dates = "03:15"; }; binaryCaches = [ "https://cache.nixos.org/" ]; nixPath = [ "nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos/nixpkgs" "nixos-config=/etc/nixos/configuration.nix" "/nix/var/nix/profiles/per-user/root/channels" ]; extraOptions = '' gc-keep-outputs = true gc-keep-derivations = true ''; }; # This value determines the NixOS release with which your system is to be # compatible, in order to avoid breaking some software such as database # servers. You should change this only after NixOS release notes say you # should. system.stateVersion = "17.09"; # Did you read the comment? system.autoUpgrade.enable = true; }