-
Notifications
You must be signed in to change notification settings - Fork 5
/
raskin-usb-rescue.nix
129 lines (120 loc) · 3.18 KB
/
raskin-usb-rescue.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
{ config, pkgs, ... }:
{
system.stateVersion = "18.09";
boot = rec {
loader = {
grub = {
enable = true;
#enable = false;
version = 2;
device = "nodev";
configurationLimit = 100;
copyKernels = true;
splashImage = null;
extraConfig = ''
'';
efiSupport = true;
};
systemd-boot = {
#enable = true;
enable = false;
};
};
initrd = {
kernelModules = [
"xhci_hcd"
"ehci_hcd" "ohci_hcd"
"uhci_hcd"
"usb_storage"
];
};
kernelPackages =
pkgs.linuxPackagesFor pkgs.linux_latest;
vesa = false;
kernelParams = [
"console=ttyS0,115200,n8r"
"console=tty0"
];
blacklistedKernelModules = ["ath3k"];
};
fileSystems = {
"/" = {
mountPoint = "/";
label = "NixOSRescue";
fsType = "ext4";
};
"/boot" = {
mountPoint = "/boot";
device = "/dev/disk/by-uuid/7A89-9B4C";
fsType = "vfat";
};
};
documentation.nixos.enable = false;
services = {
openssh = {
enable = true;
settings.PermitRootLogin = "no";
settings.UseDns = false;
};
xserver = {
enable = true;
autorun = false;
exportConfiguration = true;
enableTCP = true;
videoDrivers = ["modesetting" "nv" "ati" "cirrus" "vesa"];
layout = "us(altgr-intl),ru(common),gr(basic)";
xkbOptions = "grp:caps_toggle, grp_led:caps, lv3:lwin_switch, terminate:ctrl_alt_bksp";
};
printing = {
enable = true;
drivers = [pkgs.hplip];
};
nix-serve = {
enable = true;
port = 32062;
};
};
environment = {
systemPackages = (import ./raskin-usb-rescue-packages.nix) pkgs;
};
security = {
wrappers = {
fusermount = { owner = "root"; group = "root"; source = "${pkgs.fuse}/bin/fusermount"; };
fusermount3 = { owner = "root"; group = "root"; source = "${pkgs.fuse3}/bin/fusermount3"; };
mount = { owner = "root"; group = "root"; source = "${pkgs.utillinux}/bin/mount"; };
umount = { owner = "root"; group = "root"; source = "${pkgs.utillinux}/bin/umount"; };
lsof = { owner = "root"; group = "root"; source = "${pkgs.lsof}/bin/lsof"; };
pmount = { owner = "root"; group = "root"; source = "${pkgs.pmount}/bin/pmount"; };
pumount = { owner = "root"; group = "root"; source = "${pkgs.pmount}/bin/pumount"; };
fbterm = { owner = "root"; group = "root"; source = "${pkgs.fbterm}/bin/fbterm"; };
};
sudo = {
configFile = (builtins.readFile ./sudoers); };
};
nix = {
settings.sandbox = true;
settings.require-sigs = false;
extraOptions = ''
binary-caches = http://cache.nixos.org
trusted-binary-caches = http://cache.nixos.org
'';
#package = pkgs.nixUnstable;
};
fonts = {
enableGhostscriptFonts = true;
fontDir.enable = true;
fonts = with pkgs; [
(ghostscript + "/share/ghostscript/fonts/")
pkgs.dejavu_fonts
pkgs.liberation_ttf
pkgs.lmodern
pkgs.cm_unicode
pkgs.lmmath
pkgs.unifont
pkgs.xorg.fontcronyxcyrillic
];
};
hardware = {
enableRedistributableFirmware = true;
};
}