dotfiles/entropy/nixos/configuration.nix

409 lines
10 KiB
Nix
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, ... }:
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
# include and configure R
./modules/r.nix
# python with modules
./modules/python.nix
# Wayland
./modules/sway.nix
# old i3 compositor
# ./modules/i3.nix
./modules/backup.nix
];
# set up LUKS discovery
boot.initrd.luks.devices.cryptlvm.device = "/dev/disk/by-uuid/f382cd01-9048-4b1b-8a73-48e1f61e6c08";
# make the screen usable
#hardware.video.hidpi.enable = true;
#services.xserver.dpi = 180;
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
# enable powertop for saving power
#powerManagement.powertop.enable = true;
networking.hostName = "entropy"; # Define your hostname.
networking.wireless = {
enable = true; # Enables wireless support via wpa_supplicant.
interfaces = [ "wlp0s20f3" ];
};
# Set your time zone.
time.timeZone = "Europe/Berlin";
# geoclue2 does not yield a location at home, so I'll make the manual configuration the default
# location.provider = "geoclue2";
location.provider = "manual";
# using the location of the cafe ascii should be good enough
location.latitude = 51.0250869;
location.longitude = 13.7210005;
# The global useDHCP flag is deprecated, therefore explicitly set to false here.
# Per-interface useDHCP will be mandatory in the future, so this generated config
# replicates the default behaviour.
networking.useDHCP = false;
networking.interfaces.enp0s31f6.useDHCP = true;
# USB-C dock
networking.interfaces.enp0s20f0u2u1.useDHCP = true;
networking.interfaces.wlp0s20f3.useDHCP = true;
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
nixpkgs.config = {
# enable hardware-accelerated graphics
packageOverrides = pkgs: {
vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; };
# add nixpkgs for unstable package sources
#unstable = import <nixpkgs> {
#config = config.nixpkgs.config;
#};
};
# allow unfree licenced packges
allowUnfree = true;
};
hardware.opengl = {
enable = true;
extraPackages = with pkgs; [
intel-media-driver # LIBVA_DRIVER_NAME=iHD
vaapiIntel # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium)
vaapiVdpau
libvdpau-va-gl
];
};
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
console = {
#font = "Lat2-Terminus16";
font = "${pkgs.terminus_font}/share/consolefonts/ter-u28n.psf.gz";
keyMap = pkgs.lib.mkForce "uk";
};
# use the xkb-config from the X server
console.useXkbConfig = true;
# Configure keymap in X11
services.xserver.layout = "gb";
services.xserver.xkbOptions = "eurosign:e,ctrl:nocaps,compose:prsc";
# enable touchpad support
services.xserver.libinput.enable = true;
# Enable CUPS to print documents.
services.printing.enable = true;
services.printing.drivers = [
pkgs.gutenprint
pkgs.epson-escpr
];
# set up my printer at home
hardware.printers.ensurePrinters = [
{
description = "My private printer";
deviceUri = "https://192.168.178.30:631/ipp/print";
location = "Home";
model = "epson-inkjet-printer-escpr/Epson-XP-322_323_325_Series-epson-escpr-en.ppd";
name = "Home";
}
];
# setup the printers at work
#hardware.printers.ensurePrinters = [
#{
#description = "CC printer";
#deviceUri = "";
#location = "BAR/III51";
#model = "Ricoh-MP_C307_PS.ppd";
#name = "CC_small";
#}
#{
#description = "PD printer (A3)";
#deviceUri = "";
#location = "BAR/III71B";
#model = "Ricoh-MP_C3004_PS.ppd";
#name = "PD_Chair";
#}
#];
# Enable sound.
sound.enable = true;
# configure pulseaudio to work with bluetooth headsets using aptx
hardware.pulseaudio = {
enable = true;
extraModules = [ pkgs.pulseaudio-modules-bt ];
# the full package is necessary for BT support
package = pkgs.pulseaudioFull;
# switch to bluetooth automatically if they are connected
extraConfig = "
load-module module-switch-on-connect
load-module module-bluetooth-policy auto_switch=2
";
};
nixpkgs.config.pulseaudio = true;
# enable bluetooth in general and add a simple tool for connecting devices
hardware.bluetooth = {
enable = true;
package = pkgs.bluezFull;
# enable A2DP
settings = {
General = {
Enable = "Source,Sink,Media";
Disable = "Socket";
};
};
};
services.blueman.enable = true;
# Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true;
# Define a user account. Don't forget to set a password with passwd.
users.users.felix = {
createHome = true;
isNormalUser = true;
extraGroups = [ "wheel" "video" "audio" "dialout" ]; # wheel: Enable sudo for the user.
