melodypond/configuration.nix

97 lines
2.2 KiB
Nix

{pkgs, ... }:
{
imports = [
./melodies.nix
];
system.stateVersion = "23.05";
# Enables flakes and the updated `nix` command
nix.settings.experimental-features = [ "nix-command" "flakes" ];
# Enables opengl support
hardware.opengl.enable = true;
sound.enable = true;
services.jack.jackd.enable = true;
services.jack.alsa.enable = true;
# Includes packages needed for startx
services.xserver = {
enable = true;
displayManager.autoLogin.user = "appuser";
windowManager.fluxbox.enable = true;
};
networking.interfaces.wlan0 = {
useDHCP = false;
ipv4.addresses = [{
address = "192.168.24.1";
prefixLength = 24;
}];
};
services.hostapd = {
enable = true;
interface = "wlan0";
ssid = "mmelodies";
wpaPassphrase = "myPhyzzySounds";
extraConfig = ''
ignore_broadcast_ssid=0
'';
};
services.dnsmasq = {
enable = true;
settings = {
interface = [ "wlan0" ];
dhcp-range = [ "192.168.24.100,192.168.24.200" ];
};
};
networking.firewall.allowedUDPPorts = [ 67 ];
environment.systemPackages = with pkgs; [
git btop tmux
];
users = {
# No need to edit users on a single-purpose system.
mutableUsers = false;
users = {
# My authorized keys are used for remote access
# CHANGE THIS if forking
geekygay = {
shell = pkgs.fish;
isNormalUser = true;
extraGroups = [ "wheel" "dialout" "jackaudio" ];
password = "";
openssh.authorizedKeys.keyFiles = [
./authorized_keys
];
};
# Unprivledged user for running the application.
appuser = {
isNormalUser = true;
extraGroups = [ "jackaudio" ];
password = "";
packages = with pkgs; [
puredata websocat
];
};
};
};
programs.fish.enable = true;
security.sudo.wheelNeedsPassword = false; # Needed for colmena.
nix.settings.trusted-users = [ "root" "@wheel" ];
documentation.man.enable = false; # Takes way too long to build.
# Allow SSH with authorized keys only!
services.openssh = {
enable = true;
settings.PasswordAuthentication = false;
};
}