{ lib , config , pkgs , ... }: { age.secrets = { thor_wg_priv = { file = ../../secrets/thor_wg_priv.age; }; ntfy-thor = { file = ../../secrets/ntfy-thor.age; owner = "bertof"; }; }; boot = { kernelModules = [ "hid-nintendo" ]; binfmt.emulatedSystems = [ "armv7l-linux" "aarch64-linux" ]; # kernelPackages = pkgs.linuxPackages_latest; # kernelPackages = pkgs.linuxPackages_6_1; extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ]; loader = { systemd-boot.enable = true; efi.canTouchEfiVariables = true; }; initrd = { checkJournalingFS = true; luks.devices = { root = { device = "/dev/disk/by-id/nvme-Sabrent_Rocket_4.0_1TB_A0D6070C1AA788202455-part2"; preLVM = true; allowDiscards = true; bypassWorkqueues = true; }; nvme2t = { device = "/dev/disk/by-id/nvme-SHPP41-2000GM_SJC4N477711004A0J"; preLVM = true; allowDiscards = true; bypassWorkqueues = true; }; }; }; }; console = { font = "Lat2-Terminus16"; keyMap = "us"; }; environment = { pathsToLink = [ "/share/zsh" ]; systemPackages = builtins.attrValues { inherit (pkgs) git helix tmux vim ; }; }; hardware = { nvidia = { # modesetting.enable = true; nvidiaSettings = true; # package = config.boot.kernelPackages.nvidiaPackages.mkDriver { # version = "555.58.02"; # # sha256_64bit = "sha256-xctt4TPRlOJ6r5S54h5W6PT6/3Zy2R4ASNFPu8TSHKM="; # sha256_aarch64 = lib.fakeSha256; # openSha256 = lib.fakeSha256; # settingsSha256 = "sha256-ZpuVZybW6CFN/gz9rx+UJvQ715FZnAOYfHn5jt5Z2C8="; # persistencedSha256 = lib.fakeSha256; # }; open = true; }; graphics.enable = true; bluetooth = { enable = true; # package = pkgs.bluezFull; }; enableRedistributableFirmware = true; pulseaudio.enable = false; opentabletdriver = { enable = true; daemon.enable = true; }; }; i18n.defaultLocale = "it_IT.UTF-8"; programs = { dconf.enable = true; flashrom.enable = true; gamemode = { enable = true; settings = { custom = { start = "${pkgs.libnotify}/bin/notify-send 'GameMode started'"; end = "${pkgs.libnotify}/bin/notify-send 'GameMode ended'"; }; }; }; gnupg.agent = { enable = true; enableSSHSupport = true; }; zsh.enable = true; }; networking = { hostName = "thor"; # Define your hostname. networkmanager.enable = true; firewall.enable = false; wg-quick.interfaces = { wg0 = { autostart = false; address = [ "10.0.0.4/24" "fdc9:281f:04d7:9ee9::4/64" ]; dns = [ "10.0.0.1" "fdc9:281f:04d7:9ee9::1" ]; privateKeyFile = config.age.secrets.thor_wg_priv.path; peers = [ { # baldur # allowedIPs = [ "10.0.0.3/32" "fdc9:281f:04d7:9ee9::3/128" ]; allowedIPs = [ "0.0.0.0/0" "::/0" ]; endpoint = "baldur.bertof.net:51820"; presharedKeyFile = config.age.secrets.wg_psk.path; publicKey = "K57ikgFSR1O0CXWBxfQEu7uxSOsp3ePj/NMRets5pVc="; } { # odin publicKey = "LDBhvzeYmHJ0z5ch+N559GWjT3It1gZvGR/9WtCfURw="; presharedKeyFile = config.age.secrets.wg_psk.path; allowedIPs = [ "10.0.0.2/24" "fdc9:281f:04d7:9ee9::2/128" ]; } { # oppo publicKey = "OBk6bHKuIYLwD7cwjmAuMn57jXqbDwCL52jhQxiHnnA="; presharedKeyFile = config.age.secrets.wg_psk.path; allowedIPs = [ "10.0.0.3/24" "fdc9:281f:04d7:9ee9::3/128" ]; } { # thor publicKey = "rpwR6n4IE96VZAmQDBufsWE/a9G7d8fpkvY1OwsbOhk="; presharedKeyFile = config.age.secrets.wg_psk.path; allowedIPs = [ "10.0.0.4/24" "fdc9:281f:04d7:9ee9::4/128" ]; } ]; }; }; }; time.timeZone = "Europe/Rome"; services = { # avahi = { # enable = true; # openFirewall = true; # nssmdns4 = true; # publish = { # enable = true; # addresses = true; # domain = true; # userServices = true; # workstation = true; # }; # extraServiceFiles = { # ssh = "${pkgs.avahi}/etc/avahi/services/ssh.service"; # }; # }; blueman.enable = true; # clamav = { # daemon.enable = true; # updater.enable = true; # }; dbus = { packages = [ pkgs.dconf ]; implementation = "broker"; }; gnome.gnome-keyring.enable = true; gvfs = { enable = true; # package = pkgs.gnome3.gvfs; }; # joycond.enable = true; keybase.enable = true; openssh = { enable = true; openFirewall = true; }; pipewire = { enable = true; alsa = { enable = true; support32Bit = true; }; jack.enable = true; pulse.enable = true; # media-session.enable = true; }; power-profiles-daemon.enable = true; smartd.enable = true; snapper = { configs = let common = { ALLOW_USERS = [ "bertof" ]; TIMELINE_CLEANUP = true; TIMELINE_CREATE = true; }; in { bertof_home = lib.recursiveUpdate common { SUBVOLUME = "/home/bertof"; }; }; }; thermald.enable = true; desktopManager = { # lomiri.enable = true; # cinnamon.enable = true; # plasma5 = { enable = true; runUsingSystemd = true; useQtScaling = true; }; # plasma6 = { enable = true; enableQt5Integration = true; }; }; # displayManager.sddm = { # enable = true; # theme = "${pkgs.sddm-theme-clairvoyance}/usr/share/sddm/themes/clairvoyance"; # }; xserver = { enable = true; # desktopManager.gnome.enable = true; displayManager.gdm = { enable = true; autoSuspend = false; }; # windowManager.bspwm = { enable = true; }; videoDrivers = [ "nvidia" ]; xkb = { layout = "us,it"; options = "eurosign:e,terminate:ctrl_alt_bksp,compose:rctrl,grp:menu_toggle"; }; xrandrHeads = [ { primary = true; output = "DP-3"; } ]; }; # gnome.gnome-remote-desktop.enable = true; }; # services.teamviewer.enable = true; security = { tpm2.enable = true; rtkit.enable = true; pam.services = { autounlock_gnome_keyring.enableGnomeKeyring = true; }; sudo.extraConfig = '' Defaults pwfeedback ''; }; users.users.bertof = { isNormalUser = true; extraGroups = [ "audio" "input" "docker" "flashrom" "libvirtd" "network" "networkmanager" "usb" "video" "wheel" ]; shell = pkgs.zsh; }; virtualisation = { docker.enable = true; kvmgt.enable = true; libvirtd.enable = true; podman.enable = true; # virtualbox.host.enable = true; }; nixpkgs.config = { allowUnfree = true; packageOverrides = pkgs: { steam = pkgs.steam.override { extraPkgs = pkgs: [ pkgs.icu ]; }; }; # cudaSupport = true; }; zramSwap.enable = true; system.stateVersion = "22.11"; # Did you read the comment? }