dotfiles/entropy/nixos/configuration.nix

399 lines
10 KiB
Nix
Raw Normal View History

2020-12-21 14:13:39 +00:00
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
2023-04-14 07:40:57 +00:00
{ config, pkgs, unstable, ... }:
2020-12-21 14:13:39 +00:00
2023-04-14 07:40:57 +00:00
#let
2023-03-02 15:02:34 +00:00
# use unstable nixpkgs for some specific packages that are still in-dev:
2022-03-10 12:24:15 +00:00
# sudo nix-channel --add https://nixos.org/channels/nixos-unstable nixos-unstable
# sudo nix-channel --update
2023-04-14 07:40:57 +00:00
#unstable = import <nixos-unstable> { config = config.nixpkgs.config; };
#in
2020-12-21 14:13:39 +00:00
{
imports =
2023-01-24 09:43:41 +00:00
[
2022-10-13 13:22:00 +00:00
# Include the results of the hardware scan.
2020-12-21 14:13:39 +00:00
./hardware-configuration.nix
2021-11-18 18:04:41 +00:00
2022-03-31 08:46:12 +00:00
# Hardware support for Moonlander & U2F
./modules/hardware.nix
2022-08-08 08:27:16 +00:00
# Network & VPN configuration
./modules/networking.nix
2021-11-18 18:04:41 +00:00
./modules/audio.nix
./modules/video.nix
2022-03-10 12:24:15 +00:00
#./modules/v4l2loopback.nix
2021-11-18 18:04:41 +00:00
./modules/virtualisation.nix
# Desktop configuration
2021-05-18 12:09:48 +00:00
./modules/sway.nix
2021-11-18 18:04:41 +00:00
./modules/kde.nix
2021-05-18 12:09:48 +00:00
# old i3 compositor
# ./modules/i3.nix
2021-11-18 18:04:41 +00:00
./modules/printing.nix
2021-10-14 14:15:27 +00:00
./modules/backup.nix
2021-11-18 18:04:41 +00:00
# include and configure R
./modules/r.nix
# python with modules
./modules/python.nix
2020-12-21 14:13:39 +00:00
];
2024-01-02 08:38:55 +00:00
# OVERRIDES ##########################################################
nixpkgs.config.permittedInsecurePackages = [
"electron-25.9.0"
2024-02-26 10:54:40 +00:00
"freeimage-unstable-2021-11-01"
2024-01-02 08:38:55 +00:00
];
2022-06-15 15:14:20 +00:00
2020-12-21 14:13:39 +00:00
# set up LUKS discovery
boot.initrd.luks.devices.cryptlvm.device = "/dev/disk/by-uuid/f382cd01-9048-4b1b-8a73-48e1f61e6c08";
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
2023-04-14 07:40:57 +00:00
boot.plymouth = {
enable = true;
theme = "breeze";
};
2022-06-22 12:19:19 +00:00
# ------------ kernel -------------------------------------------------------
boot.kernelPackages = pkgs.linuxKernel.packages.linux_6_5;
2022-06-22 12:19:19 +00:00
2023-05-08 14:37:19 +00:00
services.fwupd.enable = true;
