224 lines
5.5 KiB
Nix
224 lines
5.5 KiB
Nix
# Edit this configuration file to define what should be installed on
|
||
# your system. Help is available in the configuration.nix(5) man page
|
||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||
|
||
{ inputs, hostName, config, pkgs, lib, ... }:
|
||
|
||
{
|
||
imports = [ ./cachix.nix ];
|
||
|
||
# Nix ######################################################################
|
||
system.stateVersion = "20.03"; # Leave this alone (see configuration.nix(5))
|
||
|
||
nixpkgs.config = {
|
||
allowUnfree = true;
|
||
joypixels.acceptLicense = true;
|
||
permittedInsecurePackages = [ "electron-13.6.9" ];
|
||
};
|
||
nixpkgs.overlays = [
|
||
# (self: super: { libvirt = (import (builtins.fetchTarball "https://github.com/NixOS/nixpkgs/archive/066676b839a217f6b1b5d8ab05842604d33b7258.tar.gz") {}).libvirt; })
|
||
];
|
||
|
||
nix = {
|
||
package = pkgs.nixUnstable;
|
||
extraOptions = ''
|
||
experimental-features = nix-command flakes
|
||
'';
|
||
settings.auto-optimise-store = true;
|
||
gc = {
|
||
automatic = true;
|
||
dates = "Saturday";
|
||
options = "--delete-older-than 14d";
|
||
};
|
||
registry = {
|
||
nixpkgs.flake = inputs.nixpkgs;
|
||
nur.flake = inputs.nur;
|
||
};
|
||
};
|
||
|
||
# Kernel ###################################################################
|
||
boot = {
|
||
extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];
|
||
kernelModules = [ "v4l2loopback" ];
|
||
kernel.sysctl = {
|
||
"net.core.rmem_max" = 2500000;
|
||
"vm.swappiness" = 10;
|
||
};
|
||
supportedFilesystems = [ "btrfs" "ntfs" ];
|
||
};
|
||
powerManagement.cpuFreqGovernor = "schedutil";
|
||
|
||
# Users ####################################################################
|
||
users.users.jez = {
|
||
isNormalUser = true;
|
||
description = "Jez Cope";
|
||
group = "jez";
|
||
extraGroups = [ "wheel" "video" "audio" "networkmanager" ];
|
||
shell = pkgs.zsh;
|
||
openssh.authorizedKeys.keyFiles = [ ./data/yubikey_ssh.pub ];
|
||
};
|
||
users.groups.jez = { };
|
||
users.users.elly.isNormalUser = true;
|
||
|
||
environment.shells = with pkgs; [ bashInteractive bash xonsh fish zsh ];
|
||
programs.zsh.enable = true;
|
||
|
||
# Networking ###############################################################
|
||
networking = {
|
||
inherit hostName;
|
||
useDHCP = false;
|
||
networkmanager.enable = true;
|
||
networkmanager.unmanaged = [ "interface-name:ve-*" ];
|
||
firewall = {
|
||
enable = true;
|
||
allowedTCPPorts = [
|
||
22000 # SyncThing
|
||
];
|
||
allowedUDPPorts = [
|
||
21027 # SyncThing
|
||
];
|
||
};
|
||
nat = {
|
||
enable = true;
|
||
externalInterface = "wlp37s0";
|
||
internalInterfaces = [ "ve-+" ];
|
||
};
|
||
};
|
||
|
||
services.avahi = {
|
||
enable = true;
|
||
nssmdns = true;
|
||
publish = {
|
||
enable = true;
|
||
addresses = true;
|
||
};
|
||
};
|
||
|
||
services.openssh.enable = true;
|
||
programs.mosh.enable = true;
|
||
|
||
# Bluetooth ################################################################
|
||
hardware.bluetooth.enable = true;
|
||
services.blueman.enable = true;
|
||
|
||
# Localisation #############################################################
|
||
time.timeZone = "Europe/London";
|
||
i18n.defaultLocale = "en_GB.UTF-8";
|
||
console = {
|
||
font = "ter-124n";
|
||
packages = [ pkgs.terminus_font ];
|
||
keyMap = "us";
|
||
};
|
||
|
||
# General ##################################################################
|
||
environment.systemPackages = with pkgs; [
|
||
cachix
|
||
zsh
|
||
xonsh
|
||
|
||
wget
|
||
vim
|
||
git
|
||
git-crypt
|
||
tree
|
||
iputils
|
||
ripgrep
|
||
usbutils
|
||
hdparm
|
||
smartmontools
|
||
cryptsetup
|
||
thin-provisioning-tools
|
||
|
||
refind
|
||
terminus_font
|
||
|
||
man-pages
|
||
];
|
||
|
||
documentation = {
|
||
man.generateCaches = true;
|
||
dev.enable = true;
|
||
};
|
||
|
||
# Desktop environment ####################################################
|
||
hardware.opengl.driSupport32Bit = true;
|
||
|
||
services.xserver = {
|
||
enable = true;
|
||
layout = "us";
|
||
libinput.enable = true;
|
||
displayManager.gdm.enable = true;
|
||
displayManager.importedVariables =
|
||
[ "XDG_SESSION_TYPE" "XDG_CURRENT_DESKTOP" "XDG_SESSION_DESKTOP" ];
|
||
desktopManager.mate.enable = true;
|
||
desktopManager.gnome.enable = true;
|
||
desktopManager.gnome.flashback.enableMetacity = true;
|
||
windowManager.i3.enable = true;
|
||
};
|
||
programs.sway = {
|
||
enable = true;
|
||
wrapperFeatures.gtk = true;
|
||
};
|
||
programs.dconf.enable = true;
|
||
|
||
xdg.portal = {
|
||
enable = true;
|
||
wlr.enable = true;
|
||
xdgOpenUsePortal = false;
|
||
};
|
||
|
||
services.printing.enable = true;
|
||
|
||
services.flatpak.enable = true;
|
||
|
||
# Sound ####################################################################
|
||
sound.enable = true;
|
||
hardware.pulseaudio.enable = false;
|
||
services.pipewire = {
|
||
enable = true;
|
||
alsa.enable = true;
|
||
pulse.enable = true;
|
||
jack.enable = true;
|
||
};
|
||
security.rtkit.enable = true;
|
||
|
||
# Location #################################################################
|
||
location = {
|
||
provider = "manual";
|
||
# Somewhere roughly in the North of England
|
||
latitude = 54.0;
|
||
longitude = 1.0;
|
||
};
|
||
|
||
# Services #################################################################
|
||
services.accounts-daemon.enable = true;
|
||
|
||
services.pcscd = {
|
||
enable = true;
|
||
plugins = [ pkgs.ccid ]; # Needed for GPG + Yubikey
|
||
};
|
||
|
||
virtualisation = {
|
||
docker = {
|
||
enable = true;
|
||
autoPrune.enable = true;
|
||
};
|
||
libvirtd.enable = true;
|
||
waydroid.enable = true;
|
||
|
||
spiceUSBRedirection.enable = true;
|
||
};
|
||
users.groups.libvirtd.members = [ "jez" ];
|
||
|
||
services.smartd.enable = true;
|
||
|
||
# Hardware #################################################################
|
||
hardware.logitech.wireless.enable = true;
|
||
|
||
hardware.keyboard = {
|
||
qmk.enable = true;
|
||
zsa.enable = true;
|
||
};
|
||
|
||
}
|