# Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page, on # https://search.nixos.org/options and in the NixOS manual (`nixos-help`). { config, # outputs, lib, pkgs, ... }: let user = "matt"; passwordFile = config.sops.secrets."desktop/matt_password".path; hostname = "matt-nixos"; resetNetworkScript = pkgs.writeScriptBin "reset-network" '' #!/usr/bin/env bash echo "checking network..." if nmcli -t -f STATE general | grep -q "connected"; then exit 0 else echo "resetting network..." echo 1 | tee /sys/bus/pci/devices/0000\:09\:00.0/reset rmmod iwlwifi modprobe iwlwifi fi ''; in { imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix ./boot.nix ./filesystems.nix ./sops.nix ../default.nix # specialisations ./cosmic ./hyprland ./gnome ]; apps.discover-wrapped.enable = lib.mkDefault false; nix.settings.trusted-users = lib.mkDefault [ "root" user ]; services = { # Enable Desktop Environment. displayManager = { sddm.enable = lib.mkDefault true; sddm.wayland.enable = lib.mkDefault true; sddm.theme = lib.mkDefault "breeze"; defaultSession = lib.mkDefault "plasma"; }; desktopManager.plasma6.enable = lib.mkDefault true; # Enable Flatpak flatpak.enable = lib.mkDefault true; }; # xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-kde ]; share.hardware.amd = { enable = lib.mkDefault true; lact.enable = lib.mkDefault true; }; share.gaming.enable = true; # Services configs services = { # Enable the X11 windowing system. xserver = { enable = lib.mkDefault true; }; # enable auto discovery of printers avahi = { enable = lib.mkDefault true; nssmdns4 = lib.mkDefault true; openFirewall = lib.mkDefault true; }; borgbackup.jobs.home-matt = { encryption.mode = "repokey"; encryption.passCommand = "cat /root/borg"; environment.BORG_RSH = "ssh -i /home/matt/.ssh/id_ed25519"; repo = "/media/nas/backup/desktop-nix/borg/home"; compression = "auto,zstd"; inhibitsSleep = true; paths = "/home/matt"; exclude = [ "/home/matt/Games" "/home/matt/1TB" ]; }; btrfs = { autoScrub.enable = lib.mkDefault true; autoScrub.fileSystems = lib.mkDefault [ "/nix" "/root" "/etc" "/var/log" "/home" ]; }; ratbagd.enable = lib.mkDefault true; }; systemd = { services = { fix-wifi = { enable = lib.mkDefault true; path = [ pkgs.bash pkgs.networkmanager pkgs.kmod ]; wantedBy = [ "multi-user.target" ]; after = [ "network.target" ]; serviceConfig = { Type = "oneshot"; ExecStart = [ "${resetNetworkScript}/bin/reset-network" ]; }; }; }; user.services = { rclone-home-proton = { enable = lib.mkDefault true; path = [ pkgs.bash pkgs.rclone ]; script = '' rclone sync /home/matt proton-drive:backup-nix --exclude '/home/matt/Games/**' --exclude '/home/matt/1TB/**' --exclude '/home/matt/Downloads/**' ''; }; rsync-home = { enable = lib.mkDefault true; path = [ pkgs.bash pkgs.rsync pkgs.openssh ]; script = '' rsync -rtpogvPlHzs --ignore-existing --exclude={'/home/matt/Games', '/home/matt/1TB', '/home/matt/Downloads/*', '/home/matt/.cache'} -e ssh /home/matt admin@10.0.1.18:/media/nas/main/backup/desktop-nix/home ''; }; }; }; # Networking configs networking = { hostName = hostname; # Enable Network Manager networkmanager.enable = lib.mkDefault true; networkmanager.wifi.powersave = lib.mkDefault false; networkmanager.settings.connectivity.uri = lib.mkDefault "http://nmcheck.gnome.org/check_network_status.txt"; }; # Time config time = { hardwareClockInLocalTime = lib.mkDefault false; }; virtualisation.libvirtd.enable = lib.mkDefault true; programs.gamemode.enable = lib.mkDefault true; # Configure environment environment = { # List packages installed in system profile. To search, run: # $ nix search wget systemPackages = with pkgs; [ aha aspell aspellDicts.en aspellDicts.en-computers aspellDicts.en-science borgbackup clinfo direnv efibootmgr gparted grsync kmod kdePackages.ksvg lact nano onlyoffice-bin os-prober nil papirus-icon-theme pciutils # python3 # python3Packages.requests rclone rclone-browser rsync sbctl vim vulkan-tools wget # winetricks (all versions) winetricks # native wayland support (unstable) wineWowPackages.waylandFull ]; sessionVariables = lib.mkDefault { STEAM_FORCE_DESKTOPUI_SCALING = "1"; }; etc."lact/config.yaml".text = '' daemon: log_level: info admin_groups: - wheel - sudo disable_clocks_cleanup: false apply_settings_timer: 5 gpus: 1002:73BF-1002:0E3A-0000:03:00.0: fan_control_enabled: true fan_control_settings: mode: curve static_speed: 1.0 temperature_key: edge interval_ms: 500 curve: 30: 0.0 40: 0.2 50: 0.35 60: 0.5 70: 0.75 80: 1.0 spindown_delay_ms: 0 change_threshold: 0 pmfw_options: {} power_cap: 293.0 performance_level: auto voltage_offset: 0 power_states: {} ''; }; # Configure nixpkgs nixpkgs.config.permittedInsecurePackages = [ # ... ]; # Define a user account. Don't forget to set a password with ‘passwd’. users.users."${user}" = { isNormalUser = lib.mkDefault true; extraGroups = [ "wheel" "keys" "networkmanager" "ratbagd" "input" ]; # Enable ‘sudo’ for the user. hashedPasswordFile = passwordFile; shell = pkgs.zsh; }; # This option defines the first version of NixOS you have installed on this particular machine, # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. # # Most users should NEVER change this value after the initial install, for any reason, # even if you've upgraded your system to a new NixOS release. # # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, # so changing it will NOT upgrade your system. # # This value being lower than the current NixOS release does NOT mean your system is # out of date, out of support, or vulnerable. # # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, # and migrated your data accordingly. # # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . system.stateVersion = "23.11"; # Did you read the comment? }