localhost/configuration.nix

# nix-channel --add https://nixos.org/channels/nixos-19.03 nixos
# nix-channel --add https://nixos.org/channels/nixos-unstable unstable
# nix-channel --update
#
{ config, pkgs, ... }:

let
  unstable = import <unstable> {};
in {
  imports =
    [ <nixpkgs/nixos/modules/profiles/hardened.nix>
      ./hardware-configuration.nix
      ./packages.nix
      ./networking.nix
      ./desktop.nix
      ./security.nix
      ./hacks.nix
      ./docker.nix
      ./home-manager.nix
      ./thinkpad.nix
    ];

  time.timeZone = "UTC";

  boot.kernelPackages = unstable.linuxPackages_latest;
  boot.blacklistedKernelModules = [ "nouveau" ];
  boot.earlyVconsoleSetup = true;

  hardware.cpu.intel.updateMicrocode = true;
  hardware.enableRedistributableFirmware = true;

  i18n = {
    consoleFont = "latarcyrheb-sun32";
    consoleKeyMap = "us";
    defaultLocale = "en_US.UTF-8";
  };

  swapDevices = [
    { device = "/var/swapfile";
      size = 32768; # MiB
    }
  ];

  users.users.root.shell = pkgs.zsh;
  users.users.user = {
    initialPassword = "user";
    isNormalUser = true;
    shell = pkgs.zsh;
    extraGroups = [ "wheel" "audio" "libvirtd" ];
  };

  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;
  boot.tmpOnTmpfs = true;

  # force update all channels
  systemd.services.nixos-upgrade.serviceConfig.ExecStartPre =
    "/bin/sh -c '${pkgs.nix}/bin/nix-channel --update'";

  systemd.timers.nixos-upgrade.timerConfig.OnBootSec = "30m";
  systemd.timers.nixos-upgrade.timerConfig.Persistent = true;

  system.stateVersion = "19.03";
  system.autoUpgrade.enable = true;

  nix.optimise.automatic = true;
  nix.gc.automatic = true;
  nix.gc.options = "--delete-older-than 7d";
}
Initial 2019-05-31 00:02:30 +00:00			`# nix-channel --add https://nixos.org/channels/nixos-19.03 nixos`
			`# nix-channel --add https://nixos.org/channels/nixos-unstable unstable`
			`# nix-channel --update`
			`#`
			`{ config, pkgs, ... }:`

			`let`
			`unstable = import <unstable> {};`
			`in {`
			`imports =`
			`[ <nixpkgs/nixos/modules/profiles/hardened.nix>`
			`./hardware-configuration.nix`
			`./packages.nix`
			`./networking.nix`
			`./desktop.nix`
			`./security.nix`
			`./hacks.nix`
Implements docker-based fhs env wrapper 2019-07-05 19:43:28 +00:00			`./docker.nix`
Introduce Home Manager 2019-07-18 17:29:22 +00:00			`./home-manager.nix`
CPU Throttling Fix 2019-08-22 22:11:33 +00:00			`./thinkpad.nix`
Initial 2019-05-31 00:02:30 +00:00			`];`

			`time.timeZone = "UTC";`

A really switch to integrated graphic card 2019-07-25 07:17:03 +00:00			`boot.kernelPackages = unstable.linuxPackages_latest;`
			`boot.blacklistedKernelModules = [ "nouveau" ];`
CPU Throttling Fix 2019-08-22 22:11:33 +00:00			`boot.earlyVconsoleSetup = true;`
A really switch to integrated graphic card 2019-07-25 07:17:03 +00:00
			`hardware.cpu.intel.updateMicrocode = true;`
			`hardware.enableRedistributableFirmware = true;`
Initial 2019-05-31 00:02:30 +00:00
			`i18n = {`
			`consoleFont = "latarcyrheb-sun32";`
			`consoleKeyMap = "us";`
			`defaultLocale = "en_US.UTF-8";`
			`};`

			`swapDevices = [`
			`{ device = "/var/swapfile";`
			`size = 32768; # MiB`
			`}`
			`];`

Remove initial password for root 2019-07-21 20:00:08 +00:00			`users.users.root.shell = pkgs.zsh;`
Initial 2019-05-31 00:02:30 +00:00			`users.users.user = {`
Set users default password 2019-07-21 14:22:27 +00:00			`initialPassword = "user";`
Initial 2019-05-31 00:02:30 +00:00			`isNormalUser = true;`
			`shell = pkgs.zsh;`
			`extraGroups = [ "wheel" "audio" "libvirtd" ];`
			`};`

			`boot.loader.systemd-boot.enable = true;`
			`boot.loader.efi.canTouchEfiVariables = true;`
			`boot.tmpOnTmpfs = true;`

Force update all channels before upgrade 2019-08-02 15:14:23 +00:00			`# force update all channels`
			`systemd.services.nixos-upgrade.serviceConfig.ExecStartPre =`
Fix PATH issue 2019-08-12 16:34:29 +00:00			`"/bin/sh -c '${pkgs.nix}/bin/nix-channel --update'";`
Force update all channels before upgrade 2019-08-02 15:14:23 +00:00
Use update on boot instead of persistent 2019-08-07 18:37:24 +00:00			`systemd.timers.nixos-upgrade.timerConfig.OnBootSec = "30m";`
Use persistent for upgrade timer 2019-08-09 08:27:21 +00:00			`systemd.timers.nixos-upgrade.timerConfig.Persistent = true;`
Force run nixos-upgrade if device was offline 2019-08-04 09:11:45 +00:00
Initial 2019-05-31 00:02:30 +00:00			`system.stateVersion = "19.03";`
			`system.autoUpgrade.enable = true;`

			`nix.optimise.automatic = true;`
			`nix.gc.automatic = true;`
			`nix.gc.options = "--delete-older-than 7d";`
			`}`