mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

clean up configuration.nix to move all configurations to the same locations

Browse Source
This commit is contained in:
mjallen18
2024-02-15 13:37:52 -06:00
parent 37540f1ef4
commit 3c7124593c
1 changed files with 244 additions and 252 deletions
Download Patch File Download Diff File Expand all files Collapse all files

494
configuration.nix
View File

@@ -4,6 +4,9 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let let
user = "matt";
hostname = "matt-nixos";
timezone = "America/Chicago";
# discover-wrapper is needed as of 1/24/24 since PackageKit does not work correctly so this removes error messages. # discover-wrapper is needed as of 1/24/24 since PackageKit does not work correctly so this removes error messages.
discover-wrapped = pkgs.symlinkJoin discover-wrapped = pkgs.symlinkJoin
{ {
@@ -25,157 +28,270 @@ in
# Enable nix flakes and nix-command tools # Enable nix flakes and nix-command tools
nix.settings.experimental-features = [ "nix-command" "flakes" ]; nix.settings.experimental-features = [ "nix-command" "flakes" ];
# Enable non free # Configure bootloader with lanzaboot and secureboot
nixpkgs.config.allowUnfree = true; boot = {
loader = {
systemd-boot = {
enable = false;
configurationLimit = 2;
};
time.hardwareClockInLocalTime = true; efi = {
canTouchEfiVariables = true;
# Use the systemd-boot EFI boot loader. efiSysMountPoint = "/boot";
boot.loader.systemd-boot.enable = false; };
boot.loader.systemd-boot.configurationLimit = 2; };
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.efi.efiSysMountPoint = "/boot"; lanzaboote = {
# boot.plymouth.enable = true; enable = true;
boot.bootspec.enable = true; pkiBundle = "/etc/secureboot";
boot.consoleLogLevel = 3; settings = {
boot.kernelParams = [ default = "@saved";
"quiet" "amdgpu.ppfeaturemask=0xffffffff" console-mode = "max";
]; };
configurationLimit = 2;
boot.lanzaboote = { };
enable = true;
pkiBundle = "/etc/secureboot"; # Override kernel to latest
settings = { kernelPackages = pkgs.linuxPackages_latest;
default = "@saved";
console-mode = "max"; kernelParams = [
"quiet" "amdgpu.ppfeaturemask=0xffffffff"
];
consoleLogLevel = 3;
bootspec.enable = true;
# Network option required using sysctl to let Ubisoft Connect work as of 7-12-2023
kernel.sysctl."net.ipv4.tcp_mtu_probing" = 1;
# Enable AppImage
binfmt.registrations.appimage = {
wrapInterpreterInShell = false;
interpreter = "${pkgs.appimage-run}/bin/appimage-run";
recognitionType = "magic";
offset = 0;
mask = ''\xff\xff\xff\xff\x00\x00\x00\x00\xff\xff\xff'';
magicOrExtension = ''\x7fELF....AI\x02'';
}; };
configurationLimit = 2;
}; };
services.fwupd.enable = true; # Hardware configs
hardware.enableAllFirmware = true; hardware = {
# Bluetooth
bluetooth.enable = true;
# Override kernel to latest # Xbox controllers
boot.kernelPackages = pkgs.linuxPackages_latest; xpadneo.enable = true;
networking.hostName = "matt-nixos"; # Define your hostname. # Steam udev rules for remote play
# Pick only one of the below networking options. steam-hardware.enable = true;
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
# Bluetooth # Enable all firmware
hardware.bluetooth.enable = true; enableAllFirmware = true;
hardware.xpadneo.enable = true;
# Steam udev rules for remote play # Disable pulse audio in favor of pipewire
hardware.steam-hardware.enable = true; pulseaudio.enable = false;
# Set your time zone. opengl.enable = true;
time.timeZone = "America/Chicago"; # Enables support for 32bit libs that steam uses
opengl.driSupport32Bit = true;
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Network option required using sysctl to let Ubisoft Connect work as of 7-12-2023
boot.kernel.sysctl."net.ipv4.tcp_mtu_probing" = 1;
