{ lib, config, pkgs, ... }: with lib; { age.secrets = { thor_wg_priv = { file = ../../secrets/thor_wg_priv.age; }; }; boot = { binfmt.emulatedSystems = [ "armv7l-linux" "aarch64-linux" ]; # kernelPackages = pkgs.linuxPackages_latest; # kernelPackages = pkgs.linuxPackages_6_1; extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback hid-nintendo ]; loader = { systemd-boot.enable = true; efi.canTouchEfiVariables = true; }; initrd = { checkJournalingFS = true; luks.devices = { root = { device = "/dev/disk/by-id/nvme-Sabrent_Rocket_4.0_1TB_A0D6070C1AA788202455-part2"; preLVM = true; allowDiscards = true; bypassWorkqueues = true; }; nvme2t = { device = "/dev/disk/by-id/nvme-SHPP41-2000GM_SJC4N477711004A0J"; preLVM = true; allowDiscards = true; bypassWorkqueues = true; }; }; }; }; console = { font = "Lat2-Terminus16"; keyMap = "us"; }; environment = { pathsToLink = [ "/share/zsh" ]; systemPackages = builtins.attrValues { inherit (pkgs) git helix tmux vim; }; }; hardware = { opengl.enable = true; bluetooth = { enable = true; package = pkgs.bluezFull; }; enableRedistributableFirmware = true; pulseaudio.enable = false; # nvidia.modesetting.enable = true; opentabletdriver = { enable = true; daemon.enable = true; }; }; i18n.defaultLocale = "it_IT.UTF-8"; programs = { dconf.enable = true; flashrom.enable = true; gamemode = { enable = true; settings = { custom = { start = "${pkgs.libnotify}/bin/notify-send 'GameMode started'"; end = "${pkgs.libnotify}/bin/notify-send 'GameMode ended'"; }; }; }; gnupg.agent = { enable = true; enableSSHSupport = true; }; steam = { enable = true; package = pkgs.steam.override { # extraPkgs = pkgs: with pkgs; [ icu ]; # extraLibraries = pkgs: with pkgs; [ dconf.lib gnome.gvfs icu libdrm ]; # extraProfile = '' # export GSETTINGS_SCHEMA_DIR="${pkgs.gsettings-desktop-schemas}/share/gsettings-schemas/${pkgs.gsettings-desktop-schemas.name}/glib-2.0/schemas/" # ''; }; remotePlay.openFirewall = true; }; zsh.enable = true; }; networking = { hostName = "thor"; # Define your hostname. networkmanager.enable = true; wg-quick.interfaces = { wg0 = { autostart = false; address = [ "10.0.0.4/24" "fdc9:281f:04d7:9ee9::4/64" ]; dns = [ "10.0.0.1" "fdc9:281f:04d7:9ee9::1" ]; privateKeyFile = config.age.secrets.thor_wg_priv.path; peers = [ { # baldur # allowedIPs = [ "10.0.0.3/32" "fdc9:281f:04d7:9ee9::3/128" ]; allowedIPs = [ "0.0.0.0/0" "::/0" ]; endpoint = "baldur.bertof.net:51820"; presharedKeyFile = config.age.secrets.wg_psk.path; publicKey = "K57ikgFSR1O0CXWBxfQEu7uxSOsp3ePj/NMRets5pVc="; } { # odin publicKey = "LDBhvzeYmHJ0z5ch+N559GWjT3It1gZvGR/9WtCfURw="; presharedKeyFile = config.age.secrets.wg_psk.path; allowedIPs = [ "10.0.0.2/24" "fdc9:281f:04d7:9ee9::2/128" ]; } { # oppo publicKey = "OBk6bHKuIYLwD7cwjmAuMn57jXqbDwCL52jhQxiHnnA="; presharedKeyFile = config.age.secrets.wg_psk.path; allowedIPs = [ "10.0.0.3/24" "fdc9:281f:04d7:9ee9::3/128" ]; } { # thor publicKey = "rpwR6n4IE96VZAmQDBufsWE/a9G7d8fpkvY1OwsbOhk="; presharedKeyFile = config.age.secrets.wg_psk.path; allowedIPs = [ "10.0.0.4/24" "fdc9:281f:04d7:9ee9::4/128" ]; } ]; }; }; }; time.timeZone = "Europe/Rome"; services = { avahi = { enable = true; openFirewall = true; nssmdns = true; publish = { enable = true; addresses = true; domain = true; userServices = true; workstation = true; }; extraServiceFiles = { ssh = "${pkgs.avahi}/etc/avahi/services/ssh.service"; }; }; blueman.enable = true; # clamav = { # daemon.enable = true; # updater.enable = true; # }; dbus = { packages = [ pkgs.dconf ]; implementation = "broker"; }; gnome.gnome-keyring.enable = true; gvfs = { enable = true; # package = pkgs.gnome3.gvfs; }; # joycond.enable = true; keybase.enable = true; onedrive = { enable = true; package = pkgs.unstable_pkgs.onedrive; }; openssh = { enable = true; openFirewall = true; }; pipewire = { enable = true; alsa = { enable = true; support32Bit = true; }; jack.enable = true; pulse.enable = true; # media-session.enable = true; }; power-profiles-daemon.enable = true; smartd.enable = true; snapper = { configs = let common = { ALLOW_USERS = [ "bertof" ]; TIMELINE_CLEANUP = true; TIMELINE_CREATE = true; }; in { bertof_home = recursiveUpdate common { SUBVOLUME = "/home/bertof"; }; }; }; thermald.enable = true; xserver = { enable = true; desktopManager = { # gnome.enable = true; # cinnamon.enable = true; # plasma5 = { enable = true; runUsingSystemd = true; useQtScaling = true; }; }; windowManager.bspwm = { enable = true; }; displayManager.gdm = { enable = true; }; # displayManager.sddm = { # enable = true; # theme = # "${pkgs.sddm-theme-clairvoyance}/usr/share/sddm/themes/clairvoyance"; # }; videoDrivers = [ "nvidia" ]; layout = "us,it"; xkbOptions = "eurosign:e,terminate:ctrl_alt_bksp,compose:rctrl,grp:menu_toggle"; xrandrHeads = [{ primary = true; output = "DP-4"; }]; }; # gnome.gnome-remote-desktop.enable = true; }; # services.teamviewer.enable = true; security = { tpm2.enable = true; rtkit.enable = true; pam.services = { autounlock_gnome_keyring.enableGnomeKeyring = true; }; sudo.extraConfig = '' Defaults pwfeedback ''; }; sound.enable = false; users.users.bertof = { isNormalUser = true; extraGroups = [ "audio" "input" "docker" "flashrom" "libvirtd" "network" "networkmanager" "usb" "video" "wheel" ]; shell = pkgs.zsh; }; virtualisation = { docker.enable = true; kvmgt.enable = true; libvirtd.enable = true; podman.enable = true; # virtualbox.host.enable = true; }; nixpkgs.config = { allowUnfree = true; packageOverrides = pkgs: { steam = pkgs.steam.override { extraPkgs = pkgs: [ pkgs.icu ]; }; }; # cudaSupport = true; }; system.stateVersion = "22.11"; # Did you read the comment? }