mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Files
e91bd250a4b83818753c075e1fbb2f19e293bdfc
nix-config/hosts/desktop/configuration.nix
mjallen18 e91bd250a4 update lanzaboote
2024-07-04 09:57:38 -05:00

307 lines
7.1 KiB
Nix
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{
config,
outputs,
lib,
pkgs,
...
}:
let
user = "matt";
password = "$y$j9T$EkPXmsmIMFFZ.WRrBYCxS1$P0kwo6e4.WM5DsqUcEqWC3MrZp5KfCjxffraMFZWu06";
hostname = "matt-nixos";
gnome = false;
plasma = true;
resetNetworkScript = pkgs.writeScriptBin "reset-network" ''
#!/usr/bin/env bash
echo "checking network..."
if nmcli -t -f STATE general | grep -q "connected"; then
exit 0
else
echo "resetting network..."
echo 1 | tee /sys/bus/pci/devices/0000\:09\:00.0/reset
rmmod iwlwifi
modprobe iwlwifi
fi
'';
in
{
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
# ../../cachix/cachix.nix
../default.nix
];
share.hardware.amd = {
enable = true;
lact.enable = true;
};
share.gaming.enable = true;
apps.discover-wrapped.enable = plasma;
# Configure bootloader with lanzaboot and secureboot
boot = {
loader = {
systemd-boot = {
enable = false;
configurationLimit = 2;
};
efi = {
canTouchEfiVariables = true;
efiSysMountPoint = "/boot";
};
};
lanzaboote = {
enable = true;
pkiBundle = "/etc/secureboot";
settings = {
default = "@saved";
console-mode = "max";
};
configurationLimit = 5;
};
# Override kernel to latest
kernelPackages = pkgs.linuxPackages_latest;
kernelParams = [ "quiet" ];
consoleLogLevel = 3;
bootspec.enable = true;
};
# Services configs
services = {
# Enable the X11 windowing system.
xserver = {
enable = true;
# Enable Desktop Environment.
displayManager = {
gdm.enable = gnome;
};
desktopManager.gnome.enable = gnome;
};
# Enable Desktop Environment.
displayManager = {
sddm.enable = plasma;
sddm.wayland.enable = plasma;
defaultSession = if plasma then "plasma" else "gnome";
};
desktopManager.plasma6.enable = plasma;
# enable auto discovery of printers
avahi = {
enable = true;
nssmdns4 = true;
openFirewall = true;
};
# Enable Flatpak
flatpak.enable = true;
flatpak.packages = [
"com.discordapp.Discord"
"com.spotify.Client"
"com.visualstudio.code"
"it.mijorus.gearlever"
"org.libreoffice.LibreOffice"
"net.davidotek.pupgui2" # Proton-Up Qt
"io.github.prateekmedia.appimagepool"
"org.freedesktop.Piper"
"com.usebottles.bottles"
];
};
systemd.services = {
fix-wifi = {
path = [ pkgs.bash pkgs.networkmanager pkgs.kmod ];
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
Type="oneshot";
ExecStart = [ "${resetNetworkScript}/bin/reset-network" ];
};
};
rsync-home = {
path = [ pkgs.bash pkgs.rsync ];
script = ''
rsync -rtpogv --progress --ignore-existing --exclude={'/home/matt/Games/*', '/home/matt/1TB/*'} -lHzs /home/matt /media/nas/backup/desktop-nix/home
'';
};
};
# Networking configs
networking = {
hostName = hostname;
# Enable Network Manager
networkmanager.enable = true;
networkmanager.settings.connectivity.uri = "http://nmcheck.gnome.org/check_network_status.txt";
};
# Time config
time = {
hardwareClockInLocalTime = true;
};
# xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-kde ];
# xdg.portal.extraPortals = mkIf plasma [ pkgs.xdg-desktop-portal-gtk ];
# Configure environment
environment = {
# List packages installed in system profile. To search, run:
# $ nix search wget
systemPackages = with pkgs; [
aha
aspell
aspellDicts.en
aspellDicts.en-computers
aspellDicts.en-science
borgbackup
clinfo
efibootmgr
gparted
grsync
kmod
lact
nano
os-prober
papirus-icon-theme
pciutils
rsync
sbctl
vim
vulkan-tools
wget
# winetricks (all versions)
winetricks
# native wayland support (unstable)
wineWowPackages.waylandFull
];
sessionVariables = {
STEAM_FORCE_DESKTOPUI_SCALING = "1";
};
};
# Configure nixpkgs
nixpkgs.config.permittedInsecurePackages = [
# ...
];
# Define a user account. Don't forget to set a password with passwd.
users.users."${user}" = {
isNormalUser = true;
extraGroups = [
"wheel"
"networkmanager"
"ratbagd"
]; # Enable sudo for the user.
shell = pkgs.zsh;
};
services = {
# borgbackup.jobs.home-matt = {
# paths = "/home/matt";
# encryption.mode = "none";
# # environment.BORG_RSH = "ssh -i /home/matt/.ssh/id_ed25519";
# repo = "/media/nas/backup/desktop-nix/home";
# compression = "auto,zstd";
# exclude = [
# "/home/matt/Games"
# "/home/matt/1TB"
# ];
# };
btrfs = {
autoScrub.enable = true;
autoScrub.fileSystems = [
"/nix"
"/root"
"/etc"
"/var/log"
"/home"
];
};
ratbagd.enable = true;
};
fileSystems."/media/nas/backup" = {
device = "//10.0.1.18/Backup";
fsType = "cifs";
options = [
"sec=none"
"x-systemd.automount"
"auto"
"rw"
"file_mode=0775"
"dir_mode=0775"
"uid=matt"
"gid=wheel"
];
};
fileSystems."/media/nas/isos" = {
device = "//10.0.1.18/isos";
fsType = "cifs";
options = [
"sec=none"
"x-systemd.automount"
"auto"
"rw"
"file_mode=0775"
"dir_mode=0775"
"uid=matt"
"gid=wheel"
];
};
fileSystems."/media/nas/3d_printer" = {
device = "//10.0.1.18/3d_printer";
fsType = "cifs";
options = [
"sec=none"
"x-systemd.automount"
"auto"
"rw"
"file_mode=0775"
"dir_mode=0775"
"uid=matt"
"gid=wheel"
];
};
# This option defines the first version of NixOS you have installed on this particular machine,
# and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
#
# Most users should NEVER change this value after the initial install, for any reason,
# even if you've upgraded your system to a new NixOS release.
#
# This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
# so changing it will NOT upgrade your system.
#
# This value being lower than the current NixOS release does NOT mean your system is
# out of date, out of support, or vulnerable.
#
# Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
# and migrated your data accordingly.
#
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "23.11"; # Did you read the comment?
}
Reference in New Issue View Git Blame Copy Permalink