modules/private/system.nix

   1 { pkgs, lib, config, name, ... }:
   2 {
   3   config = {
   4     services.duplyBackup.profiles.system = {
   5       rootDir = "/var/lib";
   6       excludeFile = lib.mkAfter ''
   7         + /var/lib/nixos
   8         + /var/lib/udev
   9         + /var/lib/udisks2
  10         + /var/lib/systemd
  11         + /var/lib/private/systemd
  12         - /var/lib
  13         '';
  14     };
  15     nixpkgs.overlays = builtins.attrValues (import ../../overlays);
  16     _module.args = {
  17       pkgsNext = import <nixpkgsNext> {};
  18       pkgsPrevious = import <nixpkgsPrevious> {};
  19     };
  20
  21     services.journald.extraConfig = ''
  22       MaxLevelStore="warning"
  23       MaxRetentionSec="1year"
  24       '';
  25
  26     users.users =
  27       builtins.listToAttrs (map (x: lib.attrsets.nameValuePair x.name ({
  28         isNormalUser = true;
  29         home = "/home/${x.name}";
  30         createHome = true;
  31         linger = true;
  32       } // x)) (config.hostEnv.users pkgs))
  33       // {
  34         root.packages = let
  35           nagios-cli = pkgs.writeScriptBin "nagios-cli" ''
  36             #!${pkgs.stdenv.shell}
  37             sudo -u naemon ${pkgs.nagios-cli}/bin/nagios-cli -c ${./monitoring/nagios-cli.cfg}
  38             '';
  39         in
  40           [
  41             pkgs.telnet
  42             pkgs.htop
  43             pkgs.iftop
  44             pkgs.bind.dnsutils
  45             pkgs.httpie
  46             pkgs.iotop
  47             pkgs.whois
  48             pkgs.ngrep
  49             pkgs.tcpdump
  50             pkgs.tshark
  51             pkgs.tcpflow
  52             pkgs.mitmproxy
  53             pkgs.nmap
  54             pkgs.p0f
  55             pkgs.socat
  56             pkgs.lsof
  57             pkgs.psmisc
  58             pkgs.wget
  59
  60             pkgs.cnagios
  61             nagios-cli
  62           ];
  63       };
  64
  65     users.mutableUsers = false;
  66
  67     environment.etc.cnagios.source = "${pkgs.cnagios}/share/doc/cnagios";
  68     environment.systemPackages =
  69       let
  70         home-manager = builtins.fetchGit {
  71           url = "https://github.com/rycee/home-manager.git";
  72           rev = "ef64bc598f28818d56c86629dad98b468af9c071";
  73           ref = "release-19.03";
  74         };
  75       in
  76       [
  77         pkgs.git
  78         pkgs.vim
  79       ] ++
  80       (lib.optional
  81         (builtins.length (config.hostEnv.users pkgs) > 0)
  82         ((pkgs.callPackage home-manager {}).home-manager)
  83       );
  84   };
  85 }