# # Main system configuration. More information available in configuration.nix(5) man page. # # flake.nix # ├─ ./hosts # │ └─ configuration.nix * # └─ ./modules # └─ ./editors # └─ ./nvim # └─ default.nix # { config, lib, pkgs, inputs, user, location, agenix, ... }: { imports = # Import window or display manager. [ #../modules/editors/nvim # ! Comment this out on first install ! ]; users.users.${user} = { # System User isNormalUser = true; extraGroups = [ "wheel" "video" "audio" "camera" "networkmanager" "lp" "kvm" "libvirtd" "adb" "dialout" ]; shell = pkgs.zsh; # Default shell uid = 2000; # initialPassword = "password95"; openssh.authorizedKeys.keys = [ "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIANmaraVJ/o20c4dqVnGLp/wGck9QNHFPvO9jcEbKS29AAAABHNzaDo= kabbone@kabc" "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIIgo4IP8ISUohyAMiDc3zEe6ESUE3un7eN5FhVtxZHmcAAAABHNzaDo= kabbone@kabc" "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIKVDApb3vZ+i97V4xLJh8rUF6z5OVYfORlXYbLhdQO15AAAABHNzaDo= kabbone@hades.home.opel-online.de" "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIB0q++epdX7feQxvmC2m/CJEoJbkqtAJy6Ml6WKHxryZAAAABHNzaDo= kabbone@hades.home.opel-online.de" ]; }; #security.sudo.wheelNeedsPassword = true; # User does not need to give password when using sudo. time.timeZone = "Europe/Berlin"; # Time zone and internationalisation i18n = { defaultLocale = "en_US.UTF-8"; extraLocaleSettings = { # Extra locale settings that need to be overwritten LC_TIME = "de_DE.UTF-8"; LC_MONETARY = "de_DE.UTF-8"; }; }; console = { font = "Lat2-Terminus16"; keyMap = "us"; # or us/azerty/etc }; security.rtkit.enable = true; security.pki.certificateFiles = [ ./rootCA.pem ]; sound = { # ALSA sound enable enable = true; mediaKeys = { # Keyboard Media Keys (for minimal desktop) enable = true; enable = true; }; }; fonts.fonts = with pkgs; [ # Fonts carlito # NixOS vegur # NixOS source-code-pro jetbrains-mono font-awesome # Icons hack-font corefonts # MS (nerdfonts.override { # Nerdfont Icons override fonts = [ "FiraCode" ]; }) ]; environment = { variables = { TERMINAL = "alacritty"; EDITOR = "nvim"; VISUAL = "nvim"; BROWSER = "firefox"; }; systemPackages = with pkgs; [ # Default packages install system-wide vim git killall pciutils usbutils wget powertop cpufrequtils lm_sensors libva-utils at-spi2-core bind dig qmk-udev-rules gptfdisk agenix.packages.x86_64-linux.default age-plugin-yubikey pwgen cryptsetup ]; }; services = { pipewire = { # Sound enable = true; alsa = { enable = true; # support32Bit = true; }; pulse.enable = true; wireplumber.enable = true; }; openssh = { # SSH: secure shell (remote connection to shell of server) enable = true; # local: $ ssh @ # public: # - port forward 22 TCP to server # - in case you want to use the domain name insted of the ip: # - for me, via cloudflare, create an A record with name "ssh" to the correct ip without proxy # - connect via ssh @ # generating a key: # - $ ssh-keygen | ssh-copy-id | ssh-add # - if ssh-add does not work: $ eval `ssh-agent -s` # allowSFTP = true; # SFTP: secure file transfer protocol (send file to server) # connect: $ sftp @ # commands: # - lpwd & pwd = print (local) parent working directory # - put/get = send or receive file # extraConfig = '' # HostKeyAlgorithms +ssh-rsa # ''; # Temporary extra config so ssh will work in guacamole settings.passwordAuthentication = false; }; pcscd.enable = true; yubikey-agent.enable = true; udev.packages = [ pkgs.yubikey-personalization ]; #flatpak.enable = true; # download flatpak file from website - sudo flatpak install - reboot if not showing up # sudo flatpak uninstall --delete-data (> flatpak list --app) - flatpak uninstall --unused # List: # com.obsproject.Studio # com.parsecgaming.parsec # com.usebottles.bottles gvfs.enable = true; fwupd.enable = true; }; #xdg.portal = { # Required for flatpak # enable = true; # extraPortals = [ pkgs.xdg-desktop-portal-gtk ]; #}; nix = { # Nix Package Manager settings settings ={ auto-optimise-store = true; # Optimise syslinks substituters = ["https://hyprland.cachix.org"]; trusted-public-keys = ["hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="]; }; gc = { # Automatic garbage collection automatic = true; dates = "weekly"; options = "--delete-older-than 7d"; }; package = pkgs.nixVersions.stable; # Enable nixFlakes on system registry.nixpkgs.flake = inputs.nixpkgs; extraOptions = '' experimental-features = nix-command flakes keep-outputs = true keep-derivations = true ''; }; nixpkgs.config.allowUnfree = true; # Allow proprietary software. nixpkgs.config.packageOverrides = pkgs: { nur = import (builtins.fetchTarball "https://github.com/nix-community/NUR/archive/master.tar.gz") { inherit pkgs; }; }; system = { # NixOS settings # autoUpgrade = { # Allow auto update # enable = true; # channel = "https://nixos.org/channels/nixos-unstable"; # }; stateVersion = "22.05"; }; }