# Select internationalisation properties.
# i18n.defaultLocale = "en_US.UTF-8";
# console = {
# font = "Lat2-Terminus16";
# keyMap = "us";
# useXkbConfig = true; # use xkb.options in tty.
# };
# Enable the X11 windowing system.
services.xserver.enable = true;
# Enable the Plasma 5 Desktop Environment.
services.xserver.displayManager.sddm.enable = true;
# services.xserver.desktopManager.plasma5.enable = true;
services.xserver.desktopManager.plasma6.enable = true;
# services.xserver.displayManager.defaultSession = "plasmawayland";
services.xserver.displayManager.defaultSession = "plasma";
# Configure keymap in X11
# services.xserver.xkb.layout = "us";
# services.xserver.xkb.options = "eurosign:e,caps:escape";
# Enable CUPS to print documents.
services.printing.enable = true;
# enable auto discovery of printers
services.avahi = {
enable = true;
nssmdns4 = true;
openFirewall = true;
};
# Enable sound.
# sound.enable = true;
# hardware.pulseaudio.enable = true;
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
}; };
# Enable Flatpak # Services configs
services.flatpak.enable = true; services = {
# Enable firmware updates
fwupd.enable = true;
# Enable the X11 windowing system.
xserver = {
enable = true;
# Enable the Plasma 6 Desktop Environment.
displayManager = {
sddm.enable = true;
defaultSession = "plasma";
};
desktopManager.plasma6.enable = true;
};
# Enable CUPS to print documents.
printing.enable = true;
# configure pipewire
pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
# enable auto discovery of printers
avahi = {
enable = true;
nssmdns4 = true;
openFirewall = true;
};
# Enable Flatpak
flatpak.enable = true;
flatpak.packages = [
"com.discordapp.Discord"
"com.spotify.Client"
"com.visualstudio.code"
"it.mijorus.gearlever"
"org.libreoffice.LibreOffice"
"net.davidotek.pupgui2" # Proton-Up Qt
"io.github.prateekmedia.appimagepool"
];
};
# Networking configs
networking = {
hostName = hostname;
# Enable Network Manager
networkmanager.enable = true;
};
# Time config
time = {
# Set your time zone.
timeZone = timezone;
hardwareClockInLocalTime = true;
}
# xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-kde ]; # xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-kde ];
xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk ]; xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
services.flatpak.packages = [ # Security config
"com.discordapp.Discord" security = {
"com.spotify.Client" rtkit.enable = true;
"com.visualstudio.code"
"it.mijorus.gearlever"
"org.libreoffice.LibreOffice"
"net.davidotek.pupgui2" # Proton-Up Qt
"io.github.prateekmedia.appimagepool"
];
# Enable AppImage # configure sudo
boot.binfmt.registrations.appimage = { sudo = {
wrapInterpreterInShell = false; enable = true;
interpreter = "${pkgs.appimage-run}/bin/appimage-run"; extraRules = [{
recognitionType = "magic"; commands = [
offset = 0; {
mask = ''\xff\xff\xff\xff\x00\x00\x00\x00\xff\xff\xff''; command = "${pkgs.systemd}/bin/systemctl suspend";
magicOrExtension = ''\x7fELF....AI\x02''; options = [ "NOPASSWD" ];
}
{
command = "${pkgs.systemd}/bin/reboot";
options = [ "NOPASSWD" ];
}
{
command = "${pkgs.systemd}/bin/poweroff";
options = [ "NOPASSWD" ];
}
{
command = "/home/matt/nix-config/reset_wifi";
options = [ "NOPASSWD" ];
}
];
groups = [ "wheel" ];
}];
};
# Configure polkit
polkit = {
enable = true;
extraConfig = ''
polkit.addRule(function(action, subject) {
if ((action.id == "org.corectrl.helper.init" ||
action.id == "org.corectrl.helperkiller.init") &&
subject.local == true &&
subject.active == true &&
subject.isInGroup("wheel")) {
return polkit.Result.YES;
}
});
'';
};
}; };
# Force radv # Configure environment
environment.variables.AMD_VULKAN_ICD = "RADV"; environment = {
