{ config, pkgs, lib, ... }: with lib; { # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; boot.initrd.checkJournalingFS = true; # boot.kernelPackages = pkgs.linuxPackages_latest; # boot.kernelPackages = pkgs.linuxPackages_6_1; boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ]; # # Cross-build arm boot.binfmt.emulatedSystems = [ "armv7l-linux" "aarch64-linux" ]; hardware.enableRedistributableFirmware = true; # Enable opengl support hardware.opengl = { enable = true; driSupport = true; driSupport32Bit = true; extraPackages = builtins.attrValues { inherit (pkgs) intel-media-driver vaapiIntel vaapiVdpau libvdpau-va-gl; }; }; # Use same ACPI identifier as Dell Ubuntu boot.kernelParams = [ "acpi_osi=Linux-Dell-Video" ]; networking = { hostName = "odin"; networkmanager.enable = true; # networkmanager.wifi.backend = "iwd"; # Configure network proxy if necessary # proxy.default = "http://user:password@proxy:port/"; # proxy.noProxy = "127.0.0.1,localhost,internal.domain"; # Open ports in the firewall. # firewall.allowedTCPPorts = [ ... ]; # firewall.allowedUDPPorts = [ ... ]; # Or disable the firewall altogether. # firewall.enable = false; firewall.checkReversePath = false; wg-quick.interfaces = { wg0 = { autostart = false; address = [ "10.0.0.2/24" "fdc9:281f:04d7:9ee9::2/64" ]; dns = [ "10.0.0.1" "fdc9:281f:04d7:9ee9::1" ]; privateKeyFile = config.age.secrets.odin_wg_priv.path; peers = [ { publicKey = "K57ikgFSR1O0CXWBxfQEu7uxSOsp3ePj/NMRets5pVc="; presharedKeyFile = config.age.secrets.odin_wg_psk.path; allowedIPs = [ "0.0.0.0/0" "::/0" ]; endpoint = "baldur.bertof.net:51820"; persistentKeepalive = 25; } ]; }; }; }; services.hardware.bolt.enable = true; # Set your time zone. time.timeZone = "Europe/Dublin"; # Select internationalisation properties. i18n.defaultLocale = "it_IT.UTF-8"; console = { font = "Lat2-Terminus16"; keyMap = "it"; }; # X11 windowing system. services.xserver = { enable = true; # Enable the GNOME 3 Desktop Environment. # desktopManager.gnome.enable = true; # desktopManager.plasma5 = { # enable = true; # runUsingSystemd = true; # }; windowManager.bspwm.enable = true; # Configure keymap in X11 layout = "it,us"; xkbOptions = "eurosign:e,terminate:ctrl_alt_bksp,compose:rctrl,grp:menu_toggle"; libinput.enable = true; displayManager.sddm = { enable = true; autoNumlock = true; theme = "${pkgs.sddm-theme-clairvoyance}/usr/share/sddm/themes/clairvoyance"; }; }; # Enable CUPS to print documents. services.printing = { enable = true; drivers = [ pkgs.gutenprint # pkgs.cups-kyocera pkgs.unstable_pkgs.cups-kyodialog ]; }; # Disable auto handling of power button services.logind.extraConfig = '' HandlePowerKey=ignore ''; services.keybase.enable = true; # Enable sound. # PULSE # sound.enable = true; # hardware.pulseaudio.enable = true; # PIPEWIRE hardware.pulseaudio.enable = false; security.rtkit.enable = true; services.pipewire = { enable = true; pulse.enable = true; jack.enable = true; alsa = { enable = true; support32Bit = true; }; # media-session.enable = true; }; environment.sessionVariables.LD_LIBRARY_PATH = lib.mkForce "${config.services.pipewire.package.jack}/lib"; # Temporary fix for WebKitGTK # # Tablet # hardware.opentabletdriver = { # enable = true; # daemon.enable = true; # }; # Define a user account. Don't forget to set a password with ‘passwd’. users.users.bertof = { isNormalUser = true; extraGroups = [ "audio" "input" "docker" "flashrom" "libvirtd" "network" "networkmanager" "usb" "video" "wheel" ]; shell = pkgs.zsh; }; # List packages installed in system profile. To search, run: # $ nix search wget