77 lines
1.7 KiB
Nix
77 lines
1.7 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
{
|
|
imports = [
|
|
./hardware-configuration.nix
|
|
../desktop.nix
|
|
];
|
|
|
|
boot.loader.grub.enable = true;
|
|
boot.loader.grub.device = "/dev/sda";
|
|
boot.loader.grub.zfsSupport = true;
|
|
|
|
networking.hostName = "helios";
|
|
networking.hostId = "47d23505";
|
|
networking.networkmanager.enable = true;
|
|
|
|
nix.package = pkgs.nixFlakes;
|
|
nix.extraOptions = ''
|
|
experimental-features = nix-command flakes
|
|
'';
|
|
|
|
users.defaultUserShell = pkgs.zsh;
|
|
|
|
system.stateVersion = "22.11";
|
|
|
|
age.secrets."passwords/services/borg/helios-passphrase" = {
|
|
file = "${inputs.secrets}/passwords/services/borg/helios-passphrase.age";
|
|
};
|
|
|
|
services.borgmatic = {
|
|
enable = true;
|
|
settings = {
|
|
source_directories = [
|
|
"/home/jordan/Documents"
|
|
];
|
|
repositories = [
|
|
{ label = "borgbase"; path = "ssh://cb2vwh9g@cb2vwh9g.repo.borgbase.com/./repo"; }
|
|
];
|
|
storage = {
|
|
encryption_passcommand = "cat ${config.age.secrets."passwords/services/borg/helios-passphrase".path}";
|
|
ssh_command = "ssh -i /etc/ssh/ssh_host_ed25519_key";
|
|
};
|
|
retention = {
|
|
keep_daily = 7;
|
|
keep_weekly = 4;
|
|
keep_monthly = 6;
|
|
};
|
|
};
|
|
};
|
|
|
|
# Without this override, `cat` is unavailable for `encryption_passcommand`
|
|
systemd.services.borgmatic.confinement.fullUnit = true;
|
|
|
|
modules = {
|
|
desktop = {
|
|
apps.qbittorrent.enable = true;
|
|
browsers = {
|
|
firefox.enable = true;
|
|
};
|
|
};
|
|
dev = {
|
|
node.enable = true;
|
|
};
|
|
editors = {
|
|
neovim.enable = true;
|
|
};
|
|
security = {
|
|
gpg.enable = true;
|
|
pass.enable = true;
|
|
};
|
|
shell = {
|
|
git.enable = true;
|
|
zsh.enable = true;
|
|
};
|
|
};
|
|
}
|