boxen/configuration.nix

# Edit this configuration file to define what should be installed on
# your system.  Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running ‘nixos-help’).

{ config, pkgs, lib, ... }:

let
  hostname = lib.strings.fileContents /etc/hostname;
  host-config = ./machines + "/${hostname}.nix";
  optionalPath = path: lib.lists.optional (builtins.pathExists path) path;
in
{
  imports =
    [ # Include the results of the hardware scan.
      ./hardware-configuration.nix
      ./local.nix
    ]
    ++ optionalPath host-config;
  system.stateVersion = "20.03"; # Leave this alone (see configuration.nix(5))

  # Users ####################################################################
  users.users.jez = {
    isNormalUser = true;
    group = "jez";
    extraGroups = [ "wheel" "video" ];
    shell = pkgs.zsh;
  };

  # Networking ###############################################################
  networking = {
    useDHCP = false;
    interfaces.enp39s0.useDHCP = true;
    networkmanager.enable = true;
    firewall.enable = true;
  };

  services.avahi = {
    enable = true;
    nssmdns = true;
  };

  services.openssh.enable = true;

  # Security #################################################################
  security.wrappers = {
    ping = {
      source = "${pkgs.iputils.out}/bin/ping";
      owner = "nobody";
      group = "nogroup";
      capabilities = "cap_net_raw+ep";
    };
  };

  # Localisation #############################################################
  time.timeZone = "Europe/London";
  i18n.defaultLocale = "en_GB.UTF-8";
  console = {
    font = "Lat2-Terminus16";
    keyMap = "us";
  };

  # General ##################################################################
  environment.systemPackages = with pkgs; [
    wget vim git tree iputils

    refind
  ];

  documentation = {
    man.generateCaches = true;
    dev.enable = true;
  };

  # Desktop environment ####################################################
  hardware.opengl.driSupport32Bit = true;

  services.xserver = {
    enable = true;
    layout = "us";
    libinput.enable = true;
    displayManager.gdm.enable = true;
    desktopManager.gnome3.enable = true;
  };
  programs.sway = {
    enable = true;
    wrapperFeatures.gtk = true;
  };
  services.dbus.packages = [ pkgs.gnome3.dconf ];

  services.printing.enable = true;

  sound.enable = true;
  hardware.pulseaudio.enable = true;

  # Services #################################################################
  services.pcscd = {
    enable = true;
    plugins = [ pkgs.ccid ]; # Needed for GPG + Yubikey
  };

  virtualisation.docker.enable = true;
  virtualisation.libvirtd.enable = true;
  users.groups.libvirtd.members = [ "jez" ];

  services.netdata.enable = true;

}