# List packages installed in system profile. To search, run:
# $ nix search wget
systemPackages = with pkgs; [
vim
wget
nano
os-prober
efibootmgr
git
sbctl
gparted
discover-wrapped
pciutils
papirus-icon-theme
vulkan-tools
aspell
aspellDicts.en
aspellDicts.en-computers
aspellDicts.en-science
aha
clinfo
neofetch
gamescope
mangohud
goverlay
heroic
];
hardware.opengl.extraPackages = [ # Force radv
pkgs.amdvlk variables.AMD_VULKAN_ICD = "RADV";
]; };
# To enable Vulkan support for 32-bit applications, also add: # Configure programs
hardware.opengl.extraPackages32 = [ programs = {
pkgs.driversi686Linux.amdvlk fish.enable = true;
]; java.enable = true;
hardware.opengl.enable = true; corectrl.enable = true;
# For etcher # Steam
nixpkgs.config.permittedInsecurePackages = [ steam = {
"electron-19.1.9" enable = true;
]; remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
};
};
# Enable touchpad support (enabled default in most desktopManager). # Configure nixpkgs
# services.xserver.libinput.enable = true; nixpkgs = {
config = {
# Enable non free
allowUnfree = true;
programs.fish.enable = true; permittedInsecurePackages = [
# allow insecure electron for etcher
"electron-19.1.9"
];
packageOverrides = pkgs: {
steam = pkgs.steam.override {
extraPkgs = pkgs: with pkgs; [
xorg.libXcursor
xorg.libXi
xorg.libXinerama
xorg.libXScrnSaver
libpng
libpulseaudio
libvorbis
stdenv.cc.cc.lib
libkrb5
keyutils
];
};
};
};
};
# Define a user account. Don't forget to set a password with passwd. # Define a user account. Don't forget to set a password with passwd.
users.users.matt = { users.users."${user}" = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" ]; # Enable sudo for the user. extraGroups = [ "wheel" "networkmanager" ]; # Enable sudo for the user.
shell = pkgs.fish; shell = pkgs.fish;
@@ -188,130 +304,6 @@ in
]; ];
}; };
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
wget
nano
os-prober
efibootmgr
git
sbctl
gparted
discover-wrapped
pciutils
papirus-icon-theme
vulkan-tools
aspell
aspellDicts.en
aspellDicts.en-computers
aspellDicts.en-science
aha
clinfo
# eglinfo
# glxinfo
# wayland-info
neofetch
gamescope
mangohud
goverlay
heroic
];
programs.java.enable = true;
programs.corectrl.enable = true;
# Steam
programs.steam = {
enable = true;
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
};
hardware.opengl.driSupport32Bit = true; # Enables support for 32bit libs that steam uses
nixpkgs.config.packageOverrides = pkgs: {
steam = pkgs.steam.override {
extraPkgs = pkgs: with pkgs; [
xorg.libXcursor
xorg.libXi
xorg.libXinerama
xorg.libXScrnSaver
libpng
libpulseaudio
libvorbis
stdenv.cc.cc.lib
libkrb5
keyutils
];
};
};
security.sudo = {
enable = true;
extraRules = [{
commands = [
{
command = "${pkgs.systemd}/bin/systemctl suspend";
options = [ "NOPASSWD" ];
}
{
command = "${pkgs.systemd}/bin/reboot";
options = [ "NOPASSWD" ];
}
{
command = "${pkgs.systemd}/bin/poweroff";
options = [ "NOPASSWD" ];
}
{
command = "/home/matt/nix-config/reset_wifi";
options = [ "NOPASSWD" ];
}
];
groups = [ "wheel" ];
}];
};
security.polkit = {
enable = true;
extraConfig = ''
polkit.addRule(function(action, subject) {
if ((action.id == "org.corectrl.helper.init" ||
action.id == "org.corectrl.helperkiller.init") &&
subject.local == true &&
subject.active == true &&
subject.isInGroup("wheel")) {
return polkit.Result.YES;
}
});
'';
};
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable:
# Enable the OpenSSH daemon.
# services.openssh.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
# This option defines the first version of NixOS you have installed on this particular machine, # This option defines the first version of NixOS you have installed on this particular machine,
# and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
# #