schmittlauch/nixconfigs
2
0
Fork 0
Code Issues 1 Pull requests Releases Wiki Activity
nixconfigs/nixos/configuration.nix

228 lines
6 KiB
Nix
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, ... }:
let
fsOptions = [ "noatime" "ssd" "space_cache" "compress=zstd" ];
unstable = import <nixos-unstable> {};
in
{
imports =
[
# Include the results of the hardware scan.
./hardware-configuration.nix
./packages.nix
# home manager integration
<home-manager/nixos>
];
# encrypted partitions
boot.initrd.luks =
{
devices =
{
"system".device = "/dev/disk/by-uuid/85154131-b2a8-4ef5-9d74-47429cb267ef";
"cryptswap".device = "/dev/disk/by-uuid/ac586df6-6332-4809-beb1-f51906a2adaa";
};
reusePassphrases = true;
};
fileSystems."/".options = fsOptions ++ [ "subvol=nixos_root" "noatime" ];
fileSystems."/home".options = fsOptions ++ [ "subvol=home" "relatime" ];
boot.tmpOnTmpfs = true;
fileSystems."/tmp".fsType = "tmpfs";
services.davfs2.enable = true;
# try newer kernels
#boot.kernelPackages = pkgs.linuxPackages_latest;
services.fstrim.enable = true;
services.btrfs.autoScrub =
{
enable = true;
fileSystems = [ "/" "/home" ];
};
# exfat support
#boot.extraModulePackages = [ config.boot.kernelPackages.exfat-nofuse ];
zramSwap =
{
enable = true;
memoryPercent = 20;
};
boot.kernel.sysctl."vm.swappiness" = 9;
# powermanagement
services.tlp =
{
enable = true;
extraConfig = ''
SATA_LINKPWR_ON_BAT=medium_power
SATA_LINKPWR_ON_AC=max_performance
'';
};
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.kernelParams = [ "iwlwifi.fw_monitor=1" ]; # enable iwlwifi debugging
networking.hostName = "thinknix";
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# configure console
console = {
font = "Lat2-Terminus16";
keyMap = "de";
};
# Select internationalisation properties.
i18n = {
defaultLocale = "de_DE.UTF-8";
};
# Set your time zone.
time.timeZone = "Europe/Berlin";
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
programs.bash.enableCompletion = true;
# programs.mtr.enable = true;
# programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
# List services that you want to enable:
# Enable the OpenSSH daemon.
# services.openssh.enable = true;
programs.ssh.startAgent = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
networking.firewall.allowedTCPPortRanges = [ { from = 1714; to = 1764; } ];
networking.firewall.allowedUDPPortRanges = [ { from = 1714; to = 1764; } ]; # for KDE connect
# Or disable the firewall altogether.
# networking.firewall.enable = false;
networking.networkmanager.enable = true;
services.avahi.enable = true;
# Enable CUPS to print documents.
services.printing =
{
enable = true;
drivers = [ pkgs.hplip ];
};
# scanners
hardware.sane =
{
enable = true;
extraBackends = [ pkgs.hplip ];
};
# nixpkgs.config.allowUnfreePredicate = (
# pkg:
# pkg.name == pkgs.hplipWithPlugin.name
# );
# Enable sound.
sound.enable = true;
hardware.pulseaudio.enable = true;
# decouple pulseaudio application and sink volumes
hardware.pulseaudio.daemon.config = { flat-volumes = "no"; };
# Bluetooth
hardware.bluetooth = {
enable = true;
config.General.Disable = "Headset"; # disable headset profile
};
hardware.pulseaudio.package = pkgs.pulseaudioFull;
# Enable the X11 windowing system.
services.xserver.enable = true;
services.xserver.layout = "de";
services.xserver.xkbOptions = "eurosign:e";
services.xserver.videoDrivers = [ "modesetting" "intel" ];
# Enable touchpad support.
services.xserver.libinput.enable = true;
# Enable the KDE Desktop Environment.
services.xserver.displayManager.sddm.enable = true;
services.xserver.desktopManager.plasma5.enable = true;
# Flatpak support
services.flatpak.enable = true;
xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-kde ];
# Define a user account. Don't forget to set a password with passwd.
users.extraUsers.spiollinux = {
isNormalUser = true;
uid = 1000;
extraGroups = [ "vboxusers" "wheel" "networkmanager" "scanner" "lp" "wireshark" "dialout" "cdrom" "input" ];
shell = pkgs.zsh;
};
#home-manager.users.spiollinux = import "${users.users.spiollinux.home}/nixconfigs/home/home.nix" { pkgs, ...};
# enable virtualbox support
virtualisation.virtualbox.host.enable = true;
users.extraGroups.vboxusers.members = [ "spiollinux" ];
# wireshark noroot gropu
users.groups.wireshark.gid = 500;
security.wrappers.dumpcap = {
source = "${pkgs.wireshark}/bin/dumpcap";
permissions = "u+xs,g+x";
owner = "root";
group = "wireshark";
};
programs.zsh =
{
enable = true;
autosuggestions.enable = true;
};
services.psd.enable = true;
services.smartd =
{
enable = true;
devices = [ { device = "/dev/sda"; } { device = "/dev/sdb"; } ];
};
fonts = {
enableFontDir = true;
fontconfig.enable = true;
};
# fix nix-env memory issues
boot.kernel.sysctl."vm.overcommit_memory" = "1";
# keep build-time deps around for offline-rebuilding
nix.extraOptions = ''
gc-keep-outputs = true
gc-keep-derivations = true
trusted-users = spiollinux
'';
# use all cores for building
nix.buildCores = 0;
# package debugging
# programs.sysdig.enable = true;
# This value determines the NixOS release with which your system is to be
# compatible, in order to avoid breaking some software such as database
# servers. You should change this only after NixOS release notes say you
# should.
system.stateVersion = "18.09"; # Did you read the comment?
}
Reference in a new issue View git blame Copy permalink