2021-11-18 18:04:41 +00:00
# ------------ time, location & input ---------------------------------------
# Set your time zone.
2023-07-25 12:16:55 +00:00
time.timeZone = "Europe/Berlin"; # "US/Pacific";
2021-11-18 18:04:41 +00:00
# geoclue2 does not yield a location at home, so I'll make the manual configuration the default
# location.provider = "geoclue2";
location.provider = "manual";
# using the location of the cafe ascii should be good enough
location.latitude = 51.0250869;
location.longitude = 13.7210005;
2020-12-21 14:13:39 +00:00
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
console = {
#font = "Lat2-Terminus16";
font = "${pkgs.terminus_font}/share/consolefonts/ter-u28n.psf.gz";
keyMap = pkgs.lib.mkForce "uk";
};
# use the xkb-config from the X server
console.useXkbConfig = true;
# Configure keymap in X11
2024-02-26 10:54:40 +00:00
services.xserver.xkb.layout = "gb";
services.xserver.xkb.options = "eurosign:e,ctrl:nocaps,compose:ralt";
2021-05-18 12:09:48 +00:00
# enable touchpad support
2020-12-21 14:13:39 +00:00
services.xserver.libinput.enable = true;
2023-01-13 15:07:38 +00:00
# ------------ Nix Config ---------------------------------------------------
nix = {
package = pkgs.nixFlakes;
2023-03-02 15:02:34 +00:00
# the builders-use-substitutes is optional; useful when the builder has a faster internet connection than yours
2023-01-13 15:07:38 +00:00
extraOptions = ''
experimental-features = nix-command flakes
2023-03-02 15:02:34 +00:00
builders-use-substitutes = true
2023-01-13 15:07:38 +00:00
'';
buildMachines = [{
# hostName = "ada";
2023-03-02 15:02:34 +00:00
hostName = "141.30.52.34";
2023-01-27 15:44:10 +00:00
sshUser = "builder";
2023-03-02 15:02:34 +00:00
system = "x86_64-linux";
# if the builder supports building for multiple architectures,
# replace the previous line by, e.g.,
# systems = ["x86_64-linux" "aarch64-linux"];
maxJobs = 2;
speedFactor = 2;
supportedFeatures = [ "big-parallel" "kvm" ];
mandatoryFeatures = [ ];
2023-02-16 08:53:28 +00:00
# base64 -w0 /etc/ssh/ssh_host_ed25519_key.pub
publicHostKey = "c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUlTcFY3cVJUZEdXVlpYNFlITnFYZXBYNjZUK0U1dGdCbnAwTlJOTmtKbzcgcm9vdEBhZGEK";
2023-01-27 15:44:10 +00:00
sshKey = "/home/felix/.ssh/id_ed25519";
# }
# {
2023-03-02 15:02:34 +00:00
# hostName = "elm";
2023-01-27 15:44:10 +00:00
# sshUser = "builder";
2023-03-02 15:02:34 +00:00
# system = "x86_64-linux";
# # if the builder supports building for multiple architectures,
# # replace the previous line by, e.g.,
# # systems = ["x86_64-linux" "aarch64-linux"];
# maxJobs = 1;
# speedFactor = 1;
# supportedFeatures = [ "big-parallel" "kvm" ];
# mandatoryFeatures = [ ];
2023-01-27 15:44:10 +00:00
# publicHostKey = "c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUNXTk9oL3ozQjZmSXRGd2lTenlqeDBUTnIveUl6bHNsazdEeEtNcE5sdmwgcm9vdEBlbG0K";
# sshKey = "/home/felix/.ssh/id_ed25519";
2023-03-02 15:02:34 +00:00
}] ;
2023-01-13 15:07:38 +00:00
distributedBuilds = true;
settings.trusted-users = [
"root"
"@wheel"
];
};
2020-12-21 14:13:39 +00:00
2021-11-18 18:04:41 +00:00
# ------------ security -----------------------------------------------------
2020-12-21 14:13:39 +00:00
# Define a user account. Don't forget to set a password with passwd.
users.users.felix = {
createHome = true;
isNormalUser = true;
extraGroups = [ "wheel" "video" "audio" "dialout" ]; # wheel: Enable sudo for the user.
2020-12-21 14:13:39 +00:00
group = "users";
home = "/home/felix";
shell = pkgs.fish;
};
# allow user felix to run openconnect without password
security.sudo.extraRules = [
{
users = [ "felix" ];
commands = [
{ command = "${pkgs.openconnect}/bin/openconnect"; options = [ "NOPASSWD" ]; }
];
}
];
2022-08-26 14:01:00 +00:00
security.pam.u2f = {
enable = true;
cue = true;
};
2021-11-18 18:04:41 +00:00
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
pinentryFlavor = "curses";
};
# ------------ programs -----------------------------------------------------
programs.fish.enable = true;
# programs.vim.defaultEditor = true;
programs.neovim = {
enable = true;
defaultEditor = true;
};
2021-10-26 14:25:03 +00:00
2024-01-29 15:27:38 +00:00
programs.ssh.setXAuthLocation = true;
programs.thunar = {
enable = true;
plugins = with pkgs.xfce; [ thunar-archive-plugin thunar-volman ];
};
programs.firefox = {
enable = true;
package = pkgs.firefox-wayland;
};
programs.git = {
enable = true;
package = pkgs.gitAndTools.gitFull;
};
programs.mosh.enable = true;
programs.nix-index = {
enable = true;
enableZshIntegration = true;
enableBashIntegration = true;
enableFishIntegration = true;
};
2024-02-19 21:56:13 +00:00
programs.command-not-found.enable = false;