environment.systemPackages = builtins.attrValues { inherit (pkgs) tmux helix vim git ntfs3g; }; # Some programs need SUID wrappers, can be configured further or are # started in user sessions. # programs.mtr.enable = true; programs.flashrom.enable = true; programs.gnupg.agent = { enable = true; enableSSHSupport = true; }; programs.steam = { enable = true; package = pkgs.steam.override { extraPkgs = pkgs: with pkgs; [ icu ]; extraProfile = '' export GSETTINGS_SCHEMA_DIR="${pkgs.gsettings-desktop-schemas}/share/gsettings-schemas/${pkgs.gsettings-desktop-schemas.name}/glib-2.0/schemas/" ''; }; }; # services.joycond.enable = true; programs.dconf.enable = true; programs.zsh = { enable = true; }; services.onedrive = { enable = true; package = pkgs.unstable_pkgs.onedrive; }; # Enable the OpenSSH daemon. services.openssh = { enable = true; openFirewall = true; }; # Cooling management services.thermald.enable = true; services.smartd.enable = true; services.snapper = { configs = let common = { ALLOW_USERS = [ "bertof" ]; TIMELINE_CREATE = true; TIMELINE_CLEANUP = true; }; in { bertof_home = recursiveUpdate common { SUBVOLUME = "/home/bertof"; }; bertof_music = recursiveUpdate common { SUBVOLUME = "/home/bertof/Musica"; }; bertof_downloads = recursiveUpdate common { SUBVOLUME = "/home/bertof/Scaricati"; }; bertof_images = recursiveUpdate common { SUBVOLUME = "/home/bertof/Immagini"; }; bertof_videos = recursiveUpdate common { SUBVOLUME = "/home/bertof/Video"; }; bertof_documents = recursiveUpdate common { SUBVOLUME = "/home/bertof/Documenti"; }; bertof_games_ssd = recursiveUpdate common { SUBVOLUME = "/home/bertof/Giochi/SSD"; }; bertof_games_sata = recursiveUpdate common { SUBVOLUME = "/home/bertof/Giochi/SATA"; }; # bertof_games_hdd = recursiveUpdate common { SUBVOLUME = "/home/bertof/Giochi/HDD"; }; bertof_git = recursiveUpdate common { SUBVOLUME = "/home/bertof/Documenti/Git"; }; }; }; services.dbus = { packages = [ pkgs.dconf ]; implementation = "broker"; }; services.gnome.gnome-keyring.enable = true; hardware.steam-hardware.enable = true; hardware.bluetooth = { enable = true; package = pkgs.bluezFull; }; services.blueman.enable = true; services.gvfs = { enable = true; # package = lib.mkForce pkgs.gnome3.gvfs; }; services.tumbler.enable = true; # services.tlp.enable = false; services.avahi = { enable = true; openFirewall = true; nssmdns = true; publish = { enable = true; addresses = true; domain = true; userServices = true; workstation = true; }; extraServiceFiles = { ssh = "${pkgs.avahi}/etc/avahi/services/ssh.service"; }; }; # FPRINTD # services.fprintd = { # enable = true; # tod = { enable = true; driver = pkgs.libfprint-2-tod1-goodix; }; # }; security.pam.services.login.fprintAuth = true; security.pam.services.xscreensaver.fprintAuth = true; # Clamav # services.clamav = { # daemon.enable = true; # updater.enable = true; # }; # Power-profiles services.power-profiles-daemon.enable = true; # services.teamviewer.enable = true; # Virtualisation virtualisation = { docker.enable = true; kvmgt.enable = true; libvirtd.enable = true; podman.enable = true; virtualbox.host.enable = true; }; # Allow completion for system packages environment.pathsToLink = [ "/share/zsh" ]; security.sudo.extraConfig = '' Defaults pwfeedback ''; security.pam.services.sddm.enableGnomeKeyring = true; security.pam.services.autoUnlockKwallet.enableKwallet = true; nixpkgs.config = { allowUnfree = true; packageOverrides = pkgs: { steam = pkgs.steam.override { extraPkgs = pkgs: [ pkgs.icu ]; }; }; }; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "22.11"; # Did you read the comment? }