128 lines
3.2 KiB
Nix
128 lines
3.2 KiB
Nix
# welcome to saturnOS config, run nixos-help if you need it .
|
|
{ config, pkgs, lib, ... }:
|
|
let
|
|
unstableTarball = builtins.fetchTarball "https://github.com/NixOS/nixpkgs/archive/nixos-unstable.tar.gz";
|
|
unstable = import unstableTarball { config = { allowUnfree = true; }; };
|
|
homeManagerTarball = builtins.fetchTarball "https://github.com/nix-community/home-manager/archive/master.tar.gz";
|
|
home-manager = import "${homeManagerTarball}/nixos";
|
|
in {
|
|
imports = [
|
|
home-manager
|
|
./hosts/vulkan
|
|
./modules
|
|
./saturn/system.nix
|
|
];
|
|
|
|
# nix options
|
|
nix.settings = {
|
|
experimental-features = "nix-command flakes";
|
|
auto-optimise-store = true;
|
|
};
|
|
|
|
# cleanup packages older than 30 days from nix store
|
|
nix.gc = {
|
|
automatic = true;
|
|
dates = "weekly";
|
|
options = "--delete-older-than 30d";
|
|
};
|
|
|
|
|
|
# bootloader
|
|
boot.loader.systemd-boot.enable = true;
|
|
boot.loader.efi.canTouchEfiVariables = true;
|
|
boot.loader.efi.efiSysMountPoint = "/boot/efi";
|
|
boot.initrd.systemd.enable = true;
|
|
boot.plymouth.enable = true;
|
|
boot.kernelParams = ["quiet"];
|
|
|
|
# init keyfile
|
|
boot.initrd.secrets = {
|
|
"/crypto_keyfile.bin" = null;
|
|
};
|
|
|
|
# enable swap on luks
|
|
boot.initrd.luks.devices."luks-4130c26c-7546-42e9-9d61-8f112e244460".device =
|
|
"/dev/disk/by-uuid/4130c26c-7546-42e9-9d61-8f112e244460";
|
|
boot.initrd.luks.devices."luks-4130c26c-7546-42e9-9d61-8f112e244460".keyFile =
|
|
"/crypto_keyfile.bin";
|
|
|
|
# configure networking
|
|
networking.hostName = "vulkan";
|
|
environment.machineInfo.prettyHostname = "🌋 vulkan";
|
|
networking.networkmanager.enable = true;
|
|
networking.hosts = {
|
|
"162.255.119.254" = ["www.librepunk.club"];
|
|
"129.21.49.69" = ["www.librepunk.club"];
|
|
};
|
|
|
|
# configure locale
|
|
time.timeZone = "Etc/UTC";
|
|
i18n.defaultLocale = "en_CA.UTF-8";
|
|
|
|
# enable gnome
|
|
services.xserver.enable = true;
|
|
services.xserver.displayManager.gdm.enable = true;
|
|
services.xserver.desktopManager.gnome.enable = true;
|
|
|
|
# configure x11 keymap
|
|
services.xserver = {
|
|
layout = "us";
|
|
xkbVariant = "";
|
|
};
|
|
|
|
# enable dconf configuration for gnome and other supported applications
|
|
programs.dconf.enable = true;
|
|
|
|
# configure pipewire
|
|
sound.enable = true;
|
|
hardware.pulseaudio.enable = false;
|
|
security.rtkit.enable = true;
|
|
services.pipewire = {
|
|
enable = true;
|
|
alsa.enable = true;
|
|
alsa.support32Bit = true;
|
|
pulse.enable = true;
|
|
jack.enable = true;
|
|
};
|
|
|
|
# add and configure users
|
|
users.users.hive = {
|
|
initialPassword = "";
|
|
isNormalUser = true;
|
|
description = "The Hive";
|
|
extraGroups = [ "networkmanager" "wheel" "dialout" ];
|
|
};
|
|
|
|
# import home-manager config from home.nix
|
|
home-manager.users.hive = import ./home.nix;
|
|
|
|
# install packages
|
|
# `nix search` to add more
|
|
nixpkgs.config.allowUnfree = true;
|
|
environment.systemPackages = with pkgs; [
|
|
# unstable.fish
|
|
# unstable.printrun
|
|
pass
|
|
git
|
|
neovim
|
|
];
|
|
|
|
# set fish as default shell for all users
|
|
users.defaultUserShell = unstable.fish;
|
|
|
|
# suid wrapper ( for things which need privelidged acccess ? )
|
|
programs.mtr.enable = true;
|
|
programs.gnupg.agent = {
|
|
enable = true;
|
|
enableSSHSupport = true;
|
|
pinentryFlavor = "gnome3";
|
|
};
|
|
|
|
# enable configure services
|
|
services.printing.enable = true; # printing
|
|
services.openssh.enable = true; # remote shell
|
|
services.flatpak.enable = true; #flatpak lol
|
|
|
|
system.stateVersion = "22.11";
|
|
}
|