clara/nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
nix/configuration.nix

332 lines
6.7 KiB
Nix
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{ config, pkgs, inputs, ... }:
{
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
# Bootloader.
boot.loader = {
efi.canTouchEfiVariables = true;
grub = {
enable = true;
devices = [ "nodev" ];
efiSupport = true;
useOSProber = true;
fontSize = 30;
};
};
boot.initrd.kernelModules = [ "amdgpu" "coretemp" ];
boot.kernelParams = [ "intel_iommu=on" ];
services.hardware.bolt.enable = true;
networking.hostName = "nixpad"; # Define your hostname.
# Enable networking
networking.networkmanager.enable = true;
# Set your time zone.
time.timeZone = "Europe/Berlin";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "de_DE.UTF-8";
LC_IDENTIFICATION = "de_DE.UTF-8";
LC_MEASUREMENT = "de_DE.UTF-8";
LC_MONETARY = "de_DE.UTF-8";
LC_NAME = "de_DE.UTF-8";
LC_NUMERIC = "de_DE.UTF-8";
LC_PAPER = "de_DE.UTF-8";
LC_TELEPHONE = "de_DE.UTF-8";
LC_TIME = "de_DE.UTF-8";
};
imports = [
./programm_configs/yubikey-gpg.nix
./printing/config.nix
] ++ (if inputs.x11mode then
[ ./programm_configs/x11.nix ]
else [
./programm_configs/wayland.nix
]);
services.gvfs.enable = true;
# VPN services
services.openvpn.servers = {
KIT = {
autoStart = false;
config = '' config /home/clara/Uni/kit.ovpn '';
};
};
# VirtualBox
virtualisation.virtualbox.host = {
enable = true;
enableExtensionPack = true;
};
users.extraGroups.vboxusers.members = [ "clara" ];
# Bluetooth
services.blueman.enable = true;
#scanning
hardware.sane.enable = true;
# GNOME Keyring
services.gnome.gnome-keyring.enable = true;
# duplicati
services.duplicati = {
enable = true;
user = "clara";
};
# PipeWire Setup
security.rtkit.enable = true;
services.pipewire = {
enable = true;
audio.enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
extraConfig.pipewire = {
"raop-discover" = {
"context.modules" = [
{
name = "libpipewire-module-raop-discover";
}
];
};
};
};
# Configure console keymap
console.keyMap = "de";
# enable zsh to allow setting it as a default shell
programs.zsh.enable = true;
# Define a user account. Don't forget to set a password with passwd.
users.users.clara = {
isNormalUser = true;
description = "clara";
initialPassword = "123456";
extraGroups = [ "networkmanager" "wheel" "scanner" "lp" "docker" ];
shell = pkgs.zsh;
};
# home manager
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.clara = (import ./home.nix {
config = config;
pkgs = pkgs;
x11mode = inputs.x11mode;
});
# enable polkit
security.polkit.enable = true;
# Allow unfree packages
nixpkgs.config.allowUnfree = true;
nixpkgs.config = {
packageOverrides = pkgs: rec {
polybar = pkgs.polybar.override {
i3Support = true;
pulseSupport = true;
};
};
};
# systemwide packages
environment.systemPackages = with pkgs; [
vim
wget
] ++ (if !inputs.x11mode then [ greetd.regreet ] else [ ]);
programs.dconf.enable = true;
environment.pathsToLink = [ "/share/zsh" ];
environment.sessionVariables = {
GTK_THEME = "Adwaita:dark";
};
# patch for swaylock https://github.com/swaywm/sway/issues/2773
security.pam.services.swaylock = {
fprintAuth = false;
};
# Patch for IDEA PlugIn dev. Should be in dev flake!
programs.nix-ld.enable = true;
programs.nix-ld.libraries = with pkgs; [
SDL
SDL2
SDL2_image
SDL2_mixer
SDL2_ttf
SDL_image
SDL_mixer
SDL_ttf
alsa-lib
at-spi2-atk
at-spi2-core
atk
bzip2
cairo
cups
curlWithGnuTls
dbus
dbus-glib
desktop-file-utils
e2fsprogs
expat
flac
fontconfig
freeglut
freetype
fribidi
fuse
fuse3
gdk-pixbuf
glew110
glib
gmp
gst_all_1.gst-plugins-base
gst_all_1.gst-plugins-ugly
gst_all_1.gstreamer
gtk2
harfbuzz
icu
keyutils.lib
libGL
libGLU
libappindicator-gtk2
libcaca
libcanberra
libcap
libclang.lib
libdbusmenu
libdrm
libgcrypt
libgpg-error
libidn
libjack2
libjpeg
libmikmod
libogg
libpng12
libpulseaudio
librsvg
libsamplerate
libsecret
libthai
libtheora
libtiff
libudev0-shim
libusb1
libuuid
libvdpau
libvorbis
libvpx
libxcrypt-legacy
libxkbcommon
libxml2
mesa
nspr
nss
openssl
p11-kit
pango
pixman
python3
speex
stdenv.cc.cc
tbb
udev
vulkan-loader
wayland
xorg.libICE
xorg.libSM
xorg.libX11
xorg.libXScrnSaver
xorg.libXcomposite
xorg.libXcursor
xorg.libXdamage
xorg.libXext
xorg.libXfixes
xorg.libXft
xorg.libXi
xorg.libXinerama
xorg.libXmu
xorg.libXrandr
xorg.libXrender
xorg.libXt
xorg.libXtst
xorg.libXxf86vm
xorg.libpciaccess
xorg.libxcb
xorg.xcbutil
xorg.xcbutilimage
xorg.xcbutilkeysyms
xorg.xcbutilrenderutil
xorg.xcbutilwm
xorg.xkeyboardconfig
xz
zlib
];
# Docker
virtualisation.docker.enable = true;
hardware.graphics.extraPackages = with pkgs; [
amdvlk
];
# firefox screen sharing
xdg = {
portal = {
enable = true;
configPackages = with pkgs; [
xdg-desktop-portal-wlr
xdg-desktop-portal-gtk
];
};
};
# wireguard
networking.firewall = {
# if packets are still dropped, they will show up in dmesg
logReversePathDrops = true;
# wireguard trips rpfilter up
extraCommands = ''
ip46tables -t mangle -I nixos-fw-rpfilter -p udp -m udp --sport 51820 -j RETURN
ip46tables -t mangle -I nixos-fw-rpfilter -p udp -m udp --dport 51820 -j RETURN
'';
extraStopCommands = ''
ip46tables -t mangle -D nixos-fw-rpfilter -p udp -m udp --sport 51820 -j RETURN || true
ip46tables -t mangle -D nixos-fw-rpfilter -p udp -m udp --dport 51820 -j RETURN || true
'';
};
# backlight
programs.light.enable = true;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "24.05"; # Did you read the comment?
}
Reference in a new issue View git blame Copy permalink