138 lines
3.3 KiB
Nix
138 lines
3.3 KiB
Nix
# welcome to susOS config, run nixos-help if you need it .
|
|
{ config, pkgs, ... }:
|
|
let
|
|
unstable = import <nixos-unstable> { config = { allowUnfree = true; }; };
|
|
home-manager = builtins.fetchTarball "https://github.com/nix-community/home-manager/archive/master.tar.gz";
|
|
in{
|
|
imports =
|
|
[ # hardware scan
|
|
./hardware-configuration.nix
|
|
# <home-manager/nixos>
|
|
# home manager
|
|
(import "${home-manager}/nixos")
|
|
];
|
|
|
|
# nix options
|
|
nix.settings = {
|
|
experimental-features = "nix-command flakes";
|
|
auto-optimise-store = true;
|
|
};
|
|
nix.gc = {
|
|
automatic = true;
|
|
dates = "weekly";
|
|
options = "--delete-older-than 30d";
|
|
};
|
|
|
|
# environment.etc.machine-info.text = lib.strings.toShellVars {
|
|
# PRETTY_HOSTNAME = "vulkan 🌋";
|
|
# };
|
|
|
|
# bootloader
|
|
boot.loader.systemd-boot.enable = true;
|
|
boot.loader.efi.canTouchEfiVariables = true;
|
|
boot.loader.efi.efiSysMountPoint = "/boot/efi";
|
|
boot.plymouth.enable = true;
|
|
boot.kernelParams = ["quiet"];
|
|
|
|
# init keyfile
|
|
boot.initrd.secrets = {
|
|
"/crypto_keyfile.bin" = null;
|
|
};
|
|
|
|
# enable swap on luks
|
|
boot.initrd.luks.devices."luks-4130c26c-7546-42e9-9d61-8f112e244460".device = "/dev/disk/by-uuid/4130c26c-7546-42e9-9d61-8f112e244460";
|
|
boot.initrd.luks.devices."luks-4130c26c-7546-42e9-9d61-8f112e244460".keyFile = "/crypto_keyfile.bin";
|
|
|
|
# configure networking
|
|
networking.hostName = "vulkan";
|
|
networking.networkmanager.enable = true;
|
|
|
|
# configure locale
|
|
time.timeZone = "Etc/UTC";
|
|
i18n.defaultLocale = "en_CA.UTF-8";
|
|
|
|
# enable gnome
|
|
services.xserver.enable = true;
|
|
services.xserver.displayManager.gdm.enable = true;
|
|
services.xserver.desktopManager.gnome.enable = true;
|
|
|
|
# configure x11 keymap
|
|
services.xserver = {
|
|
layout = "us";
|
|
xkbVariant = "";
|
|
};
|
|
|
|
# enable dconf configuration for gnome and other supported applications
|
|
programs.dconf.enable = true;
|
|
|
|
# configure pipewire
|
|
sound.enable = true;
|
|
hardware.pulseaudio.enable = false;
|
|
security.rtkit.enable = true;
|
|
services.pipewire = {
|
|
enable = true;
|
|
alsa.enable = true;
|
|
alsa.support32Bit = true;
|
|
pulse.enable = true;
|
|
jack.enable = true;
|
|
};
|
|
|
|
# add and configure users
|
|
users.users.hive = {
|
|
isNormalUser = true;
|
|
description = "The Hive";
|
|
extraGroups = [ "networkmanager" "wheel" ];
|
|
};
|
|
|
|
# import home-manager config from home.nix
|
|
home-manager.users.hive = import ./home.nix;
|
|
|
|
# install packages
|
|
# `nix search` to add more
|
|
nixpkgs.config.allowUnfree = true;
|
|
environment.systemPackages = with pkgs; [
|
|
# unstable.fish
|
|
pass
|
|
git
|
|
neovim
|
|
];
|
|
|
|
# set fish as default shell for all users
|
|
users.defaultUserShell = unstable.fish;
|
|
|
|
# suid wrapper ( for things which need privelidged acccess ? )
|
|
programs.mtr.enable = true;
|
|
programs.gnupg.agent = {
|
|
enable = true;
|
|
enableSSHSupport = true;
|
|
pinentryFlavor = "gnome3";
|
|
};
|
|
|
|
# systemd services / timers
|
|
|
|
# systemd.timers."nix-store-cleanup" = {
|
|
# wantedBy = [ "timers.target" ];
|
|
# timerConfig = {
|
|
# OnBootSec = "5m";
|
|
# OnUnitActiveSec = "5h";
|
|
# Unit = "nix-store-cleanup.service";
|
|
# };
|
|
# };
|
|
|
|
# systemd.services."nix-store-cleanup" = {
|
|
# script = ''
|
|
# nix-collect-garbage
|
|
# '';
|
|
# serviceConfig = {
|
|
# Type = "oneshot";
|
|
# };
|
|
# };
|
|
|
|
# enable configure services
|
|
services.printing.enable = true; # printing
|
|
services.openssh.enable = true; # remote shell
|
|
services.flatpak.enable = true; #flatpak lol
|
|
|
|
system.stateVersion = "22.11";
|
|
}
|