175 lines
No EOL
4.2 KiB
Nix
175 lines
No EOL
4.2 KiB
Nix
{
|
|
config,
|
|
options,
|
|
lib,
|
|
pkgs,
|
|
inputs,
|
|
...
|
|
}:
|
|
{
|
|
imports = [
|
|
inputs.disko.nixosModules.disko
|
|
|
|
./device.nix
|
|
./disk-config.nix
|
|
./hardware-configuration.nix
|
|
./audio/pipewire.nix
|
|
./impermanence.nix
|
|
./nix-maintenance.nix
|
|
# ./hardening.nix
|
|
|
|
./desktop/plasma
|
|
./tailscale.nix
|
|
|
|
./users.nix
|
|
./user-system-config.nix
|
|
|
|
./vm.nix
|
|
];
|
|
|
|
vfio = {
|
|
enable = true;
|
|
earlyKMS = true;
|
|
applyACSpatch = true;
|
|
};
|
|
|
|
# Allows referring to this flake by the shorthand `nixos-config`, which lets you do e.g.
|
|
# nix repl nixos-config
|
|
nix.registry.nixos-config.to = {
|
|
type = "git";
|
|
url = "file://${config.users.users.evar.home}/git/nixos-framework-laptop-config";
|
|
};
|
|
|
|
# In order to catch all logs, we need to mount this early enough in the boot process.
|
|
fileSystems."/var/log".neededForBoot = true;
|
|
|
|
zramSwap = {
|
|
enable = true;
|
|
memoryPercent = 25;
|
|
};
|
|
|
|
# This is not ideal for a laptop.
|
|
# For solution watch https://github.com/nix-community/impermanence/issues/153
|
|
time.timeZone = "America/New_York";
|
|
|
|
nix.settings = {
|
|
# unclutters home folder
|
|
use-xdg-base-directories = true;
|
|
|
|
# adding a community binary cache
|
|
substituters = [
|
|
"https://nix-community.cachix.org"
|
|
];
|
|
trusted-public-keys = [
|
|
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
|
];
|
|
};
|
|
|
|
nixpkgs.config.allowUnfreePredicate = pkg:
|
|
builtins.elem (lib.getName pkg)
|
|
[
|
|
"steam"
|
|
# "steam-original"
|
|
# "steam-run"
|
|
"steam-unwrapped"
|
|
"obsidian"
|
|
"rider"
|
|
"rust-rover"
|
|
"spotify"
|
|
];
|
|
|
|
# basically agrees to some license stuff
|
|
hardware.enableRedistributableFirmware = true;
|
|
|
|
### Boot
|
|
|
|
boot.loader.systemd-boot.enable = true;
|
|
boot.loader.efi.canTouchEfiVariables = true;
|
|
|
|
boot.initrd.systemd.enable = true;
|
|
|
|
### Session management
|
|
|
|
services.displayManager.autoLogin = {
|
|
# only if there's any encripted disks
|
|
enable = config.boot.initrd.luks.devices != {};
|
|
user = "evar";
|
|
};
|
|
|
|
### Networking
|
|
|
|
networking.networkmanager = {
|
|
enable = true;
|
|
# Per https://kokada.dev/blog/an-unordered-list-of-hidden-gems-inside-nixos/
|
|
# May improve reliability
|
|
wifi.backend = "iwd";
|
|
};
|
|
services.openssh.enable = true;
|
|
|
|
### System software
|
|
|
|
environment.systemPackages = [
|
|
pkgs.git
|
|
pkgs.gdu
|
|
|
|
pkgs.exfatprogs # for mkfs.exfat
|
|
pkgs.parted # for partprobe
|
|
|
|
pkgs.gparted
|
|
|
|
# For thinkorswim
|
|
# TODO: Should be elsewhere
|
|
pkgs.distrobox
|
|
];
|
|
|
|
virtualisation.podman = {
|
|
enable = true;
|
|
dockerCompat = true;
|
|
};
|
|
|
|
programs.adb.enable = true;
|
|
|
|
# Miscellaneous
|
|
|
|
# helps some things access battery info
|
|
services.upower.enable = true;
|
|
# dynamic mounting of connected devices
|
|
services.udisks2.enable = true;
|
|
services.printing.enable = true;
|
|
# service discovery, hostname lookups, etc.
|
|
services.avahi = {
|
|
enable = true;
|
|
nssmdns4 = true;
|
|
openFirewall = true;
|
|
};
|
|
# For the music server
|
|
networking.firewall.allowedUDPPorts = [
|
|
# DLNA discovery (SSDP)
|
|
1900
|
|
];
|
|
|
|
hardware.bluetooth = {
|
|
powerOnBoot = true;
|
|
settings.General.Experimental = "true";
|
|
};
|
|
# allows connecting to virtualized directories
|
|
services.gvfs.enable = true;
|
|
|
|
# This option defines the first version of NixOS you have installed on this particular machine,
|
|
# and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
|
|
#
|
|
# Most users should NEVER change this value after the initial install, for any reason,
|
|
# even if you've upgraded your system to a new NixOS release.
|
|
#
|
|
# This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
|
|
# so changing it will NOT upgrade your system.
|
|
#
|
|
# This value being lower than the current NixOS release does NOT mean your system is
|
|
# out of date, out of support, or vulnerable.
|
|
#
|
|
# Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
|
|
# and migrated your data accordingly.
|
|
#
|
|
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
|
|
system.stateVersion = "23.11"; # Did you read the comment?
|
|
} |