nixconfigs/common/default.nix

267 lines
6.3 KiB
Nix
Raw Normal View History

{
config,
pkgs,
lib,
...
}:
2018-09-25 23:09:53 +02:00
let
inputs = config.inputInjection.flake-inputs;
unstable = inputs.nixos-unstable;
2020-02-16 21:58:51 +01:00
in
{
imports = [
./packages.nix
./nitrokey.nix
./nix-settings.nix
./upgrade-diff.nix
./guest.nix
];
2018-09-25 23:09:53 +02:00
2019-11-22 20:01:11 +01:00
services.davfs2.enable = true;
2018-10-13 19:58:56 +02:00
# exfat support
#boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ];
2018-09-25 23:09:53 +02:00
# make the boot look good
boot.plymouth.enable = true;
2020-03-08 02:10:28 +01:00
# configure console
console = {
font = "Lat2-Terminus16";
keyMap = "de";
};
2018-09-25 23:09:53 +02:00
# Select internationalisation properties.
i18n = {
defaultLocale = "de_DE.UTF-8";
};
# Set your time zone.
time.timeZone = "Europe/Berlin";
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
programs.bash.completion.enable = true;
programs.wireshark = {
enable = true;
package = pkgs.wireshark;
};
2020-06-09 22:26:02 +02:00
programs.adb.enable = true;
2024-01-11 01:13:42 +01:00
programs.mtr.enable = true;
2018-09-25 23:09:53 +02:00
# programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
# List services that you want to enable:
# Enable the OpenSSH daemon.
# services.openssh.enable = true;
2020-02-16 21:58:51 +01:00
programs.ssh.startAgent = true;
2018-09-25 23:09:53 +02:00
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
networking.firewall.allowedTCPPortRanges = [
{
from = 1714;
to = 1764;
}
];
networking.firewall.allowedUDPPortRanges = [
{
from = 1714;
to = 1764;
}
]; # for KDE connect
# FIXME: kdeconnect module
2018-09-25 23:09:53 +02:00
# Or disable the firewall altogether.
# networking.firewall.enable = false;
2020-02-16 21:58:51 +01:00
networking.networkmanager = {
enable = true;
# FIXME: move into own file, use SOPS for secrets
ensureProfiles.profiles = {
"37C3" = {
connection = {
id = "37C3";
type = "wifi";
interface-name = "wlan0";
};
wifi = {
mode = "infrastructure";
ssid = "37C3";
};
wifi-security = {
auth-alg = "open";
key-mgmt = "wpa-eap";
};
"802-1x" = {
anonymous-identity = "37C3";
eap = "ttls;";
identity = "37C3";
password = "37C3";
phase2-auth = "pap";
altsubject-matches = "DNS:radius.c3noc.net";
ca-cert = "${builtins.fetchurl {
url = "https://letsencrypt.org/certs/isrgrootx1.pem";
sha256 = "sha256:1la36n2f31j9s03v847ig6ny9lr875q3g7smnq33dcsmf2i5gd92";
}}";
};
ipv4 = {
method = "auto";
};
ipv6 = {
addr-gen-mode = "default";
method = "auto";
};
};
};
};
2018-09-25 23:09:53 +02:00
services.avahi.enable = true;
2018-09-25 23:09:53 +02:00
# Enable CUPS to print documents.
services.printing = {
enable = true;
drivers = [ pkgs.hplip ];
};
2018-09-26 15:20:59 +02:00
# scanners
hardware.sane = {
enable = true;
extraBackends = [ pkgs.hplip ];
};
2018-09-25 23:09:53 +02:00
2018-09-26 15:24:25 +02:00
# Bluetooth
hardware.bluetooth = {
enable = true;
2021-06-03 13:28:46 +02:00
settings.General.Disable = "Headset"; # disable headset profile
};
2018-09-26 15:24:25 +02:00
# FIXME: at some point, hide GUI and sound (desktop vs. server) behind an option
2018-09-25 23:09:53 +02:00
# Enable the X11 windowing system.
2024-06-11 07:36:07 +02:00
services.xserver = {
enable = true;
xkb.layout = "de";
xkb.options = "eurosign:e";
};
