modules/private/system.nix

   1 { pkgs, lib, config, name, ... }:
   2 {
   3   config = {
   4     services.duplyBackup.profiles.system = {
   5       rootDir = "/var/lib";
   6       excludeFile = lib.mkAfter ''
   7         + /var/lib/nixos
   8         + /var/lib/udev
   9         + /var/lib/udisks2
  10         + /var/lib/systemd
  11         + /var/lib/private/systemd
  12         - /var/lib
  13         '';
  14     };
  15     nixpkgs.overlays = builtins.attrValues (import ../../overlays) ++ [
  16       (self: super: { postgresql = self.postgresql_pam; }) # don’t put it as generic overlay for home-manager
  17     ];
  18     _module.args = {
  19       pkgsNext = import <nixpkgsNext> {};
  20       pkgsPrevious = import <nixpkgsPrevious> {};
  21     };
  22
  23     services.journald.extraConfig = ''
  24       MaxLevelStore="warning"
  25       MaxRetentionSec="1year"
  26       '';
  27
  28     users.users =
  29       builtins.listToAttrs (map (x: lib.attrsets.nameValuePair x.name ({
  30         isNormalUser = true;
  31         home = "/home/${x.name}";
  32         createHome = true;
  33         linger = true;
  34       } // x)) (config.hostEnv.users pkgs))
  35       // {
  36         root.packages = let
  37           nagios-cli = pkgs.writeScriptBin "nagios-cli" ''
  38             #!${pkgs.stdenv.shell}
  39             sudo -u naemon ${pkgs.nagios-cli}/bin/nagios-cli -c ${./monitoring/nagios-cli.cfg}
  40             '';
  41         in
  42           [
  43             pkgs.telnet
  44             pkgs.htop
  45             pkgs.iftop
  46             pkgs.bind.dnsutils
  47             pkgs.httpie
  48             pkgs.iotop
  49             pkgs.whois
  50             pkgs.ngrep
  51             pkgs.tcpdump
  52             pkgs.tshark
  53             pkgs.tcpflow
  54             pkgs.mitmproxy
  55             pkgs.nmap
  56             pkgs.p0f
  57             pkgs.socat
  58             pkgs.lsof
  59             pkgs.psmisc
  60             pkgs.openssl
  61             pkgs.wget
  62
  63             pkgs.cnagios
  64             nagios-cli
  65           ];
  66       };
  67
  68     users.mutableUsers = false;
  69
  70     environment.etc.cnagios.source = "${pkgs.cnagios}/share/doc/cnagios";
  71     environment.systemPackages = [
  72       pkgs.git
  73       pkgs.vim
  74     ] ++
  75     (lib.optional (builtins.length (config.hostEnv.users pkgs) > 0) pkgs.home-manager);
  76   };
  77 }