tristan/nix
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity
nix/configuration.nix
Tristan Druyen 27ebd92fa2
Add nix-ld & envfs 
- nix-ld
  enables running unpatched binaries, see
  https://github.com/Mic92/nix-ld#usage
  for details

- envfs
  enables running standart #!/usr/bin/shebang scripts through nix magic
2023-10-05 13:07:09 +02:00

266 lines
6.3 KiB
Nix
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
config,
pkgs,
inputs,
...
}: {
imports = [
./hardware.nix
];
systemd.user.services.set-wallpaper = {
serviceConfig = {
Type = "oneshot";
RemainAfterExit = "yes";
};
script = ''
FILE="$HOME/.config/plasma-org.kde.plasma.desktop-appletsrc"
IMAGE_PATH="$HOME/.background"
if [[ ! -f "$IMAGE_PATH" ]]; then
echo "Image not found at $IMAGE_PATH. Skipping setting the image."
exit 0
fi
# Extract all containment numbers
CONTAINMENTS=$(${pkgs.ripgrep}/bin/rg "\[Containments\]\[(\d+)\]" -o ~/.config/plasma-org.kde.plasma.desktop-appletsrc -r \$1 | sort | uniq)
for CONTAINMENT in $CONTAINMENTS; do
echo Containment: $CONTAINMENT
${pkgs.libsForQt5.kconfig}/bin/kwriteconfig5 \
--file $FILE \
--group Containments --group $CONTAINMENT \
--key "wallpaperplugin" "org.kde.image";
${pkgs.libsForQt5.kconfig}/bin/kwriteconfig5 \
--file $FILE \
--group Containments --group $CONTAINMENT \
--group Wallpaper --group org.kde.image \
--group General \
--key Image "$IMAGE_PATH";
done
'';
};
nix = {
package = pkgs.nixFlakes;
extraOptions = ''
experimental-features = nix-command flakes
'';
};
boot.plymouth.enable = true;
fonts.fontDir.enable = true;
fonts.fonts = with pkgs; [
emacs-all-the-icons-fonts
corefonts
vistafonts
noto-fonts
noto-fonts-cjk
noto-fonts-emoji
liberation_ttf
fira
fira-code
fira-code-symbols
mplus-outline-fonts.githubRelease
dina-font
proggyfonts
(nerdfonts.override {fonts = ["FiraCode" "DroidSansMono"];})
];
networking.hostName = "nixos-pulse";
networking.networkmanager.enable = true;
networking.nameservers = [
"45.90.28.0#921984.dns.nextdns.io"
"45.90.30.0#921984.dns.nextdns.io"
"2a07:a8c0::#921984.dns.nextdns.io"
"2a07:a8c1::#921984.dns.nextdns.io"
];
services.fwupd.enable = true;
services.resolved = {
enable = true;
dnssec = "true";
domains = ["~."];
fallbackDns = ["1.1.1.1#one.one.one.one" "1.0.0.1#one.one.one.one"];
extraConfig = ''
DNSOverTLS=yes
'';
};
time.timeZone = "Europe/Berlin";
i18n = {
defaultLocale = "en_US.UTF-8";
extraLocaleSettings = {
LANG = "en_US.UTF-8";
LC_ADDRESS = "de_DE.UTF-8";
LC_COLLATE = "de_DE.UTF-8";
LC_CTYPE = "en_US.UTF-8";
LC_IDENTIFICATION = "de_DE.UTF-8";
LC_MEASUREMENT = "de_DE.UTF-8";
LC_MESSAGES = "en_US.UTF-8";
LC_MONETARY = "de_DE.UTF-8";
LC_NAME = "de_DE.UTF-8";
LC_NUMERIC = "de_DE.UTF-8";
LC_PAPER = "de_DE.UTF-8";
LC_TELEPHONE = "de_DE.UTF-8";
LC_TIME = "de_DE.UTF-8";
};
};
services.tailscale = {
enable = true;
useRoutingFeatures = "both";
};
services.mozillavpn = {
enable = true;
};
services.xserver = {
enable = true;
layout = "us";
xkbVariant = "alt-intl";
desktopManager.plasma5.enable = true;
# Sddm
displayManager = {
sddm.enable = true;
defaultSession = "plasmawayland";
# autoLogin = {
# enable = true;
# user = "tristand";
# };
};
};
services.printing.enable = true;
services.printing.drivers = with pkgs; [
gutenprint
gutenprintBin
hplipWithPlugin
brlaser
brgenml1cupswrapper
];
sound.enable = true;
hardware.bluetooth.enable = true;
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
security.sudo.wheelNeedsPassword = false;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
jack.enable = true;
};
environment.sessionVariables = {
EDITOR = "nvim";
MOZ_USE_XINPUT2 = "1";
MOZ_ENABLE_WAYLAND = "1";
};
environment.systemPackages = with pkgs; [
cifs-utils
curl
fish
git
neovim
veracrypt
vim
virtiofsd
virt-manager
virt-viewer
virt-top
wl-clipboard
wget
];
programs.nix-ld.dev.enable = true;
programs.command-not-found.enable = false;
programs.nix-index-database.comma.enable = true;
programs.dconf.enable = true;
programs.fish.enable = true;
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
programs.steam = {
enable = true;
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
};
# For SMB
services.gvfs.enable = true;
services.avahi.enable = true;
services.avahi.nssmdns = true;
##
services.openssh.enable = true;
networking.firewall.allowedTCPPorts = [22 80 443];
# networking.firewall.allowedUDPPorts = [ ... ];
# Samba
networking.firewall.extraCommands = ''iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns'';
virtualisation.docker = {
enable = true;
storageDriver = "btrfs";
};
virtualisation.libvirtd = {
enable = true;
onShutdown = "suspend";
onBoot = "ignore";
qemu = {
package = pkgs.qemu_kvm;
ovmf.enable = true;
ovmf.packages = [pkgs.OVMFFull.fd];
swtpm.enable = true;
runAsRoot = false;
};
};
# virtualisation.libvirtd.allowedBridges = [
# "virbr0"
# "testbr0"
# ];
# networking.bridges = {
# testbr0 = {
# interfaces = [
# "enp5s0f4u1u1c2"
# ];
# };
# };
powerManagement.powertop.enable = true;
systemd.services.powertop.postStart = ''
HIDDEVICES=$(ls /sys/bus/usb/drivers/usbhid | grep -oE '^[0-9]+-[0-9\.]+' | sort -u)
for i in $HIDDEVICES; do
echo -n "Enabling " | cat - /sys/bus/usb/devices/$i/product
echo 'on' > /sys/bus/usb/devices/$i/power/control
done
'';
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
}
Reference in a new issue View git blame Copy permalink