group = "users";
home = "/home/felix";
shell = pkgs.fish;
};
# allow user felix to run openconnect without password
security.sudo.extraRules = [
{
users = [ "felix" ];
commands = [
{ command = "${pkgs.openconnect}/bin/openconnect"; options = [ "NOPASSWD" ]; }
];
}
];
## enable fingerprint reader
#services.fprintd.enable = true;
#security.pam.services.login.fprintAuth = true;
##security.pam.services.xscreensaver.fprintAuth = true;
#security.pam.services.sudo.fprintAuth = true;
# set up virtualization with virtualbox
virtualisation.virtualbox.host.enable = true;
# I'm gonna keep this disabled for the sake of my sanity
# virtualisation.virtualbox.host.enableExtensionPack = true;
users.extraGroups.vboxusers.members = [ "felix" ];
# enable docker on-demand
virtualisation.docker.enable = true;
virtualisation.docker.enableOnBoot = false;
users.extraGroups.docker.members = [ "felix" ];
# add overlay for the LF IDE
#nixpkgs.overlays = [
#(self: super: {
#lingua-franca-ide = super.callPackage ./overlays/lf-eclipse.nix { };
#})
#];
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
## basic command line tooling
wget
vim
emacs
w3m
htop
bat
lsd
ripgrep
sshfs
ncdu
tldr
unzip
ncat
bind
inetutils
usbutils
screen
moreutils
file
## audio management
pavucontrol
## password management
pass
pinentry-curses
## admin foo
ansible
## mail
isync
msmtp
neomutt urlview
notmuch
## programming languages and compilers
rustup
cargo-flamegraph
cargo-watch
# python3
stack
haskell-language-server
gcc
binutils-unwrapped
gnumake
cmake
gdb
ccls
valgrind
heaptrack
#lingua-franca-ide
## I heard you like man pages?
man-pages
## git and friends
git
gitAndTools.delta
gitAndTools.gitui
## GitHub actions
act
## terminal, browsers, text editing
kitty
vscodium
eclipses.eclipse-platform
typora
firefox-wayland
# torbrowser
#next
rstudio
## time tracking
watson
## file managers
ranger
xfce.thunar
## document viewers
mupdf
pdfpc
zathura
## PDF manipulation
podofo
poppler_utils
## image manipulation
gimp
inkscape
libheif
## LaTeX
texlive.combined.scheme-full
## the eternal pain continues
libreoffice-fresh
## video and media applications
zoom-us
teams
youtube-dl
mpv
streamlink
ffmpeg-full
musikcube
## messenger
slack
tdesktop
signal-desktop
weechat
## networking
openconnect
## maybe screensharing???
pipewire
xdg-desktop-portal-wlr
];
#services.emacs.enable = true;
# install fonts
fonts.fonts = with pkgs; [
font-awesome
fira
fira-code
fira-code-symbols
iosevka
roboto
roboto-mono
roboto-slab
open-sans
overpass
(nerdfonts.override {
fonts = [ "FiraCode" "DroidSansMono" "Hack" "SourceCodePro" "RobotoMono" "Ubuntu" "UbuntuMono" ];
})
];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
programs.fish.enable = true;
programs.vim.defaultEditor = true;
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
pinentryFlavor = "curses";
};
# List services that you want to enable:
# Enable the OpenSSH daemon.
# services.openssh.enable = true;
services.udev.packages = [ pkgs.libu2f-host ];
# for SAMBA file shares
services.gvfs.enable = true;
# allow brightness control
services.illum.enable = true;
# enable OpenVPN for connecting to the TUD network
services.openvpn.servers.tud = {
config = '' config /home/felix/.config/vpn/TUD.ovpn '';
autoStart = false; #true;
updateResolvConf = true;
};
# periodic automated mail fetching
systemd.user.services.mailfetch = {
enable = true;
description = "Automatically fetches new mails.";
wantedBy = [ "graphical-session.target" ];
after = [ "graphical-session.target" ];
serviceConfig = {
Restart = "always";
RestartSec = "60";
};
path = with pkgs; [ bash notmuch isync ];
script = ''
mbsync -a && /home/felix/.config/neomutt/notmuch-hook.sh
'';
};
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "21.05"; # Did you read the comment?
}