leon/nixos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
nixos/configuration.nix
Leon Wilzer 8d149d0c93
refac: cleanup
2024-11-27 22:35:45 +01:00

462 lines
12 KiB
Nix
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{ config, lib, pkgs, ... }:
let
sources = import ./nix/sources.nix;
git_https = "https://git.libre.moe";
in
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
];
# tpm2 functionality
security.tpm2 = {
enable = true;
pkcs11.enable = true;
tctiEnvironment.enable = true;
};
# Use the systemd-boot EFI boot loader.
boot = {
kernelPackages = pkgs.linuxPackages_zen;
#extraModulePackages = [
# config.boot.kernelPackages.ddcci-driver # ddcci-driver
#];
#kernelModules = [
# "ddcci-driver" # Brightness Controll (even on OLEDS)
# "i2c-dev" # Brightness Controll (even on OLEDS)
#];
kernelParams = [ "module_blacklist=i915" "nvidia_drm.modeset=1" ];
#kernelPatches = [ {
# name = "hdr";
# patch = null;
# extraConfig = ''
# AMD_PRIVATE_COLOR y
# '';
# } ];
extraModprobeConfig = ''
options nvidia_drm modes.et=1 fbdev=1
options nvidia NVreg_PreserveVideoMemoryAllocations=1
'';
loader = {
efi.canTouchEfiVariables = true;
systemd-boot = {
consoleMode = "max";
memtest86.enable = true;
};
};
initrd.systemd.enable = true;
};
# Filesystems
fileSystems =
{
"/share" = {
options = [
"nofail"
];
};
};
# Graphics
hardware = {
graphics = {
enable = true;
enable32Bit = true;
};
nvidia = {
modesetting.enable = true; # required
powerManagement.enable = false; # Experimental
open = false; # Support limited to Turing and later: https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus
nvidiaSettings = true; # accessible via nvidia-settings
package = config.boot.kernelPackages.nvidiaPackages.stable;
};
};
networking =
{
hostName = "Zuse1"; # Define your hostname.
#nameservers = [
# "127.0.0.1"
# "::1"
# "192.168.178.1"
# "fd00::b2f2:8ff:fe44:3002"
# "2a02:8071:6240:2400:b2f2:8ff:fe44:3002"
# "1.1.1.3"
# "1.0.0.3"
# "2606:4700:4700::1113"
# "2606:4700:4700::1003"
#];
};
# Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
# Set your time zone.
time.timeZone = "Europe/Berlin";
# Windows compat
time.hardwareClockInLocalTime = true;
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
console = {
#keyMap = "us";
useXkbConfig = true; # use xkb.options in tty.
};
# Enable the X11 windowing system.
services.xserver = {
enable = true;
videoDrivers = [ "nvidia" ];
excludePackages = with pkgs; [
xterm # why the fuck is this garbage even shipped?
];
# Configure keymap in X11
xkb.layout = "us";
xkb.options = "eurosign:e,caps:escape";
# DWM (minimal Xorg Fallback)
windowManager.dwm = {
enable = true;
package = pkgs.dwm.override {
patches = [
(pkgs.fetchpatch{
url = "${git_https}/KomuHome/dwm-patches/raw/branch/stable/config.h.diff";
sha256 = "sha256-82cjMhSHEbLfh9O3xXC6+W1EtgEZoC/a+8x7Ad/7W48=";
})
];
};
};
};
# Display Manager
services.displayManager.sddm =
{
enable = true;
autoNumlock = true; # Enable NumLock at login
wayland.enable = true;
theme = "catppuccin-mocha";
package = pkgs.kdePackages.sddm;
};
services.xserver.displayManager.startx.enable = true;
# GNOME Keyring
services.gnome.gnome-keyring.enable = true;
security.pam.services.sddm.enableGnomeKeyring = true;
security.pam.services.hyprlock.enableGnomeKeyring = true;
# Enable CUPS to print documents.
services.printing.enable = true;
# Enable sound.
# hardware.pulseaudio.enable = true;
# OR
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
jack.enable = true;
};
# udev
services.udev.extraRules = ''
KERNEL=="i2c-[0-9]*", GROUP="i2c"
'';
# Linux Torrents
services.transmission = {
enable = true;
webHome = pkgs.flood-for-transmission;
};
# (p)locate, quickly find files
services.locate.package = {
enable = true;
locate = pkgs.plocate;
services.locate.localuser = null;
};
services.languagetool.enable = true;
security.krb5 = {
enable = true;
settings = {
libdefaults = {
default_realm = "UNI-PADERBORN.DE";
forwardable = true;
ticket_lifetime = "10h";
renew_lifetime = "7d";
dns_lookup_realm = true;
dns_lookup_kdc = true;
};
};
};
