# Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, ... }: let passwords = import ../common/passwords.crypt.nix; in { # The NixOS release to be compatible with for stateful data such as databases. system.stateVersion = "16.03"; nix.maxJobs = 4; nix.buildCores = 4; nix.extraOptions = '' gc-keep-outputs = true gc-keep-derivations = true ''; nixpkgs.config = { packageOverrides = super: let self = super.pkgs; in { linux_4_1 = super.linux_4_1.override { kernelPatches = super.linux_4_1.kernelPatches ++ [ { patch = ./patches/utilitepro-kernel-dts.patch; name = "utilitepro-dts"; } { patch = ./patches/utilitepro-kernel-dts-Makefile.patch; name = "utilitepro-dts-Makefile"; } ]; # add "CONFIG_PPP_FILTER y" option to the set of kernel options extraConfig = '' BTRFS_FS y BTRFS_FS_POSIX_ACL y FUSE_FS y OVERLAY_FS y BLK_DEV_DM y DM_THIN_PROVISIONING y NAMESPACES y NET_NS y PID_NS y IPC_NS y UTS_NS y DEVPTS_MULTIPLE_INSTANCES y CGROUPS y CGROUP_CPUACCT y CGROUP_DEVICE y CGROUP_FREEZER y CGROUP_SCHED y CPUSETS y MEMCG y POSIX_MQUEUE y MACVLAN m VETH m BRIDGE m NF_TABLES m NETFILTER y NETFILTER_ADVANCED y NF_NAT_IPV4 m IP_NF_FILTER m IP_NF_TARGET_MASQUERADE m NETFILTER_XT_MATCH_ADDRTYPE m NETFILTER_XT_MATCH_CONNTRACK m NF_NAT m NF_NAT_NEEDED m BRIDGE_NETFILTER m NETFILTER_INGRESS y NETFILTER_NETLINK m NETFILTER_NETLINK_ACCT m NETFILTER_NETLINK_QUEUE m NETFILTER_NETLINK_LOG m NETFILTER_SYNPROXY m NETFILTER_XTABLES m NETFILTER_XT_MARK m NETFILTER_XT_CONNMARK m NETFILTER_XT_SET m NETFILTER_XT_TARGET_AUDIT m NETFILTER_XT_TARGET_CHECKSUM m NETFILTER_XT_TARGET_CLASSIFY m NETFILTER_XT_TARGET_CONNMARK m NETFILTER_XT_TARGET_CONNSECMARK m NETFILTER_XT_TARGET_CT m NETFILTER_XT_TARGET_DSCP m NETFILTER_XT_TARGET_HL m NETFILTER_XT_TARGET_HMARK m NETFILTER_XT_TARGET_IDLETIMER m NETFILTER_XT_TARGET_LED m NETFILTER_XT_TARGET_LOG m NETFILTER_XT_TARGET_MARK m NETFILTER_XT_NAT m NETFILTER_XT_TARGET_NETMAP m NETFILTER_XT_TARGET_NFLOG m NETFILTER_XT_TARGET_NFQUEUE m NETFILTER_XT_TARGET_NOTRACK m NETFILTER_XT_TARGET_RATEEST m NETFILTER_XT_TARGET_REDIRECT m NETFILTER_XT_TARGET_TEE m NETFILTER_XT_TARGET_TPROXY m NETFILTER_XT_TARGET_TRACE m NETFILTER_XT_TARGET_SECMARK m NETFILTER_XT_TARGET_TCPMSS m NETFILTER_XT_TARGET_TCPOPTSTRIP m NETFILTER_XT_MATCH_ADDRTYPE m NETFILTER_XT_MATCH_BPF m NETFILTER_XT_MATCH_CGROUP m NETFILTER_XT_MATCH_CLUSTER m NETFILTER_XT_MATCH_COMMENT m NETFILTER_XT_MATCH_CONNBYTES m NETFILTER_XT_MATCH_CONNLABEL m NETFILTER_XT_MATCH_CONNLIMIT m NETFILTER_XT_MATCH_CONNMARK m NETFILTER_XT_MATCH_CONNTRACK m NETFILTER_XT_MATCH_CPU m NETFILTER_XT_MATCH_DCCP m NETFILTER_XT_MATCH_DEVGROUP m NETFILTER_XT_MATCH_DSCP m NETFILTER_XT_MATCH_ECN m NETFILTER_XT_MATCH_ESP m NETFILTER_XT_MATCH_HASHLIMIT m NETFILTER_XT_MATCH_HELPER m NETFILTER_XT_MATCH_HL m NETFILTER_XT_MATCH_IPCOMP m NETFILTER_XT_MATCH_IPRANGE m NETFILTER_XT_MATCH_IPVS m NETFILTER_XT_MATCH_L2TP m NETFILTER_XT_MATCH_LENGTH m NETFILTER_XT_MATCH_LIMIT m NETFILTER_XT_MATCH_MAC m NETFILTER_XT_MATCH_MARK m NETFILTER_XT_MATCH_MULTIPORT m NETFILTER_XT_MATCH_NFACCT m NETFILTER_XT_MATCH_OSF m NETFILTER_XT_MATCH_OWNER m NETFILTER_XT_MATCH_POLICY m NETFILTER_XT_MATCH_PHYSDEV m NETFILTER_XT_MATCH_PKTTYPE m NETFILTER_XT_MATCH_QUOTA m NETFILTER_XT_MATCH_RATEEST m NETFILTER_XT_MATCH_REALM m NETFILTER_XT_MATCH_RECENT m NETFILTER_XT_MATCH_SCTP m NETFILTER_XT_MATCH_SOCKET m NETFILTER_XT_MATCH_STATE