2022-12-29 18:31:28 +00:00
|
|
|
# Tangled in ../Systems.org
|
2021-10-09 17:12:45 +01:00
|
|
|
{ config, pkgs, ... }:
|
|
|
|
|
|
|
|
|
|
{
|
|
|
|
|
imports =
|
|
|
|
|
[
|
|
|
|
|
./hardware-configuration.nix
|
|
|
|
|
];
|
|
|
|
|
|
2022-12-29 18:31:28 +00:00
|
|
|
boot.loader.grub = {
|
|
|
|
|
enable = true;
|
|
|
|
|
version = 2;
|
|
|
|
|
device = "nodev";
|
|
|
|
|
useOSProber = true;
|
|
|
|
|
efiSupport = true;
|
|
|
|
|
enableCryptodisk = true;
|
|
|
|
|
canTouchEfiVariables = true;
|
|
|
|
|
efiSysMountPoint = "/boot/efi";
|
|
|
|
|
};
|
2021-10-09 17:12:45 +01:00
|
|
|
|
2022-12-29 18:31:28 +00:00
|
|
|
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
|
|
|
|
|
boot.kernelPackages = pkgs.linuxPackages_6_0;
|
|
|
|
|
|
|
|
|
|
# Setup keyfile
|
|
|
|
|
boot.initrd.secrets = {
|
|
|
|
|
"/crypto_keyfile.bin" = null;
|
|
|
|
|
};
|
2021-10-09 17:12:45 +01:00
|
|
|
|
2022-12-29 18:31:28 +00:00
|
|
|
# Enable swap on luks
|
|
|
|
|
boot.initrd.luks.devices."luks-63100442-37df-4579-a787-cb2f2c67b3d1".device = "/dev/disk/by-uuid/63100442-37df-4579-a787-cb2f2c67b3d1";
|
|
|
|
|
boot.initrd.luks.devices."luks-63100442-37df-4579-a787-cb2f2c67b3d1".keyFile = "/crypto_keyfile.bin";
|
2021-10-09 17:12:45 +01:00
|
|
|
|
2022-12-29 18:31:28 +00:00
|
|
|
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
2021-10-09 17:12:45 +01:00
|
|
|
|
|
|
|
|
time.timeZone = "Europe/London";
|
2022-12-29 18:31:28 +00:00
|
|
|
i18n.defaultLocale = "en_GB.utf8";
|
|
|
|
|
|
|
|
|
|
networking.hostName = "LONDON"; # Define your hostname.
|
|
|
|
|
# Enable networking
|
|
|
|
|
networking.networkmanager.enable = true;
|
|
|
|
|
systemd.services.NetworkManager-wait-online.enable = false;
|
|
|
|
|
networking.firewall.checkReversePath = "loose";
|
|
|
|
|
|
|
|
|
|
networking.firewall.allowedTCPPorts = [ 3389 ]; # for RDP
|
2021-10-09 17:12:45 +01:00
|
|
|
|
2022-12-29 18:31:28 +00:00
|
|
|
services.mullvad-vpn.enable = true;
|
2021-10-09 17:12:45 +01:00
|
|
|
services.tailscale.enable = true;
|
|
|
|
|
|
|
|
|
|
# Enable the X11 windowing system.
|
|
|
|
|
services.xserver.enable = true;