# Enable touchpad support (enabled default in most desktopManager).
# services.libinput.enable = true;
# /share
users.groups.share = {};
# /steam group
users.groups.steam = {};
# i2c group for udev
users.groups.i2c = {};
# Create or adjust /share and /steam
systemd.tmpfiles.rules = [
"q /steam 774 root steam"
"Z /steam 774 - steam"
"v /share 774 root share"
"Z /share 774 - share"
"q /home/leon/Downloads 770 leon users 1d"
];
# Define a user account. Don't forget to set a password with passwd.
users.users.leon = {
isNormalUser = true;
extraGroups = [
"wheel" # enable sudo root-access
"tss" # enable access to tpm
"steam" # /steam
"share" # /share
"audio" # audio
"video" # video
"i2c" # needed for ddcci
"docker" # Docker Root
"libvirtd" # virtualization
"transmission" # Linux Torrents
];
shell = pkgs.zsh;
};
# Font Config
fonts = {
enableDefaultPackages = true;
packages = with pkgs; [
fira # My favorite font
fira-code-nerdfont # My favorite programming font
fira-code-symbols # My favorite programming glyphs
fira-math # My favorite math font
];
fontconfig =
{
defaultFonts = {
serif = [ "Liberation Serif" ];
sansSerif = [ "Fira Sans" ];
monospace = [ "Fira Code" "Fira Mono" ];
};
};
};
# Environment Variables
environment.sessionVariables = rec {
NIXOS_OZONE_WL = "1";
XDG_CACHE_HOME = "$HOME/.cache";
XDG_CONFIG_HOME = "$HOME/.config";
XDG_DATA_HOME = "$HOME/.local/share";
XDG_STATE_HOME = "$HOME/.local/state";
XDG_BIN_HOME = "$HOME/.local/bin";
XDG_DESKTOP_DIR = "$HOME/Desktop";
XDG_DOCUMENTS_DIR = "$HOME/Documents";
XDG_DOWNLOAD_DIR = "$HOME/Downloads";
XDG_MUSIC_DIR = "$HOME/Music";
XDG_PICTURES_DIR = "$HOME/Pictures";
XDG_PUBLICSHARE_DIR = "$HOME/Public";
XDG_TEMPLATES_DIR = "$HOME/Templates";
XDG_VIDEOS_DIR = "$HOME/Videos";
XDG_RUNTIME_DIR = "/run/user/$UID";
GRIM_DEFAULT_DIR = "$XDG_PICTURE_DIR/Screenshots";
PATH = [
"${XDG_BIN_HOME}"
];
};
environment.etc.crypttab = {
mode = "0600";
text = ''
# <volume-name> <encrypted-device> [key-file] [options]
swap /dev/disk/by-uuid/48a41300-6d83-4968-9248-a819d17fee3c - tpm2-device=auto
'';
};
# List packages installed in system profile. To search, run:
# $ nix search wget
nixpkgs.config.allowUnfree = true;
#nixpkgs.config.segger-jlink.acceptLicense = true;
environment.systemPackages = with pkgs; [
xorg.xauth # Dependency of startx (??)
home-manager # Nix's Home-Manager
egl-wayland # NVIDIA compat
nvidia-vaapi-driver # NVIDIA compat
catppuccin-cursors.mochaDark # Catppuccin Mouse Cursors
(catppuccin-sddm.override {
flavor = "mocha";
font = "Fira Sans";
fontSize = "9";
#backgroundbin = "$XDG_PICTURES_DIR/Wallpapers/current";
loginBackground = true;
})
];
programs = {
hyprland = {
enable = true;
xwayland.enable = true;
};
steam = {
enable = true;
remotePlay.openFirewall = true;
gamescopeSession.enable = true;
extraCompatPackages = [ pkgs.proton-ge-bin ];
};
nix-ld = {
enable = true;
libraries = with pkgs; [
# Add any missing dynamic libraries for unpackaged programs
# here, NOT in environment.systemPackages
libGL # FO:LONDON Downgrader
libgcc # " + steamcmd
];
};
virt-manager.enable = true;
seahorse.enable = true;
zsh.enable = true;
neovim.enable = true;
git.enable = true;
};
xdg.portal = {
enable = true;
};
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
security.polkit.extraConfig = ''
polkit.addRule(function(action, subject) {
if (
subject.isInGroup("users")
&& (
action.id == "org.freedesktop.login1.reboot" ||
action.id == "org.freedesktop.login1.reboot-multiple-sessions" ||
action.id == "org.freedesktop.login1.power-off" ||
action.id == "org.freedesktop.login1.power-off-multiple-sessions"
)
)
{
return polkit.Result.YES;
}
})
'';
systemd.user.services =
{
polkit-gnome-authentication-agent-1 = {
description = "polkit-gnome-authentication-agent-1";
wantedBy = [ "graphical-session.target" ];
wants = [ "graphical-session.target" ];
after = [ "graphical-session.target" ];
serviceConfig = {
Type = "simple";
ExecStart = "${pkgs.polkit_gnome}/libexec/polkit-gnome-authentication-agent-1";
Restart = "on-failure";
RestartSec = 1;
TimeoutStopSec = 10;
};
};
};
system.userActivationScripts.linktosharedfolder.text = ''
if [[ ! -h "$XDG_MUSIC_DIR" ]]; then
ln -s "/share/Music" "$XDG_MUSIC_DIR"
fi
'';
virtualisation.docker = {
enable = true;
storageDriver = "btrfs";
rootless = {
enable = true;
setSocketVariable = true;
};
};
virtualisation.libvirtd.enable = true;
# Man pages
documentation.dev.enable = true;
nix.settings.experimental-features = [ "nix-command" "flakes" ];
# Chaotic Nyx
# https://www.nyx.chaotic.cx/
# Here be dragons!
#chaotic.hdr =
#{
# enable = true;
# specialisation.enable = true;
#};
# List services that you want to enable:
# Enable the OpenSSH daemon.
# services.openssh.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
# This option defines the first version of NixOS you have installed on this particular machine,
# and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
#
# Most users should NEVER change this value after the initial install, for any reason,
# even if you've upgraded your system to a new NixOS release.
#
# This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
# so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how
# to actually do that.
#
# This value being lower than the current NixOS release does NOT mean your system is
# out of date, out of support, or vulnerable.
#
# Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
# and migrated your data accordingly.
#
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "24.05"; # Did you read the comment?
}
Reference in New Issue View Git Blame Copy Permalink