# Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page, on # https://search.nixos.org/options and in the NixOS manual (`nixos-help`). { config, pkgs, lib, namespace, ... }: { imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix ./filesystems.nix ./boot.nix ./apps.nix ./grafana.nix ./networking.nix ./ups.nix ./users.nix ./samba.nix ./services.nix ./sops.nix ]; services.kmscon.enable = true; powerManagement.cpuFreqGovernor = "powersave"; ${namespace} = { bootloader.lanzaboote.enable = true; desktop.cosmic.enable = false; hardware.nvidia = { enable = true; enableBeta = true; enableOpen = true; nvidiaSettings = true; enableNvidiaDocker = true; }; network = { hostName = "jallen-nas"; ipv4 = { address = "10.0.1.3/24"; method = "manual"; }; }; user = { name = "admin"; }; }; security.tpm2 = { enable = true; }; # Configure environment environment = { etc.machine-id.text = '' 57cdf5fc27f3469f80d0a339f1238aeb ''; systemPackages = with pkgs; [ attic-client bcachefs-tools binutils cryptsetup clevis cmake deconz duperemove efibootmgr ffmpeg gcc glances ipset jq llama-cpp ninja # inputs.nas-nixai.packages.x86_64-linux.nixai networkmanagerapplet nmon nut packagekit pass protonmail-bridge protonvpn-cli python3 python3Packages.llama-cpp-python qrencode rcon sbctl speedtest-cli tigervnc tpm2-tools tpm2-tss ]; }; # Configure programs programs = { virt-manager.enable = true; nix-ld.enable = true; screen.enable = true; coolercontrol = { enable = true; nvidiaSupport = true; }; msmtp = { enable = false; accounts = { default = { auth = true; tls_starttls = false; host = "smtp.gmail.com"; user = "matt.l.jallen"; from = "matt.l.jallen@gmail.com"; passwordeval = "cat ${config.sops.secrets."jallen-nas/gitea/mail-key".path}"; }; }; defaults = { port = 465; tls = true; }; }; }; hardware.fancontrol = { enable = false; config = '' # Configuration file generated by pwmconfig, changes will be lost # hwmon6/temp9_input -- chipset temp? # hwmon2/temp1_input -- cpu temp? # hwmon6/pwm5 -- chipset fan? # hwmon6/pwm2, hwmon6/pwm3 -- cpu fans? # hwmon6/pwm4 -- case fans? INTERVAL=10 DEVPATH=hwmon2=devices/pci0000:00/0000:00:18.3 hwmon6=devices/platform/nct6775.656 DEVNAME=hwmon2=k10temp hwmon6=nct6798 FCTEMPS=hwmon6/pwm5=hwmon6/temp9_input hwmon6/pwm2=hwmon2/temp1_input hwmon6/pwm3=hwmon2/temp1_input hwmon6/pwm4=hwmon2/temp1_input FCFANS=hwmon6/pwm5=hwmon6/fan5_input hwmon6/pwm2=hwmon6/fan2_input hwmon6/pwm3=hwmon6/fan3_input hwmon6/pwm4=hwmon6/fan4_input MINTEMP=hwmon6/pwm5=20 hwmon6/pwm2=20 hwmon6/pwm3=20 hwmon6/pwm4=20 MAXTEMP=hwmon6/pwm5=60 hwmon6/pwm2=90 hwmon6/pwm3=90 hwmon6/pwm4=90 MINSTART=hwmon6/pwm5=16 hwmon6/pwm2=90 hwmon6/pwm3=45 hwmon6/pwm4=60 MINSTOP=hwmon6/pwm5=14 hwmon6/pwm2=0 hwmon6/pwm3=30 hwmon6/pwm4=45 MINPWM=hwmon6/pwm5=14 hwmon6/pwm2=0 hwmon6/pwm3=0 hwmon6/pwm4=0 MAXPWM=hwmon6/pwm5=255 hwmon6/pwm2=255 hwmon6/pwm3=255 hwmon6/pwm4=255 ''; }; # Virtualisation virtualisation = { podman = { enable = true; dockerCompat = true; autoPrune.enable = true; defaultNetwork.settings = { dns_enabled = true; }; }; libvirtd.enable = true; }; # Enable nix flakes and nix-command tools nix = { settings = { substituters = [ "https://nix-community.cachix.org" "https://cache.nixos.org/" ]; trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" ]; warn-dirty = lib.mkForce false; experimental-features = lib.mkForce [ "nix-command" "flakes" ]; trusted-users = [ "@wheel" ]; }; # Garbage collect automatically every week gc.automatic = lib.mkDefault true; gc.options = lib.mkDefault "--delete-older-than 30d"; optimise.automatic = lib.mkDefault true; }; }