|
2022-12-29 18:31:28 +00:00
|
|
|
|
|
|
|
|
# Enable the KDE Plasma Desktop Environment.
|
|
|
|
|
services.xserver.displayManager.sddm.enable = true;
|
|
|
|
|
services.xserver.desktopManager.plasma5.enable = true;
|
|
|
|
|
|
|
|
|
|
services.xrdp.enable = true;
|
|
|
|
|
services.xrdp.defaultWindowManager = "startplasma-x11";
|
|
|
|
|
|
|
|
|
|
# Configure keymap in X11
|
|
|
|
|
services.xserver = {
|
|
|
|
|
layout = "us";
|
|
|
|
|
xkbVariant = "";
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# Allow unfree packages
|
|
|
|
|
nixpkgs.config.allowUnfree = true;
|
2021-10-09 17:12:45 +01:00
|
|
|
services.xserver.videoDrivers = [ "nvidia" ];
|
2022-12-29 18:31:28 +00:00
|
|
|
hardware.opengl.enable = true;
|
2021-10-09 17:12:45 +01:00
|
|
|
|
2022-12-29 18:31:28 +00:00
|
|
|
programs.zsh.enable = true;
|
|
|
|
|
environment.shells = with pkgs; [ zsh ];
|
|
|
|
|
users.users.gsimmer = {
|
|
|
|
|
shell = pkgs.zsh;
|
|
|
|
|
isNormalUser = true;
|
|
|
|
|
description = "Gabriel Simmer";
|
|
|
|
|
extraGroups = [ "networkmanager" "wheel" ];
|
|
|
|
|
packages = with pkgs; [ vim ];
|
2021-10-09 17:12:45 +01:00
|
|
|
};
|
|
|
|
|
|
2022-12-29 18:31:28 +00:00
|
|
|
environment.systemPackages = with pkgs; [
|
|
|
|
|
os-prober
|
|
|
|
|
tailscale
|
|
|
|
|
cifs-utils
|
|
|
|
|
pinentry-curses
|
|
|
|
|
];
|
2021-10-09 17:12:45 +01:00
|
|
|
|
2022-12-29 18:31:28 +00:00
|
|
|
# Enable CUPS to print documents.
|
|
|
|
|
services.printing.enable = true;
|
2021-10-09 17:12:45 +01:00
|
|
|
|
2022-12-29 18:31:28 +00:00
|
|
|
# Enable sound with pipewire.
|
|
|
|
|
sound.enable = true;
|
2021-10-09 17:12:45 +01:00
|
|
|
hardware.pulseaudio.enable = false;
|
|
|
|
|
security.rtkit.enable = true;
|
|
|
|
|
services.pipewire = {
|
|
|
|
|
enable = true;
|
|
|
|
|
alsa.enable = true;
|
|
|
|
|
alsa.support32Bit = true;
|
|
|
|
|
pulse.enable = true;
|
2022-12-29 18:31:28 +00:00
|
|
|
# If you want to use JACK applications, uncomment this
|
|
|
|
|
#jack.enable = true;
|
2021-10-09 17:12:45 +01:00
|
|
|
};
|
|
|
|
|
|
2022-12-29 18:31:28 +00:00
|
|
|
virtualisation = {
|
|
|
|
|
docker = {
|
|
|
|
|
enable = true;
|
|
|
|
|
rootless = {
|
|
|
|
|
enable = true;
|
|
|
|
|
setSocketVariable = true;
|
|
|
|
|
};
|
|
|
|
|
};
|
2021-10-09 17:12:45 +01:00
|
|
|
};
|
2022-12-29 18:31:28 +00:00
|
|
|
|
|
|
|
|
programs.dconf.enable = true;
|
2021-10-09 17:12:45 +01:00
|
|
|
|
2022-12-29 18:31:28 +00:00
|
|
|
programs.steam = {
|
|
|
|
|
enable = true;
|
|
|
|
|
remotePlay.openFirewall = true;
|
|
|
|
|
dedicatedServer.openFirewall = false;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
fonts.fonts = with pkgs; [
|
|
|
|
|
ibm-plex
|
|
|
|
|
jetbrains-mono
|
2021-10-09 17:12:45 +01:00
|
|
|
];
|
2022-12-29 18:31:28 +00:00
|
|
|
|
|
|
|
|
services.yubikey-agent.enable = true;
|
|
|
|
|
services.pcscd.enable = true;
|
|
|
|
|
|
|
|
|
|
# Some programs need SUID wrappers, can be configured further or are
|
|
|
|
|
# started in user sessions.
|
|
|
|
|
# programs.mtr.enable = true;
|
2021-10-09 17:12:45 +01:00
|
|
|
programs.gnupg.agent = {
|
|
|
|
|
enable = true;
|
2022-12-29 18:31:28 +00:00
|
|
|
pinentryFlavor = "curses";
|
2021-10-09 17:12:45 +01:00
|
|
|
enableSSHSupport = true;
|
|
|
|
|
};
|
|
|
|
|
|
2022-12-29 18:31:28 +00:00
|
|
|
system.stateVersion = "22.05";
|
2021-10-09 17:12:45 +01:00
|
|
|
}
|
