# sudo nix-channel --add https://github.com/NixOS/nixos-hardware/archive/master.tar.gz nixos-hardware # sudo nix-channel --add https://github.com/nix-community/home-manager/archive/master.tar.gz home-manager let systemInformation = import ./system/system-information.nix; in { config, pkgs, lib, ... }@nixpkgs: { networking.hostName = systemInformation.hostname; imports = [ ./configs/filesystems.nix ./system/hardware-requirements.nix ./modules/machine-info.nix ]; # Bootloader boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.efiSysMountPoint = "/boot/efi"; boot.kernelParams = [ # Power efficiency # https://wiki.archlinux.org/title/Power_management#Kernel_parameters "nmi_watchdog=0" # https://bbs.archlinux.org/viewtopic.php?id=282614 ? "amd_iommu=off" ]; boot.kernel.sysctl = { # Set IO batching to 2 minutes for power reasons "vm.dirty_writeback_centisecs" = 12000; }; boot.initrd.supportedFilesystems = [ "btrfs" ]; # Setup keyfile boot.initrd.secrets = { "/crypto_keyfile.bin" = null; }; # Enable networking networking.networkmanager.enable = true; powerManagement.cpuFreqGovernor = "powersave"; # Set your time zone. time.timeZone = "America/New_York"; # Select internationalisation properties. i18n.defaultLocale = "en_US.UTF-8"; i18n.extraLocaleSettings = { LC_ADDRESS = "en_US.UTF-8"; LC_IDENTIFICATION = "en_US.UTF-8"; LC_MEASUREMENT = "en_US.UTF-8"; LC_MONETARY = "en_US.UTF-8"; LC_NAME = "en_US.UTF-8"; LC_NUMERIC = "en_US.UTF-8"; LC_PAPER = "en_US.UTF-8"; LC_TELEPHONE = "en_US.UTF-8"; LC_TIME = "en_US.UTF-8"; }; # Enable the X11 windowing system. services.xserver.enable = true; services.logind.lidSwitch = "ignore"; # Enable the GNOME Desktop Environment. services.xserver.displayManager.gdm.enable = true; services.xserver.desktopManager.gnome.enable = true; # Configure keymap in X11 services.xserver.xkb = { layout = "us"; variant = "3l"; }; # Enable CUPS to print documents. services.printing.enable = true; # Enable sound with pipewire. hardware.pulseaudio.enable = false; security.rtkit.enable = true; services.pipewire = { enable = true; alsa.enable = true; alsa.support32Bit = true; pulse.enable = true; # If you want to use JACK applications, uncomment this jack.enable = true; # use the example session manager (no others are packaged yet so this is enabled by default, # no need to redefine it in your config for now) #media-session.enable = true; }; # Define a user account. Don't forget to set a password with ‘passwd’. users.users.ember = { uid = 1312; isNormalUser = true; description = "Ember"; extraGroups = [ "networkmanager" "wheel" "dialout"]; shell = pkgs.fish; openssh.authorizedKeys.keys = import ./configs/programs/ssh/authorizedKeys.nix; }; home-manager.users.ember = import ./configs/home.full.nix; programs.fish.enable = true; # Allow unfree packages nixpkgs.config.allowUnfree = true; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; # List packages installed in system profile. To search, run: environment.systemPackages = with pkgs; [ git wget gnumake htop wl-clipboard unzip appimage-run vlc file pavucontrol nix-index nix-output-monitor zbar # out of d8 # tone moreutils mediainfo gst_all_1.gstreamer gst_all_1.gst-plugins-base gst_all_1.gst-libav gst_all_1.gst-vaapi gst_all_1.gst-plugins-bad gst_all_1.gst-plugins-good gst_all_1.gst-plugins-ugly ]; environment.gnome.excludePackages = with pkgs; [ gedit gnome-console gnome-text-editor gnome-software gnome-music totem ]; fonts = { packages = with pkgs; with import packages/all-packages.nix nixpkgs; [ justseeds anarchists-stencil manrope google-fonts comic-mono atkinson-hyperlegible openmoji-color ]; fontDir.enable = true; enableDefaultPackages = true; fontconfig.defaultFonts = { sansSerif = ["Atkinson Hyperlegible"]; monospace = ["Comic Mono:style=Normal"]; }; }; # List services that you want to enable: services = { gnome.tinysparql.enable = false; gnome.localsearch.enable = false; flatpak = { enable = true; }; fwupd.enable = true; syncthing = { enable = true; dataDir = "/home/ember"; configDir = "/home/ember/.config/syncthing"; user = "ember"; settings.devices = { redwood.name = "🍂 Redwood"; redwood.id = "WY2GFMX-CQ52VBK-M3Y4JJH-4FIA6F2-NGB3S2I-SJ42D45-7FT77KH-2OGO2AZ"; mugwort.name = "🌿 Mugwort"; mugwort.id = "GVJZF4E-5BYFG7U-P6KZPLL-CSM3O3H-JOJUZIX-YGZ3QXM-CHWTA4J-AG6KFQK"; kudzu.name = "🥦 Kudzu"; kudzu.id = "RQUVE3L-D345NMM-4KUE7D6-PCJ3HIO-VFZNYJ6-BNF2YH3-6UBCXF7-NS5YKQR"; }; settings.folders.sync = { devices = ["redwood" "mugwort" "kudzu"]; id = "xuwnn-mknwe"; label = "Sync"; path = "~/Sync"; versioning = { type = "trashcan"; params.cleanoutDays = "14"; }; }; overrideDevices = true; overrideFolders = true; }; openssh = { # Disable by default banner = "Welcome to ${systemInformation.prettyHostname}!\n"; settings.PasswordAuthentication = false; }; }; environment.machineInfo.prettyHostname = systemInformation.prettyHostname; # Enable the OpenSSH daemon. # services.openssh.enable = true; # Open ports in the firewall. # networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ]; # Or disable the firewall altogether. networking.firewall.enable = false; networking.hosts = { "162.255.119.254" = ["www.librepunk.club"]; "129.21.49.69" = ["www.librepunk.club"]; "192.168.1.204" = ["redwood.corviform.gay"]; "192.168.1.227" = ["wyvern.kitty.lan"]; }; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "22.11"; # Did you read the comment? # Set up hardware acceleration # https://nixos.wiki/wiki/Accelerated_Video_Playback hardware.graphics = { enable = true; extraPackages = with pkgs; [ intel-compute-runtime intel-media-driver # LIBVA_DRIVER_NAME=iHD vaapiIntel # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium) vaapiVdpau libvdpau-va-gl ]; }; hardware.enableAllFirmware = true; hardware.cpu.intel.updateMicrocode = systemInformation.isIntel; hardware.cpu.amd.updateMicrocode = systemInformation.isAmd; nix.settings.auto-optimise-store = true; nix.settings.experimental-features = ["nix-command" "flakes"]; # Needed for Gnome Boxes virtualisation.libvirtd.enable = true; virtualisation.spiceUSBRedirection.enable = true; # Needed for Anbox virtualisation.waydroid.enable = true; # # i dont know why dotnet 6 needs to be installed # nixpkgs.config.permittedInsecurePackages = ["dotnet-runtime-6.0.36" "dotnet-sdk-wrapped-6.0.428" "dotnet-sdk-6.0.428"]; }