{ config, pkgs, ... }: { imports = [ ./bragi-hw.nix ./autofs.nix ]; boot.loader.grub.enable = true; boot.loader.grub.version = 2; boot.loader.grub.device = "/dev/sda"; boot.loader.grub.extraConfig = "serial; terminal_output.serial"; boot.kernelParams = [ "console=ttyS0,115200" ]; networking.hostName = "bragi"; networking.hostId = "2af11085"; networking.wireless.enable = true; networking.firewall = { allowPing = true; allowedUDPPortRanges = [ { from = 60000; to = 61000; } # mosh-server ]; allowedTCPPorts = [ 6600 # MPD ]; }; nixpkgs.config.packageOverrides = pkgs: { jack2 = pkgs.callPackage ./jack2.nix {}; mpd = pkgs.mpd.override { jackSupport = true; }; }; environment.systemPackages = with pkgs; [ git mosh rsync tmux nfs-utils jack2 ]; # List services that you want to enable: services.openssh.enable = true; services.fcron = { enable = true; systab = '' %weekly * * nix-collect-garbage --delete-older-than '7d' ''; }; services.autofs = { enable = true; autoMaster = let mapConf = pkgs.writeText "auto" '' odin -fstype=nfs,ro odin.asgard.yggdrasil:/srv/media ''; in '' /media file:${mapConf} ''; }; systemd.services.jack = { wantedBy = [ "sound.target" ]; serviceConfig = { Type = "simple"; ExecStart = "${pkgs.jack2}/bin/jackd -d alsa -M -H -r 96000"; }; }; services.mpd = { enable = true; musicDirectory = "/media/odin/music"; extraConfig = '' audio_output { name "JACK" type "jack" client_name "mpd" } ''; }; users.extraUsers.guest = { name = "gkleen"; isNormalUser = true; uid = 1000; createHome = true; home = "/home/gkleen"; shell = "${pkgs.zsh}/bin/zsh"; openssh.authorizedKeys.keys = [ "ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBABVMu+0txXdxdTSY8POAYVXbuOEDW6VxJzaYwQljc9kzM63VUZuE606R0g2ZGr9A+Gk6qO6fpCiq4SM+1Yygz5yHgGlbO750TOGaTe6KSGw+u3miaeDviejmxTqetGmiJe7BTLRAbYHjRgD5SkK/Ovos0cDSyOfZ5aha/ehox+proQKGA== gkleen@cathy" ]; extraGroups = [ "wheel" "audio" ]; hashedPassword = "$6$MBq4kwM68$Eg8O6m76mM2905VppNZO67J3EHqJVBuIWQkz.MFFa7afVQKhGuSSYHl50WkkFYXHEY5MIM7IjWYZ0UJwq2IDJ0"; }; security.setuidPrograms = ["mount.nfs"]; security.pam.loginLimits = [ { domain = "@audio"; item = "memlock"; type = "-"; value = "unlimited"; } { domain = "@audio"; item = "rtprio"; type = "-"; value = "99"; } { domain = "@audio"; item = "nofile"; type = "soft"; value = "99999"; } { domain = "@audio"; item = "nofile"; type = "hard"; value = "99999"; } ]; }