[control@eleriel:~]$ cat /etc/nixos/configuration.nix # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page, on # https://search.nixos.org/options and in the NixOS manual (`nixos-help`). { config, lib, pkgs, inputs, ... }: { imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix ]; # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; networking.hostName = "eleriel"; # 01/12/25 - Open Andes HTTP Application Service users.groups.open-andes-control = {}; users.users.open-andes-http-control = { isSystemUser = true; group = "open-andes-control"; }; systemd.services.open-andes-http-application-service = { description = "Open Andes Hypertext Transfer Protocol Application Service"; serviceConfig = { ExecStart = "${inputs.OpenAndesHTTP.packages.${pkgs.stdenv.system}.default}/bin/http-application-service"; User = "open-andes-http-control"; Group = "open-andes-control"; Restart = "always"; AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ]; CapabilityBoundingSet = [ "CAP_NET_BIND_SERVICE" ]; }; after = ["network.target"]; wantedBy = ["multi-user.target"]; }; # 01-12-25 - Open Andes HyperText Transfer Protocol Port networking.firewall.allowedTCPPorts = [80]; # 19/11/25 - removing networkmanager authority # Configure network connections interactively with nmcli or nmtui. # networkmanager deals with the baseline network functionality. `systemd-networkd` will handle the virtual kernel network bridge device networking.networkmanager.enable = true; networking.networkmanager.unmanaged = [ "interface-name:lemulink-0" "interface-name:lemu-tap" ]; networking.useNetworkd = true; # Lemu-Link: kernel virtual networking device configuration systemd.network.netdevs = { "0x00-lemulink-0" = { netdevConfig = { Kind = "bridge"; Name = "lemulink-0"; MACAddress = "E8:B4:70:C0:00:01"; }; }; }; systemd.network.networks."0x01-ipv4-lemulink-0-configuration" = { matchConfig.Name = "lemulink-0"; networkConfig = { ConfigureWithoutCarrier = true; Address = "10.0.0.1/24"; LinkLocalAddressing = "yes"; }; dhcpServerConfig = {}; }; systemd.network.netdevs."0x02-lemu-tap" = { netdevConfig = { Name = "lemu-tap"; Kind = "tap"; }; tapConfig = { User = "control"; Group = "users"; }; }; systemd.network.networks."0x02-lemu-tap" = { matchConfig.Name = "lemu-tap"; networkConfig.Bridge = "lemulink-0"; linkConfig.RequiredForOnline = "no"; }; systemd.network.networks."0x03-lemulink-ip-leasing" = { matchConfig.MACAddress = "E8:B4:70:C0:00:A1"; networkConfig = { Address = "10.0.0.2/24"; Gateway = "10.0.0.1"; }; linkConfig.RequiredForOnline = "no"; }; # Set your time zone. time.timeZone = "America/Santiago"; # Configure network proxy if necessary # networking.proxy.default = "http://user:password@proxy:port/"; # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; # Select internationalisation properties. i18n.defaultLocale = "en_US.UTF-8"; # console = { # font = "Lat2-Terminus16"; # keyMap = "us"; # useXkbConfig = true; # use xkb.options in tty. # }; # Enable the X11 windowing system. # services.xserver.enable = true; # Configure keymap in X11 # services.xserver.xkb.layout = "us"; # services.xserver.xkb.options = "eurosign:e,caps:escape"; # Enable CUPS to print documents. # services.printing.enable = true; # Enable sound. # services.pulseaudio.enable = true; # OR # services.pipewire = { # enable = true; # pulse.enable = true; # }; # Enable touchpad support (enabled default in most desktopManager). # services.libinput.enable = true; # Define a user account. Don't forget to set a password with ‘passwd’. # users.users.alice = { # isNormalUser = true; # extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. # packages = with pkgs; [ # tree # ]; # }; users.users.control = { isNormalUser = true; description = "control"; extraGroups = [ "wheel" ]; initialPassword = "Galadriel.2026"; }; # programs.firefox.enable = true; # List packages installed in system profile. # You can use https://search.nixos.org/ to find more packages (and options). environment.systemPackages = with pkgs; [ vim wget git fastfetch bottom # storage unit auditing tool usbutils util-linux pciutils gptfdisk parted f3 smartmontools partclone dosfstools ntfs3g xfsprogs fio hdparm gns3-server qemu OVMFFull OVMF libvirt cmatrix opentracker ]; # Some programs need SUID wrappers, can be configured further or are # started in user sessions. # programs.mtr.enable = true; programs.gnupg.agent = { enable = true; enableSSHSupport = true; }; # List services that you want to enable: # Enable the OpenSSH daemon. services.openssh.enable = true; # Open ports in the firewall. # networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ]; # Or disable the firewall altogether. # networking.firewall.enable = false; # Copy the NixOS configuration file and link it from the resulting system # (/run/current-system/configuration.nix). This is useful in case you # accidentally delete configuration.nix. # system.copySystemConfiguration = true; # This option defines the first version of NixOS you have installed on this particular machine, # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. # # Most users should NEVER change this value after the initial install, for any reason, # even if you've upgraded your system to a new NixOS release. # # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how # to actually do that. # # This value being lower than the current NixOS release does NOT mean your system is # out of date, out of support, or vulnerable. # # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, # and migrated your data accordingly. # # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . system.stateVersion = "25.11"; # Did you read the comment? }