mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

organization

Browse Source
This commit is contained in:
mjallen18
2024-02-24 23:08:52 -06:00
parent dc6ebf3cbb
commit f0e5baea4b
22 changed files with 811 additions and 205 deletions
Download Patch File Download Diff File Expand all files Collapse all files

343
hosts/desktop/configuration.nix Normal file
View File

@@ -0,0 +1,343 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{ config, lib, pkgs, ... }:
let
user = "matt";
password = "$y$j9T$EkPXmsmIMFFZ.WRrBYCxS1$P0kwo6e4.WM5DsqUcEqWC3MrZp5KfCjxffraMFZWu06";
hostname = "matt-nixos";
timezone = "America/Chicago";
# discover-wrapper is needed as of 1/24/24 since PackageKit does not work correctly so this removes error messages.
discover-wrapped = pkgs.symlinkJoin
{
name = "discover-flatpak-backend";
paths = [ pkgs.libsForQt5.discover ];
buildInputs = [ pkgs.makeWrapper ];
postBuild = ''
wrapProgram $out/bin/plasma-discover --add-flags "--backends flatpak"
'';
};
in
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
./cachix/cachix.nix
];
# Enable nix flakes and nix-command tools
nix.settings.experimental-features = [ "nix-command" "flakes" ];
# Configure bootloader with lanzaboot and secureboot
boot = {
loader = {
systemd-boot = {
enable = false;
configurationLimit = 2;
};
efi = {
canTouchEfiVariables = true;
efiSysMountPoint = "/boot";
};
};
lanzaboote = {
enable = true;
pkiBundle = "/etc/secureboot";
settings = {
default = "@saved";
console-mode = "max";
};
configurationLimit = 2;
};
# Override kernel to latest
kernelPackages = pkgs.linuxPackages_latest;
kernelParams = [
"quiet" "amdgpu.ppfeaturemask=0xffffffff"
];
consoleLogLevel = 3;
bootspec.enable = true;
# Network option required using sysctl to let Ubisoft Connect work as of 7-12-2023
kernel.sysctl."net.ipv4.tcp_mtu_probing" = 1;
# Enable AppImage
binfmt.registrations.appimage = {
wrapInterpreterInShell = false;
interpreter = "${pkgs.appimage-run}/bin/appimage-run";
recognitionType = "magic";
offset = 0;
mask = ''\xff\xff\xff\xff\x00\x00\x00\x00\xff\xff\xff'';
magicOrExtension = ''\x7fELF....AI\x02'';
};
};
# Hardware configs
hardware = {
# Bluetooth
bluetooth.enable = true;
# Xbox controllers
xpadneo.enable = true;
# Steam udev rules for remote play
steam-hardware.enable = true;
# Enable all firmware
enableAllFirmware = true;
# Disable pulse audio in favor of pipewire
pulseaudio.enable = false;
opengl.enable = true;
# Enables support for 32bit libs that steam uses
opengl.driSupport32Bit = true;
};
# Services configs
services = {
# Enable firmware updates
fwupd.enable = true;
# Enable the X11 windowing system.
xserver = {
enable = true;
# Enable the Plasma 6 Desktop Environment.
displayManager = {
sddm.enable = true;
defaultSession = "plasma";
};
desktopManager.plasma6.enable = true;
};
# Enable CUPS to print documents.
printing.enable = true;
# configure pipewire
pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
# enable auto discovery of printers
avahi = {
enable = true;
nssmdns4 = true;
openFirewall = true;
};
# Enable Flatpak
flatpak.enable = true;
flatpak.packages = [
"com.discordapp.Discord"
"com.spotify.Client"
"com.visualstudio.code"
"it.mijorus.gearlever"
"org.libreoffice.LibreOffice"
"net.davidotek.pupgui2" # Proton-Up Qt
"io.github.prateekmedia.appimagepool"
];
};
systemd.services.fix-wifi = {
path = [ pkgs.bash ];
script = ''
sleep 5
if ping -q -c1 10.0.1.1 &>/dev/null; then
echo "No need to fix wifi"
else
echo 1 | tee /sys/bus/pci/devices/0000\:09\:00.0/reset
rmmod iwlwifi
modprobe iwlwifi
fi
'';
wantedBy = [ "multi-user.target" ];
};
# Networking configs
networking = {
hostName = hostname;
# Enable Network Manager
networkmanager.enable = true;
};
# Time config
time = {
# Set your time zone.
timeZone = timezone;
hardwareClockInLocalTime = true;
};
# xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-kde ];
xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
# Security config
security = {
rtkit.enable = true;
# configure sudo
sudo = {
enable = true;
extraRules = [{
commands = [
{
command = "${pkgs.systemd}/bin/systemctl suspend";
options = [ "NOPASSWD" ];
}
{
command = "${pkgs.systemd}/bin/reboot";
options = [ "NOPASSWD" ];
}
{
command = "${pkgs.systemd}/bin/poweroff";
options = [ "NOPASSWD" ];
}
{
command = "/home/matt/nix-config/reset_wifi";
options = [ "NOPASSWD" ];
}
];
groups = [ "wheel" ];
}];
};
# Configure polkit
polkit = {
enable = true;
extraConfig = ''
polkit.addRule(function(action, subject) {
if ((action.id == "org.corectrl.helper.init" ||
action.id == "org.corectrl.helperkiller.init") &&
subject.local == true &&
subject.active == true &&
subject.isInGroup("wheel")) {
return polkit.Result.YES;
}
});
'';
};
};
# Configure environment
environment = {
# List packages installed in system profile. To search, run:
# $ nix search wget
systemPackages = with pkgs; [
vim
wget
nano
os-prober
efibootmgr
git
sbctl
gparted
discover-wrapped
pciutils
papirus-icon-theme
vulkan-tools
aspell
aspellDicts.en
aspellDicts.en-computers
aspellDicts.en-science
aha
clinfo
neofetch
gamescope
mangohud
goverlay
heroic
];
# Force radv
variables.AMD_VULKAN_ICD = "RADV";
};
# Configure programs
programs = {
fish.enable = true;
java.enable = true;
corectrl.enable = true;
# Steam
steam = {
enable = true;
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
};
};
# Configure nixpkgs
nixpkgs = {
config = {
# Enable non free
allowUnfree = true;
permittedInsecurePackages = [
# allow insecure electron for etcher
"electron-19.1.9"
];
packageOverrides = pkgs: {
steam = pkgs.steam.override {
extraPkgs = pkgs: with pkgs; [
xorg.libXcursor
xorg.libXi
xorg.libXinerama
xorg.libXScrnSaver
libpng
libpulseaudio
libvorbis
stdenv.cc.cc.lib
libkrb5
keyutils
];
};
};
};
};
# Define a user account. Don't forget to set a password with passwd.
users.users."${user}" = {
isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" ]; # Enable sudo for the user.
shell = pkgs.fish;
packages = with pkgs; [
firefox
tree
lm_sensors
vmware-horizon-client
etcher
freerdp
];
};
# This option defines the first version of NixOS you have installed on this particular machine,
# and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
#
# Most users should NEVER change this value after the initial install, for any reason,
# even if you've upgraded your system to a new NixOS release.
#
# This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
# so changing it will NOT upgrade your system.
#
# This value being lower than the current NixOS release does NOT mean your system is
# out of date, out of support, or vulnerable.
#
# Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
# and migrated your data accordingly.
#
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "23.11"; # Did you read the comment?
}