# Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page, on # https://search.nixos.org/options and in the NixOS manual (`nixos-help`). { config, outputs, lib, pkgs, ... }: let user = "matt"; passwordFile = config.sops.secrets."desktop/matt_password".path; hostname = "matt-nixos"; fixWifiScript = pkgs.writeScriptBin "fix-wifi" '' #!/usr/bin/env python3 import subprocess import socket import logging from typing import List, Optional def check_internet_connection(hosts_to_check: Optional[List[str]] = None) -> bool: """ Check internet connectivity by attempting to connect to reliable hosts. :param hosts_to_check: Optional list of hosts to check. :return: Boolean indicating if internet connection is available """ if hosts_to_check is None: hosts_to_check = [ "8.8.8.8", # Google DNS "1.1.1.1", # Cloudflare DNS "9.9.9.9" # Quad9 DNS ] for host in hosts_to_check: try: # Create a socket connection with a 5-second timeout socket.create_connection((host, 53), timeout=5) return True except (socket.error, socket.timeout): continue return False def reset_wifi_card() -> bool: """ Execute WiFi card reset commands. :return: Boolean indicating if reset commands were successful """ reset_commands = [ "echo 1 | sudo -u root tee /sys/bus/pci/devices/0000:09:00.0/reset", "sudo rmmod iwlwifi", "sudo modprobe iwlwifi" ] try: for command in reset_commands: result = subprocess.run( command, shell=True, check=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, text=True ) print(f"Executed: {command}") print(f"Output: {result.stdout}") return True except subprocess.CalledProcessError as e: print(f"Error resetting WiFi: {e}") print(f"Error output: {e.stderr}") return False def main(): """ Check internet connection and reset WiFi if not connected. """ if not check_internet_connection(): print("No internet connection detected. Attempting WiFi reset...") reset_wifi_card() else: print("Internet connection is stable. No reset needed.") if __name__ == "__main__": main() ''; in { imports = [ # Include the results of the hardware scan. ../../modules/apps/discover-wrapped ./hardware-configuration.nix ./boot.nix ./filesystems.nix ./sops.nix ../default.nix ../../share/amd # specialisations # ./cosmic # ./hyprland ]; apps.discover-wrapped.enable = lib.mkDefault false; chaotic.mesa-git.enable = true; # Enable nix flakes and nix-command tools nix = { settings = { substituters = [ "https://cache.mjallen.dev" "https://nix-community.cachix.org" "https://cache.nixos.org/" ]; trusted-public-keys = [ "cache.mjallen.dev-1:IzFmKCd8/gggI6lcCXsW65qQwiCLGFFN9t9s2iw7Lvc=" "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" ]; warn-dirty = lib.mkForce false; experimental-features = lib.mkForce [ "nix-command" "flakes" ]; }; trusted-users = lib.mkDefault [ "root" user ]; }; services = { # Enable Desktop Environment. xserver = { desktopManager.gnome.enable = true; # Enable Desktop Environment. displayManager = { gdm.enable = lib.mkForce true; gdm.wayland = lib.mkForce true; }; }; # Enable Flatpak flatpak.enable = lib.mkDefault false; # enable auto discovery of printers avahi = { enable = lib.mkDefault true; nssmdns4 = lib.mkDefault true; openFirewall = lib.mkDefault true; }; restic.backups = { jallen-nas = { initialize = true; createWrapper = true; inhibitsSleep = true; environmentFile = config.sops.templates."restic.env".path; passwordFile = config.sops.secrets."desktop/restic/password".path; repository = "rest:http://admin:BogieDudie1@10.0.1.18:8008"; paths = [ "/home/matt" ]; exclude = [ "/home/matt/Games" "/home/matt/1TB" "/home/matt/Downloads" "/home/matt/Nextcloud" "/home/matt/.cache" "/home/matt/.local/share/Steam" "/home/matt/.var/app/com.valvesoftware.Steam" "/home/matt/.tmp" "/home/matt/.thumbnails" "/home/matt/.compose-cache" ]; }; proton-drive = { initialize = true; createWrapper = true; inhibitsSleep = true; passwordFile = config.sops.secrets."desktop/restic/password".path; rcloneConfigFile = "/home/matt/.config/rclone/rclone.conf"; repository = "rclone:proton-drive:backup-nix"; paths = [ "/home/matt" ]; exclude = [ "/home/matt/Games" "/home/matt/1TB" "/home/matt/Downloads" "/home/matt/Nextcloud" "/home/matt/.cache" "/home/matt/.local/share/Steam" "/home/matt/.var/app/com.valvesoftware.Steam" "/home/matt/.tmp" "/home/matt/.thumbnails" "/home/matt/.compose-cache" ]; }; }; btrfs = { autoScrub.enable = lib.mkDefault true; autoScrub.fileSystems = lib.mkDefault [ "/nix" "/root" "/etc" "/var/log" "/home" ]; }; ratbagd.enable = lib.mkDefault true; }; # xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-kde ]; share.hardware.amd = { enable = lib.mkDefault true; lact.enable = lib.mkDefault true; }; share.gaming.enable = true; systemd = { services = { fix-wifi = { enable = lib.mkDefault true; path = [ pkgs.bash pkgs.python3 pkgs.networkmanager pkgs.kmod fixWifiScript ]; wantedBy = [ "multi-user.target" ]; after = [ "network.target" ]; serviceConfig = { Type = "oneshot"; ExecStart = [ "${fixWifiScript}/bin/fix-wifi" ]; }; }; }; user.services = { rclone-home-proton = { enable = lib.mkDefault false; path = [ pkgs.bash pkgs.rclone ]; script = '' rclone sync /home/matt proton-drive:backup-nix --exclude '/home/matt/Games/**' --exclude '/home/matt/1TB/**' --exclude '/home/matt/Downloads/**' ''; }; rsync-home = { enable = lib.mkDefault false; path = [ pkgs.bash pkgs.rsync pkgs.openssh ]; script = '' rsync -rtpogvPlHzs --ignore-existing --exclude={'/home/matt/Games', '/home/matt/1TB', '/home/matt/Downloads/*', '/home/matt/.cache'} -e ssh /home/matt admin@10.0.1.18:/media/nas/main/backup/desktop-nix/home ''; }; }; }; # Networking configs networking = { hostName = hostname; # Enable Network Manager networkmanager.enable = lib.mkDefault true; networkmanager.wifi.powersave = lib.mkDefault false; networkmanager.settings.connectivity.uri = lib.mkDefault "http://nmcheck.gnome.org/check_network_status.txt"; }; # Time config time = { hardwareClockInLocalTime = lib.mkDefault false; }; virtualisation.libvirtd.enable = lib.mkDefault true; virtualisation.waydroid.enable = lib.mkDefault true; programs.gamemode.enable = lib.mkDefault true; programs.coolercontrol = { enable = true; }; # Configure environment environment = { # List packages installed in system profile. To search, run: # $ nix search wget systemPackages = with pkgs; [ aha aspell aspellDicts.en aspellDicts.en-computers aspellDicts.en-science borgbackup brscan5 clinfo direnv efibootmgr fixWifiScript gparted grsync kmod kdePackages.ksvg lact memtest86-efi memtest86plus nano onlyoffice-bin os-prober nil papirus-icon-theme pciutils stable.qemu_full rclone rclone-browser restic restic-browser restic-integrity rsync sane-frontends sbctl smartmontools usbutils udisks2 vim vulkan-tools wget winetricks # native wayland support (unstable) wineWowPackages.waylandFull ]; etc."lact/config.yaml".text = '' daemon: log_level: info admin_groups: - wheel - sudo disable_clocks_cleanup: false apply_settings_timer: 5 gpus: 1002:73BF-1002:0E3A-0000:03:00.0: fan_control_enabled: true fan_control_settings: mode: curve static_speed: 1.0 temperature_key: edge interval_ms: 500 curve: 30: 0.0 40: 0.2 50: 0.35 60: 0.5 70: 0.75 80: 1.0 spindown_delay_ms: 0 change_threshold: 0 pmfw_options: {} power_cap: 293.0 performance_level: auto voltage_offset: 0 power_states: {} ''; variables = { STEAM_FORCE_DESKTOPUI_SCALING = "1.0"; GDK_SCALE = "1"; }; }; # Configure nixpkgs nixpkgs = { overlays = [ outputs.overlays.nixpkgs-unstable outputs.overlays.nixpkgs-stable ]; config.permittedInsecurePackages = [ # ... ]; }; # Define a user account. Don't forget to set a password with ‘passwd’. users.users."${user}" = { isNormalUser = lib.mkDefault true; extraGroups = [ "wheel" "keys" "networkmanager" "ratbagd" "input" "scanner" "lp" ]; # Enable ‘sudo’ for the user. hashedPasswordFile = passwordFile; shell = pkgs.zsh; }; hardware = { keyboard = { qmk.enable = true; }; sane = { enable = true; brscan5.enable = true; dsseries.enable = false; extraBackends = [ pkgs.brscan5 ]; }; }; }