158 lines
4.3 KiB
Nix
158 lines
4.3 KiB
Nix
{
|
|
# Snowfall Lib provides a customized `lib` instance with access to your flake's library
|
|
# as well as the libraries available from your flake's inputs.
|
|
lib,
|
|
# An instance of `pkgs` with your overlays and packages applied is also available.
|
|
pkgs,
|
|
# You also have access to your flake's inputs.
|
|
inputs,
|
|
|
|
# Additional metadata is provided by Snowfall Lib.
|
|
namespace, # The namespace used for your flake, defaulting to "internal" if not set.
|
|
system, # The system architecture for this host (eg. `x86_64-linux`).
|
|
target, # The Snowfall Lib target for this system (eg. `x86_64-iso`).
|
|
format, # A normalized name for the system target (eg. `iso`).
|
|
virtual, # A boolean to determine whether this system is a virtual target using nixos-generators.
|
|
systems, # An attribute map of your defined hosts.
|
|
|
|
# All other arguments come from the system system.
|
|
config,
|
|
...
|
|
}:
|
|
{
|
|
imports = [ ./hardware-configuration.nix ];
|
|
|
|
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
|
|
boot.blacklistedKernelModules = [ "pcspkr" ]; # Disables "beep"
|
|
|
|
networking.hostName = "aspi";
|
|
networking.networkmanager.enable = true;
|
|
# networking.networkmanager.dns = "systemd-resolved";
|
|
services.resolved.enable = true;
|
|
|
|
topology.self = {
|
|
hardware.info = "ThinkPad L430, 8GB RAM";
|
|
};
|
|
|
|
time.timeZone = "Europe/Berlin";
|
|
|
|
sops.secrets = {
|
|
"password/aspi".neededForUsers = true; # necessary for setting password
|
|
};
|
|
|
|
modules = {
|
|
sops.enable = true;
|
|
nix-settings.enable = true;
|
|
xserver-defaults.enable = true;
|
|
keymap.enable = true;
|
|
builder.enable = true;
|
|
system.boot-efi.enable = true;
|
|
sound.enable = true;
|
|
|
|
locales.enable = true;
|
|
# thunar.enable = true;
|
|
pcmanfm.enable = true;
|
|
|
|
i3.enable = true;
|
|
gdm.enable = true;
|
|
# tuigreet.enable = true;
|
|
redshift.enable = true;
|
|
|
|
# wayland.enable = true;
|
|
# hyprland.enable = true;
|
|
# tuigreet.enable = true;
|
|
|
|
virtualbox.enable = true;
|
|
users-julian.enable = true;
|
|
syncthing = {
|
|
enable = true;
|
|
overrideSettings = false;
|
|
};
|
|
xdg-portal.enable = true;
|
|
polkit.enable = true;
|
|
keyring.enable = true;
|
|
};
|
|
|
|
users.mutableUsers = false;
|
|
users.users.julian.hashedPasswordFile = config.sops.secrets."password/aspi".path;
|
|
|
|
services.blueman.enable = true;
|
|
services.upower.enable = true;
|
|
|
|
programs.steam.enable = true;
|
|
|
|
programs.dconf.enable = true;
|
|
services.logind.lidSwitch = "lock";
|
|
services.logind.lidSwitchDocked = "lock";
|
|
|
|
programs.kdeconnect.enable = true;
|
|
|
|
# Enable touchpad support (enabled default in most desktopManager).
|
|
services.libinput.enable = true;
|
|
|
|
# This interface is started on boot / switch
|
|
networking.wg-quick.interfaces = {
|
|
julian = {
|
|
configFile = "/etc/wireguard/julian.conf";
|
|
};
|
|
};
|
|
|
|
# List services that you want to enable:
|
|
services.openssh.enable = false;
|
|
services.flatpak.enable = true;
|
|
|
|
security.krb5.enable = true;
|
|
security.krb5.settings = {
|
|
# domain_realm = {
|
|
# ".julian-mutter.de" = "julian-mutter.de";
|
|
# "julian-mutter.de" = "julian-mutter.de";
|
|
# };
|
|
libdefaults = {
|
|
default_realm = "julian-mutter.de";
|
|
# dns_lookup_realm = true;
|
|
# dns_lookup_kdc = true;
|
|
# ticket_lifetime = "24h";
|
|
# renew_lifetime = "7d";
|
|
};
|
|
realms = {
|
|
"julian-mutter.de" = {
|
|
kdc = [ "kerberos.julian-mutter.de" ];
|
|
admin_server = "kerberos-admin.julian-mutter.de";
|
|
default_domain = "julian-mutter.de";
|
|
};
|
|
};
|
|
};
|
|
|
|
virtualisation.docker.enable = true;
|
|
# hardware.nvidia-container-toolkit.enable = true;
|
|
# services.xserver.videoDrivers = [ "nvidia" ];
|
|
hardware.nvidia.open = false;
|
|
|
|
# Do not alway generate man-cache, making builds much faster
|
|
documentation.man.generateCaches = false;
|
|
|
|
# MDNS on local network
|
|
services.avahi = {
|
|
enable = true;
|
|
nssmdns4 = true;
|
|
};
|
|
|
|
# Packages needed as root
|
|
environment.systemPackages = with pkgs; [
|
|
vim
|
|
htop
|
|
mc
|
|
xorg.xhost
|
|
pavucontrol
|
|
frajul.pulseaudio-popup
|
|
gparted-xhost # needs to be installed as system package so it can be actually opened
|
|
xclip
|
|
|
|
brightnessctl
|
|
];
|
|
|
|
# ======================== DO NOT CHANGE THIS ========================
|
|
system.stateVersion = "24.05";
|
|
# ======================== DO NOT CHANGE THIS ========================
|
|
}
|