m NETFILTER_XT_MATCH_STATISTIC m NETFILTER_XT_MATCH_STRING m NETFILTER_XT_MATCH_TCPMSS m NETFILTER_XT_MATCH_TIME m NETFILTER_XT_MATCH_U32 m MEMCG_KMEM y MEMCG_SWAP y MEMCG_SWAP_ENABLED y BLK_CGROUP y IOSCHED_CFQ y BLK_DEV_THROTTLING y CGROUP_PERF y CGROUP_HUGETLB y NET_CLS_CGROUP y CGROUP_NET_PRIO y CFS_BANDWIDTH y FAIR_GROUP_SCHED y RT_GROUP_SCHED y EXT3_FS y EXT3_FS_XATTR y EXT3_FS_POSIX_ACL y EXT3_FS_SECURITY y PPP_FILTER y HAVE_IMX_ANATOP y HAVE_IMX_GPC y HAVE_IMX_MMDC y HAVE_IMX_SRC y SOC_IMX6 y SOC_IMX6Q y SOC_IMX6SL y PCI_IMX6 y ARM_IMX6Q_CPUFREQ y IMX_WEIM y AHCI_IMX y SERIAL_IMX y SERIAL_IMX_CONSOLE y I2C_IMX y SPI_IMX y PINCTRL_IMX y PINCTRL_IMX6Q y PINCTRL_IMX6SL y POWER_RESET_IMX y IMX_THERMAL y IMX2_WDT y IMX_IPUV3_CORE y DRM_IMX y DRM_IMX_FB_HELPER y DRM_IMX_PARALLEL_DISPLAY y DRM_IMX_TVE y DRM_IMX_LDB y DRM_IMX_IPUV3 y DRM_IMX_HDMI y MMC_SDHCI_ESDHC_IMX y IMX_SDMA y PWM_IMX y DEBUG_IMX6Q_UART y ''; }; # pkgs.linux_4_2 = "/nix/store/jc1h6mcc6sq420q2i572qba4b0xzw4gm-linux-4.3-armv7l-unknown-linux-gnueabi"; }; allowUnfree = true; }; imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix ]; networking.hostName = "steveej-utilitepro"; # Define your hostname. #networking.wireless.enable = true; # Enables wireless support viawpa_supplicant. boot.kernelPackages = pkgs.linuxPackages_4_1; boot.extraKernelParams = [ "cm_fx6_v4l_msize=128M" "vmalloc=256M" "root=/dev/sda3" "rootflags=subvol=nixos" "console=ttymxc3,115200" ]; boot.loader.generic-extlinux-compatible.enable = true; boot.loader.grub.enable = false; # Select internationalisation properties. i18n = { consoleFont = "Lat2-Terminus16"; consoleKeyMap = "us"; defaultLocale = "en_US.UTF-8"; }; # Set your time zone. time.timeZone = "Europe/Amsterdam"; # List packages installed in system profile. To search by name, run: environment.systemPackages = with pkgs; [ iptables wget vim sshfsFuse pastebinit git ]; # Enable the OpenSSH daemon. services.openssh.enable = true; services.openssh.permitRootLogin = "yes"; # Disable CUPS to print documents. services.printing.enable = false; users.mutableUsers = false; users.extraUsers.root = { # FIXME: this is deprecated but so is this device probably hashedPassword = passwords.users.root; openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3niN5KcIYikRhXTYZCSehI1ZQs+vvG/dZ7KxNVHslfsS+p1yTycXcZFtDDn5vtG2fAo3yksxCk+G10/AWQ+NMOcFKuAi5qTOYSLbEcHVlZ4ko8sDUe3fF79vrCqY7IWbKKjZ4DH77Qs6SXk5GIlNaIzxut8Dpv8qHnkPiPuFgrJC4oGk60ZKmCPvOEpgg9twcdI6ykIxD4Fg+hHgG1p07uSEcm9EADli8RsU3UJ1UBhXMohMC6HrKVBkBX9wTo+zY+xqXxxem6xGNnkNiZLACfhCnjXv39zh85pgFuNv7R8SzVZQ9iRoCmax/w3JtWdDjqoTGgLfJyhMMjNdjVHOx steveej@steveej-laptop" ]; }; users.extraUsers.steveej = { uid = 1000; isNormalUser = true; home = "/home/steveej"; extraGroups = ["wheel" "libvirtd"]; # FIXME: this is deprecated but so is this device probably hashedPassword = passwords.users.steveej; openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3niN5KcIYikRhXTYZCSehI1ZQs+vvG/dZ7KxNVHslfsS+p1yTycXcZFtDDn5vtG2fAo3yksxCk+G10/AWQ+NMOcFKuAi5qTOYSLbEcHVlZ4ko8sDUe3fF79vrCqY7IWbKKjZ4DH77Qs6SXk5GIlNaIzxut8Dpv8qHnkPiPuFgrJC4oGk60ZKmCPvOEpgg9twcdI6ykIxD4Fg+hHgG1p07uSEcm9EADli8RsU3UJ1UBhXMohMC6HrKVBkBX9wTo+zY+xqXxxem6xGNnkNiZLACfhCnjXv39zh85pgFuNv7R8SzVZQ9iRoCmax/w3JtWdDjqoTGgLfJyhMMjNdjVHOx steveej@steveej-laptop" ]; }; networking.firewall.enable = false; networking.useNetworkd = true; }