{ lib, pkgs, ... }: let timezone = "America/Chicago"; in { imports = [ ../share ]; # Enable nix flakes and nix-command tools nix = { settings = { substituters = [ "https://nix-community.cachix.org" "https://cache.nixos.org/" ]; trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" ]; warn-dirty = lib.mkForce false; experimental-features = lib.mkForce [ "nix-command" "flakes" ]; trusted-users = [ "@wheel" ]; }; # Garbage collect automatically every week gc.automatic = lib.mkDefault true; gc.options = lib.mkDefault "--delete-older-than 30d"; optimise.automatic = lib.mkDefault true; }; # Configure nixpkgs # Enable non free nixpkgs.config.allowUnfree = lib.mkForce true; # Hardware configs hardware = { # Bluetooth bluetooth.enable = lib.mkDefault true; # Enable all firmware enableAllFirmware = lib.mkForce true; }; # Services configs services = { openssh.enable = lib.mkDefault true; # Enable firmware updates fwupd.enable = lib.mkForce true; fstrim.enable = lib.mkDefault true; pcscd.enable = lib.mkDefault true; # Enable CUPS to print documents. printing.enable = lib.mkDefault true; # configure pipewire pipewire = { enable = lib.mkDefault true; alsa.enable = lib.mkDefault true; alsa.support32Bit = lib.mkDefault true; pulse.enable = lib.mkDefault true; }; # Enable Avahi for .local hostname resolution avahi = { enable = lib.mkDefault true; nssmdns4 = lib.mkDefault true; # For modern systems, use nssmdns4 instead of nssmdns publish = { enable = lib.mkDefault true; addresses = lib.mkDefault true; domain = lib.mkDefault true; workstation = lib.mkDefault true; }; }; }; # Time config time = { # Set your time zone. timeZone = timezone; }; boot = { # Enable AppImage binfmt.registrations.appimage = { wrapInterpreterInShell = lib.mkDefault false; interpreter = "${pkgs.appimage-run}/bin/appimage-run"; recognitionType = "magic"; offset = 0; mask = "\\xff\\xff\\xff\\xff\\x00\\x00\\x00\\x00\\xff\\xff\\xff"; magicOrExtension = "\\x7fELF....AI\\x02"; }; }; programs = { zsh.enable = lib.mkDefault true; gnupg.agent = { enable = lib.mkDefault true; enableSSHSupport = lib.mkDefault true; }; command-not-found.enable = lib.mkForce false; }; environment.systemPackages = with pkgs; [ nixd pinentry-curses ]; # users.mutableUsers = lib.mkDefault false; # Security config security = { wrappers."mount.nfs" = { setuid = true; owner = "root"; group = "root"; source = "${pkgs.nfs-utils.out}/bin/mount.nfs"; }; rtkit.enable = lib.mkDefault true; # configure sudo sudo = { enable = lib.mkDefault true; extraRules = [ { commands = [ { command = "${pkgs.systemd}/bin/systemctl suspend"; options = [ "NOPASSWD" ]; } { command = "${pkgs.systemd}/bin/reboot"; options = [ "NOPASSWD" ]; } { command = "${pkgs.systemd}/bin/poweroff"; options = [ "NOPASSWD" ]; } ]; groups = [ "wheel" ]; } ]; }; }; # This option defines the first version of NixOS you have installed on this particular machine, # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. # # Most users should NEVER change this value after the initial install, for any reason, # even if you've upgraded your system to a new NixOS release. # # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, # so changing it will NOT upgrade your system. # # This value being lower than the current NixOS release does NOT mean your system is # out of date, out of support, or vulnerable. # # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, # and migrated your data accordingly. # # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . system.stateVersion = "23.11"; # Did you read the comment? }