2018-09-25 23:09:53 +02:00
# Enable touchpad support.
2024-06-11 07:36:07 +02:00
services.libinput.enable = true;
2018-09-25 23:09:53 +02:00
# while libinput also supports graphic tablets, enable more-specific wacom driver
services.xserver.wacom.enable = true;
2018-09-25 23:09:53 +02:00
# Enable the KDE Desktop Environment.
services.displayManager.sddm = {
enable = true;
wayland.enable = true;
};
services.desktopManager.plasma6.enable = true;
# TODO: move out into a plasma.nix module
programs.kde-pim = {
enable = true;
kmail = true;
kontact = true;
merkuro = true;
};
# enable wayland for Chromium and Electron
environment.sessionVariables.NIXOS_OZONE_WL = "1";
2018-09-25 23:09:53 +02:00
# dconf required for several Gnome applications
programs.dconf.enable = true;
programs.firefox.enable = true; # enables support for automatically setting additionsl nativeMessagingHosts
2020-01-24 20:09:14 +01:00
# Flatpak support
services.flatpak.enable = true;
xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-kde ];
2023-10-26 22:02:37 +02:00
# Define a user account. Don't forget to set a password with `passwd`.
users.users.spiollinux = {
2018-09-25 23:09:53 +02:00
isNormalUser = true;
uid = 1000;
extraGroups = [
"vboxusers"
"wheel"
"networkmanager"
"scanner"
"lp"
"wireshark"
"dialout"
"cdrom"
"input"
"adbusers"
];
2018-09-25 23:09:53 +02:00
shell = pkgs.zsh;
};
# enable virtualbox support
virtualisation.virtualbox.host = {
enable = true;
#enableExtensionPack = true;
};
# allow PUEL license
nixpkgs.config.whitelistedLicenses = [ pkgs.lib.licenses.virtualbox-puel ];
users.extraGroups.vboxusers.members = [ "spiollinux" ];
programs.zsh = {
enable = true;
autosuggestions.enable = true;
};
2018-09-25 23:09:53 +02:00
# profile sync daemon
services.psd.enable = true;
2018-10-13 22:11:30 +02:00
2020-02-16 21:58:51 +01:00
fonts = {
2021-06-03 13:28:46 +02:00
fontDir.enable = true;
2020-02-16 21:58:51 +01:00
fontconfig.enable = true;
fontconfig.includeUserConf = true;
2020-02-16 21:58:51 +01:00
};
2018-10-31 00:20:14 +01:00
# Enable all sysrq functions (useful to recover from some issues):
boot.kernel.sysctl."kernel.sysrq" = 1; # NixOS default: 16 (only the sync command)
nix.package = pkgs.lix;
nix.settings.trusted-users = [ "spiollinux" ];
# override tmpdir for daemon
#systemd.services.nix-daemon.environment.TMPDIR = "/var/tmp";
2018-09-25 23:09:53 +02:00
2023-01-03 18:49:13 +01:00
# remote builders
#nix.buildMachines = [
# {
# hostName = "build01.nix-community.org";
# sshUser = "ssh-ng://schmittlauch";
# sshKey = "/root/.ssh/remote_builder_key";
# system = "x86_64-linux";
# maxJobs = 64;
# supportedFeatures = [
# "big-parallel"
# "kvm"
# "nixos-test"
# ];
# }
#];
programs.ssh.knownHosts."build01.nix-community.org".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIElIQ54qAy7Dh63rBudYKdbzJHrrbrrMXLYl7Pkmk88H";
2019-10-02 22:26:15 +02:00
# package debugging
# programs.sysdig.enable = true;
2019-10-02 22:26:15 +02:00
# declarative containers
containers = {
2021-06-09 10:05:51 +02:00
# hash2PubSim = import ./Hash2PubTestbed.nix
# {
# inherit pkgs config;
# experimentUid = config.users.users.spiollinux.uid;
# projectDir = "/home/spiollinux/Seafile/Studium/Semester11/INF-PM-FP-ANW";
# };
};
# stop NetworkManager from managing virtual interfaces
networking.networkmanager.unmanaged = [ "interface-name:ve-*" ];
services.dbus.implementation = "broker";
2018-09-25 23:09:53 +02:00
}