{ pkgs, ... }: { age.secrets = { garage_bertof_freya_key = { file = ../../secrets/garage_bertof_freya_key.age; owner = "bertof"; }; # garage_tiziano_loki_key = { file = ../../secrets/garage_tiziano_loki_key.age; owner = "tiziano"; }; }; console = { font = "Lat2-Terminus16"; keyMap = "it"; }; environment = { pathsToLink = [ "/share/zsh" ]; systemPackages = builtins.attrValues { inherit (pkgs) helix tmux vim; }; }; hardware = { bluetooth = { enable = true; package = pkgs.bluezFull; }; opengl = { enable = true; driSupport = true; }; raspberry-pi."4" = { # audio.enable = true; # AUDIO # fkms-3d.enable = true; # GPU }; }; i18n.defaultLocale = "it_IT.UTF-8"; networking.hostName = "freya"; networking.firewall = { enable = true; allowPing = true; allowedTCPPorts = [ # 445 # SAMBA # 139 # SAMBA # 5357 # SAMBA-WSDD # 8123 # HOME ASSISTANT 8384 # SYNCTHING # 8385 # SYNCTHING ]; allowedUDPPorts = [ 137 # SYNCTHING 138 # SYNCTHING # 3702 # SAMBA-WSDD ]; # extraCommands = # "iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns"; }; programs = { dconf.enable = true; gnupg.agent = { enable = true; enableSSHSupport = true; }; zsh.enable = true; }; security.sudo.extraConfig = '' Defaults pwfeedback ''; services = { avahi = { enable = true; openFirewall = true; nssmdns = true; publish = { enable = true; addresses = true; domain = true; userServices = true; workstation = true; }; extraServiceFiles.ssh = "${pkgs.avahi}/etc/avahi/services/ssh.service"; }; blueman.enable = true; dbus.packages = [ pkgs.dconf ]; gnome.gnome-keyring.enable = true; openssh = { enable = true; openFirewall = true; }; # xserver = { # enable = true; # desktopManager.retroarch = { enable = true; package = pkgs.retroarchFull; }; # }; }; time.timeZone = "Europe/Rome"; users.users = { bertof = { isNormalUser = true; extraGroups = [ "audio" "input" "docker" "libvirtd" "network" "networkmanager" "usb" "video" "wheel" ]; shell = pkgs.zsh; }; }; system.stateVersion = "22.11"; }