{ lib, ... }: { programs = { git.enable = true; dconf.enable = true; vim = { defaultEditor = true; }; }; # This setups a SSH server. Very important if you're setting up a headless system. # Feel free to remove if you don't need it. services.openssh = { enable = true; # Forbid root login through SSH. # Use keys only. Remove if you want to SSH using password (not recommended) settings = { # permitRootLogin = "no"; # passwordAuthentication = false; }; }; # networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ]; # Or disable the firewall altogether. networking.firewall.enable = lib.mkDefault false; # Select internationalisation properties. i18n.defaultLocale = "en_US.UTF-8"; i18n.extraLocaleSettings = { LC_ADDRESS = "zh_CN.UTF-8"; LC_IDENTIFICATION = "zh_CN.UTF-8"; LC_MEASUREMENT = "zh_CN.UTF-8"; LC_MONETARY = "zh_CN.UTF-8"; LC_NAME = "zh_CN.UTF-8"; LC_NUMERIC = "zh_CN.UTF-8"; LC_PAPER = "zh_CN.UTF-8"; LC_TELEPHONE = "zh_CN.UTF-8"; LC_TIME = "zh_CN.UTF-8"; }; time.timeZone = "Asia/Shanghai"; nix = { settings = { # Enable flakes and new 'nix' command experimental-features = "nix-command flakes"; # Deduplicate and optimize nix store auto-optimise-store = true; substituters = [ "https://mirrors.ustc.edu.cn/nix-channels/store" "https://mirror.sjtu.edu.cn/nix-channels/store" "https://mirrors.tuna.tsinghua.edu.cn/nix-channels/store" "https://nixos-cn.cachix.org" "https://nix-community.cachix.org" "https://cache.nixos.org/" ]; trusted-public-keys = [ "nixos-cn.cachix.org-1:L0jEaL6w7kwQOPlLoCR3ADx+E3Q8SEFEcB9Jaibl0Xg=" "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" ]; # 添加以下配置以允许失败时从源码构建 fallback = true; keep-going = true; }; gc = { automatic = true; dates = "daily"; options = "--delete-older-than 31d"; }; }; }