2021-11-18 18:04:41 +00:00
# List of packages installed in system profile.
2020-12-21 14:13:39 +00:00
environment.systemPackages = with pkgs; [
2021-03-29 08:15:23 +00:00
## basic command line tooling
2020-12-21 14:13:39 +00:00
wget
w3m
htop
btop
2020-12-21 14:13:39 +00:00
bat
lsd
2023-09-07 12:19:29 +00:00
unstable.eza
2020-12-21 14:13:39 +00:00
ripgrep
2023-03-22 09:12:24 +00:00
fzf
2023-08-03 07:47:24 +00:00
tokei
2024-02-19 21:56:13 +00:00
vim
2023-01-13 15:07:38 +00:00
#sshfs
2020-12-21 14:13:39 +00:00
ncdu
tldr
unzip
2021-04-23 09:57:47 +00:00
bind
inetutils
usbutils
2021-04-23 09:57:47 +00:00
moreutils
file
2023-02-23 17:32:50 +00:00
#tmux
zellij
2022-10-13 13:22:00 +00:00
libqalculate
2023-02-16 08:53:28 +00:00
## xdg-open
xdg-utils
2023-01-13 15:07:38 +00:00
## shell extras
nushell
2021-03-29 08:15:23 +00:00
## password management
2020-12-21 14:13:39 +00:00
pass
pinentry-curses
2021-10-14 14:15:27 +00:00
## admin foo
ansible
2021-03-29 08:15:23 +00:00
## mail
2020-12-21 14:13:39 +00:00
isync
msmtp
2024-02-26 10:54:40 +00:00
neomutt urlscan
2020-12-21 14:13:39 +00:00
notmuch
aspell # spell checking in mail
2022-03-10 12:24:15 +00:00
## Rust
2020-12-21 14:13:39 +00:00
rustup
cargo-flamegraph
cargo-watch
2022-03-10 12:24:15 +00:00
unstable.rust-analyzer
#unstable.helix
2023-03-02 15:02:34 +00:00
2022-03-10 12:24:15 +00:00
## other programming languages and compilers
2020-12-21 14:13:39 +00:00
stack
unstable.haskell-language-server
2020-12-21 14:13:39 +00:00
gcc
2021-03-29 08:15:23 +00:00
binutils-unwrapped
2020-12-21 14:13:39 +00:00
gnumake
cmake
2023-05-08 14:37:19 +00:00
ninja
2021-03-29 08:15:23 +00:00
gdb
2021-10-14 14:15:27 +00:00
ccls
2023-01-25 11:01:50 +00:00
# valgrind
# heaptrack
2023-01-24 09:43:41 +00:00
2023-02-23 18:39:01 +00:00
## nix-community/comma
comma
nix-output-monitor
2023-03-02 15:02:34 +00:00
nil
2023-02-23 18:39:01 +00:00
2023-01-24 09:43:41 +00:00
# provided by my own overlay
mlir
2023-09-04 14:33:33 +00:00
circt
2024-01-12 12:29:17 +00:00
llvmPackages_17.clang
llvmPackages_17.lldb
llvmPackages_17.libcxx
llvmPackages_17.libcxxabi
llvmPackages_17.libllvm
llvmPackages_17.llvm-manpages
llvmPackages_17.openmp
llvmPackages_17.bintools
clang-tools_17
2023-05-08 14:37:19 +00:00
lit
2023-01-24 09:43:41 +00:00
2021-03-29 08:15:23 +00:00
## I heard you like man pages?
2020-12-21 14:13:39 +00:00
man-pages
2021-03-29 08:15:23 +00:00
## git and friends
2020-12-21 14:13:39 +00:00
gitAndTools.delta
gitAndTools.gitui
2022-03-31 08:46:12 +00:00
## terminal, browsers, text editing, note taking
alacritty
# TODO(feliix42): Fix at some point!
2023-06-13 07:00:31 +00:00
unstable.vscode.fhs
tree-sitter # for NVIM completions
2023-01-25 11:01:50 +00:00
