diff options
Diffstat (limited to '')
| -rw-r--r-- | profiles/default.nix | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/profiles/default.nix b/profiles/default.nix index f415edf..7421144 100644 --- a/profiles/default.nix +++ b/profiles/default.nix @@ -4,4 +4,57 @@ i18n.defaultLocale = "en_US.UTF-8"; time.timeZone = "America/Los_Angeles"; + + security.sudo.wheelNeedsPassword = false; + security.polkit.enable = true; + + programs.ssh = { + # $ ssh-keyscan example.com + knownHosts = { + github = { + hostNames = [ "github.com" ]; + publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl"; + }; + rsync = { + hostNames = [ "de2664.rsync.net" ]; + publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIObQN4P/deJ/k4P4kXh6a9K4Q89qdyywYetp9h3nwfPo"; + }; + }; + }; + + nix = { + package = pkgs.nixFlakes; + settings = { + trusted-users = [ "root" "@wheel" ]; + auto-optimise-store = true; + substituters = [ + "https://cachix.cachix.org" + "https://nix-community.cachix.org" + ]; + trusted-public-keys = [ + "cachix.cachix.org-1:eWNHQldwUO7G2VkjpnjDbWwy4KQ/HNxht7H4SSoMckM=" + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + ]; + experimental-features = [ "nix-command" "flakes" ]; + # Whether to warn about dirty Git/Mercurial trees - this is not + # useful information to me. + warn-dirty = false; + # The timeout (in seconds) for establishing connections in the binary + # cache substituter. It corresponds to curl’s –connect-timeout option. + # The default is equivalent to 300 seconds, way too long. + connect-timeout = 5; + # The number of lines of the tail of the log to show if a build fails. + # The default is 10 and it's usually too short. + log-lines = 25; + # If set to true, Nix will fall back to building from source if + # a binary substitute fails. This is equivalent to the –fallback + # flag. The default is false. + fallback = true; + }; + + gc = { + automatic = true; + options = "--delete-older-than 14d"; + }; + }; } |