blob: 96564fb9237076bd4e7794efe328909217a587d0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
|
# This file contains the configuration for my Macbook Pro.
{flakeInputs, ...}: {
imports = [
./home
];
# Specify the location of this configuration file. Very meta.
environment.darwinConfig = flakeInputs.self + "/hosts/muhammed/configuration.nix";
# Avoid downloading the nixpkgs tarball every hour.
# See: https://cohost.org/fullmoon/post/1728807-nix-s-tarball-ttl-op
nix.settings.tarball-ttl = 604800;
# Use the Nix daemon.
services.nix-daemon.enable = true;
# Set up main account with ZSH.
users.users.linus = {
description = "Personal user account";
home = "/Users/linus";
};
# Should match containing folder.
networking.hostName = "muhammed";
# Let's use fingerprint to authenticate sudo. Very useful as an indicator of
# when darwin-rebuild is finished...
security.pam.enableSudoTouchIdAuth = true;
# Don't request password for running pmset.
environment.etc."sudoers.d/10-unauthenticated-commands".text = let
commands = [
"/usr/bin/pmset"
];
in ''
%admin ALL=(ALL:ALL) NOPASSWD: ${builtins.concatStringsSep ", " commands}
'';
services.still-awake.enable = true;
# Create a local Linux builder. This will allow us to build aarch64-linux
# targets directly on this machine.
nix.settings.trusted-users = ["linus"];
nix.linux-builder = {
enable = true;
# Clearing the VM state upon startup should improve reliability at the cost
# of some startup speed. Will have to re-evaluate if this trade off is
# worth it at some point.
ephemeral = true;
config = {pkgs, ...}: {
environment.systemPackages = with pkgs; [
# cntr is used to jump into the sandbox of packages that use breakpointHook.
pkgs.cntr
# Nix is used to debug and fetch other tools as needed.
pkgs.nix
];
# Allow root login. This would normally be horrible but it's a local VM so who cares.
users.users.root.hashedPassword = "$y$j9T$TosKLKCZ.g9be.Wz5/qVJ.$YWvn4nAp8tn.xhHGBMOz748PHma6QGhN/WShilEbz8A";
services.openssh.permitRootLogin = "yes";
};
};
# System-specific version info.
home-manager.users.linus.home.stateVersion = "22.05";
system.stateVersion = 4;
}
|