ghostwriter
unstable.obsidian
2021-03-29 08:15:23 +00:00
## file managers
2020-12-21 14:13:39 +00:00
ranger
2022-03-10 12:24:15 +00:00
## file sharing
nextcloud-client
2021-03-29 08:15:23 +00:00
## document viewers
2020-12-21 14:13:39 +00:00
pdfpc
zathura
2021-03-29 08:15:23 +00:00
## image manipulation
2023-11-03 10:41:07 +00:00
# gimp
inkscape
libheif
2023-07-20 20:59:47 +00:00
imagemagick
2021-03-29 08:15:23 +00:00
## LaTeX
2020-12-21 14:13:39 +00:00
texlive.combined.scheme-full
## Citation management
2023-11-03 10:41:07 +00:00
# TODO: Enable again when CVE is fixed
2023-10-27 06:15:46 +00:00
#zotero
2021-03-29 08:15:23 +00:00
## the eternal pain continues
2020-12-21 14:13:39 +00:00
libreoffice-fresh
2021-03-29 08:15:23 +00:00
## video and media applications
2024-02-19 21:56:13 +00:00
zoom-us
2023-03-02 15:02:34 +00:00
#unstable.teams
mpv
2020-12-21 14:13:39 +00:00
ffmpeg-full
musikcube
2021-03-29 08:15:23 +00:00
## messenger
slack
2020-12-21 14:13:39 +00:00
tdesktop
signal-desktop
2021-03-29 08:15:23 +00:00
## networking
2020-12-21 14:13:39 +00:00
openconnect
];
2022-08-29 12:38:07 +00:00
services.dbus.enable = true;
2022-03-10 12:24:15 +00:00
xdg.portal = {
enable = true;
extraPortals = with pkgs; [
xdg-desktop-portal-wlr
xdg-desktop-portal-kde
2022-08-29 12:38:07 +00:00
xdg-desktop-portal-gtk
];
2022-03-10 12:24:15 +00:00
wlr = {
enable = true;
settings = {
screencast = {
output_name = "eDP-1";
max_fps = 30;
chooser_type = "simple";
chooser_cmd = "${pkgs.slurp}/bin/slurp -f %o -or";
};
};
};
};
2020-12-21 14:13:39 +00:00
# install fonts
2024-01-12 12:29:17 +00:00
fonts.packages = with pkgs; [
2020-12-21 14:13:39 +00:00
font-awesome
2021-05-18 13:01:16 +00:00
fira
2020-12-21 14:13:39 +00:00
fira-code
fira-code-symbols
2021-10-14 14:15:27 +00:00
iosevka
2020-12-21 14:13:39 +00:00
roboto
roboto-mono
roboto-slab
open-sans
2020-12-21 14:13:39 +00:00
overpass
(nerdfonts.override {
fonts = [ "FiraCode" "DroidSansMono" "Hack" "SourceCodePro" "RobotoMono" "Ubuntu" "UbuntuMono" "Iosevka" "IosevkaTerm"];
2020-12-21 14:13:39 +00:00
})
];
# periodic automated mail fetching
systemd.user.services.mailfetch = {
enable = true;
2021-10-14 14:15:27 +00:00
description = "Automatically fetches new mails.";
wantedBy = [ "graphical-session.target" ];
after = [ "graphical-session.target" ];
serviceConfig = {
Restart = "always";
RestartSec = "60";
};
path = with pkgs; [ bash notmuch isync ];
script = ''
mbsync -a && /home/felix/.config/neomutt/notmuch-hook.sh
'';
};
2020-12-21 14:13:39 +00:00
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
2021-10-14 14:15:27 +00:00
system.stateVersion = "21.05"; # Did you read the comment?
2020-12-21 14:13:39 +00:00
}