mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Files
620144980ed2760d6bd11b28fa94cd1c14cc5f52
nix-config/hosts/default.nix
mjallen18 b670f3a652 actually fix flake
2025-03-19 20:35:18 -05:00

172 lines
4.4 KiB
Nix
Executable File
Raw Blame History

{ lib, pkgs, ... }:
let
timezone = "America/Chicago";
in
{
imports = [
../share
];
# Enable nix flakes and nix-command tools
nix = {
settings = {
substituters = [
"https://nix-community.cachix.org"
"https://cache.nixos.org/"
];
trusted-public-keys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
warn-dirty = lib.mkForce false;
experimental-features = lib.mkForce [
"nix-command"
"flakes"
];
trusted-users = [ "@wheel" ];
};
# Garbage collect automatically every week
gc.automatic = lib.mkDefault true;
gc.options = lib.mkDefault "--delete-older-than 30d";
optimise.automatic = lib.mkDefault true;
};
# Configure nixpkgs
# Enable non free
nixpkgs.config.allowUnfree = lib.mkForce true;
# Hardware configs
hardware = {
# Bluetooth
bluetooth.enable = lib.mkDefault true;
# Enable all firmware
enableAllFirmware = lib.mkForce true;
};
# Services configs
services = {
openssh.enable = lib.mkDefault true;
# Enable firmware updates
fwupd.enable = lib.mkForce true;
fstrim.enable = lib.mkDefault true;
pcscd.enable = lib.mkDefault true;
# Enable CUPS to print documents.
printing.enable = lib.mkDefault true;
# configure pipewire
pipewire = {
enable = lib.mkDefault true;
alsa.enable = lib.mkDefault true;
alsa.support32Bit = lib.mkDefault true;
pulse.enable = lib.mkDefault true;
};
# Enable Avahi for .local hostname resolution
avahi = {
enable = lib.mkDefault true;
nssmdns4 = lib.mkDefault true; # For modern systems, use nssmdns4 instead of nssmdns
publish = {
enable = lib.mkDefault true;
addresses = lib.mkDefault true;
domain = lib.mkDefault true;
workstation = lib.mkDefault true;
};
};
};
# Time config
time = {
# Set your time zone.
timeZone = timezone;
};
boot = {
# Enable AppImage
binfmt.registrations.appimage = {
wrapInterpreterInShell = lib.mkDefault false;
interpreter = "${pkgs.appimage-run}/bin/appimage-run";
recognitionType = "magic";
offset = 0;
mask = "\\xff\\xff\\xff\\xff\\x00\\x00\\x00\\x00\\xff\\xff\\xff";
magicOrExtension = "\\x7fELF....AI\\x02";
};
};
programs = {
zsh.enable = lib.mkDefault true;
gnupg.agent = {
enable = lib.mkDefault true;
enableSSHSupport = lib.mkDefault true;
};
command-not-found.enable = lib.mkForce false;
};
environment.systemPackages = with pkgs; [
nixd
pinentry-curses
];
# users.mutableUsers = lib.mkDefault false;
# Security config
security = {
wrappers."mount.nfs" = {
setuid = true;
owner = "root";
group = "root";
source = "${pkgs.nfs-utils.out}/bin/mount.nfs";
};
rtkit.enable = lib.mkDefault true;
# configure sudo
sudo = {
enable = lib.mkDefault true;
extraRules = [
{
commands = [
{
command = "${pkgs.systemd}/bin/systemctl suspend";
options = [ "NOPASSWD" ];
}
{
command = "${pkgs.systemd}/bin/reboot";
options = [ "NOPASSWD" ];
}
{
command = "${pkgs.systemd}/bin/poweroff";
options = [ "NOPASSWD" ];
}
];
groups = [ "wheel" ];
}
];
};
};
# This option defines the first version of NixOS you have installed on this particular machine,
# and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
#
# Most users should NEVER change this value after the initial install, for any reason,
# even if you've upgraded your system to a new NixOS release.
#
# This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
# so changing it will NOT upgrade your system.
#
# This value being lower than the current NixOS release does NOT mean your system is
# out of date, out of support, or vulnerable.
#
# Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
# and migrated your data accordingly.
#
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "23.11"; # Did you read the comment?
}
Reference in New Issue View Git Blame Copy Permalink