# Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, ... }: { imports = [ # Include the results of the hardware scan. /etc/nixos/hardware-configuration.nix /etc/nixos/private.nix ./cachix.nix ]; nixpkgs.config.allowUnfree = true; nix = { package = pkgs.nixFlakes; extraOptions = '' experimental-features = nix-command flakes ca-references builders-use-substitutes = true ''; distributedBuilds = true; }; # Kernel version boot.kernelPackages = pkgs.linuxPackages_5_14; # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot.enable = true; boot.loader.efi = { canTouchEfiVariables = true; efiSysMountPoint = "/boot/efi"; }; boot.loader.grub = { enable = true; version = 2; device = "nodev"; efiSupport = true; enableCryptodisk = true; }; boot.initrd.luks.devices = { root = { device = "/dev/disk/by-uuid/70c16b36-14b6-4939-9fc9-210774614e72"; preLVM = true; }; }; networking.hostName = "dustbowl"; # Define your hostname. networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. networking.wireless.interfaces = [ "wlp2s0" ]; # networking.wireless.userControlled.enable = true; # The global useDHCP flag is deprecated, therefore explicitly set to false here. # Per-interface useDHCP will be mandatory in the future, so this generated config # replicates the default behaviour. networking.useDHCP = false; networking.interfaces.wlp2s0.useDHCP = true; # services.dnscrypt-proxy2 = { # enable = true; # settings = { # require_nolog = true; # require_nofilter = true; # sources.public-resolvers = { # urls = [ "https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md" ]; # cache_file = "public-resolvers.md"; # minisign_key = "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3"; # refresh_delay = 72; # }; # }; # }; # udev rules services.udev.packages = with pkgs; [ yubikey-personalization ]; # services.logind.lidSwitch = "ignore"; # Configure console console = { font = "Lat2-Terminus16"; keyMap = "de"; }; # Select internationalisation properties. i18n = { defaultLocale = "en_US.UTF-8"; }; # Set location (e.g. for redshift) location = { latitude = 1.3766; longitude = 103.8160; }; environment.systemPackages = with pkgs; [ ntfs3g file usbutils pciutils calc wget unzip zip psmisc htop vim vis git pamix bubblewrap openconnect yubikey-personalization yubico-pam nmap bind.dnsutils # X server setup # dwm # st alacritty xsel mons maim # Wayland setup grim slurp wl-clipboard mako # GUI software emacs firefox thunderbird mpv zathura imv ]; environment.pathsToLink = [ "/libexec" ]; # Use doas instead of sudo security.sudo.enable = false; security.doas = { enable = true; extraRules = [ { groups = ["wheel"]; persist = true; keepEnv = true; } ]; }; # Enable gnupg programs.gnupg.agent.enable = true; programs.fish.enable = true; # Steam programs.steam.enable = true; # hardware.opengl.driSupport32Bit = true; # hardware.opengl.extraPackages32 = with pkgs.pkgsi686Linux; [ libva ]; # hardware.pulseaudio.support32Bit = true; nixpkgs.config.packageOverrides = pkgs: rec { # Override emacs emacs = pkgs.emacs.override { withGTK3 = true; withGTK2 = false; }; # Override firefox firefox = pkgs.firefox.override { forceWayland = true; }; }; # Configuration for dwm # nixpkgs.config.dwm = { # conf = builtins.fetchurl { # url = "https://gitlab.com/joachimschmidt557/dotfiles/-/raw/master/dwm/config.h"; # sha256 = "6fe60337a89b6bdec55351df3fba03b4e9689d786b726073702d0fbf41324882"; # }; # }; # Configuration for st # nixpkgs.config.st = { # patches = let # scrollback = builtins.fetchurl { # url = "https://st.suckless.org/patches/scrollback/st-scrollback-20200419-72e3f6c.diff"; # sha256 = "042k00iy8fvr3xvq93fmnhmjqpl1kns24x50xsa82npgllbzwh8y"; # }; # scrollbackMouse = builtins.fetchurl { # url = "https://st.suckless.org/patches/scrollback/st-scrollback-mouse-20191024-a2c479c.diff"; # sha256 = "0z961sv4pxa1sxrbhalqzz2ldl7qb26qk9l11zx1hp8rh3cmi51i"; # }; # newTerm = builtins.fetchurl { # url = "http://st.suckless.org/patches/newterm/st-newterm-0.8.2.diff"; # sha256 = "10r7cbdym0zvifdsvaf34adzc1qc9nwywvg6g9bmhaafjrxjqr91"; # }; # in [ ]; # conf = let # path = builtins.fetchurl { # url = "https://gitlab.com/joachimschmidt557/dotfiles/-/raw/master/st/config_scrollback.h"; # sha256 = "0fm2j0i72p9s4wyv4szk7ai6jckv33m2z9g17a3xksvi8q77g7zp"; # }; # in builtins.readFile path; # }; # Open ports in the firewall. networking.firewall.allowedTCPPorts = [ 8080 ]; networking.firewall.allowedUDPPorts = [ 8080 ]; # Enable CUPS to print documents. services.printing.enable = true; services.printing.drivers = [ pkgs.hplipWithPlugin ]; hardware.sane.enable = true; hardware.sane.extraBackends = [ pkgs.hplipWithPlugin ]; # Redshift # services.redshift = { # enable = true; # package = pkgs.redshift-wlr; # temperature.day = 6500; # temperature.night = 2000; # }; systemd.user.services.wlsunset = { description = "wlsunset colour temperature adjuster"; wantedBy = [ "graphical-session.target" ]; partOf = [ "graphical-session.target" ]; serviceConfig = { ExecStart = '' ${pkgs.wlsunset}/bin/wlsunset \ -l 49.5 \ -L 8.4 \ -t 2000 \ ''; RestartSec = 3; Restart = "always"; }; }; # Hardware # Enable sound. sound.enable = true; # hardware.pulseaudio = { # enable = true; # package = pkgs.pulseaudioFull; # extraModules = [ pkgs.pulseaudio-modules-bt ]; # }; hardware.bluetooth.enable = true; # UPower services.upower.enable = true; # RealtimeKit security.rtkit.enable = true; # Video acceleration hardware.opengl.extraPackages = [ pkgs.vaapiIntel ]; # Enable the X11 windowing system. services.xserver = { enable = true; layout = "de"; xkbModel = "pc105"; xkbVariant = "neo_qwertz"; dpi = 150; # displayManager.startx.enable = true; desktopManager.xterm.enable = false; }; # PipeWire services.pipewire = { enable = true; alsa = { enable = true; support32Bit = true; }; pulse.enable = true; }; # Window manager services.xserver.windowManager.i3 = { enable = true; extraPackages = with pkgs; [ dmenu i3status i3lock ]; }; services.xserver.libinput = { enable = true; touchpad = { naturalScrolling = true; scrollMethod = "twofinger"; }; }; services.compton = { enable = true; backend = "glx"; vSync = true; }; systemd.user.services.picom.serviceConfig.Restart = pkgs.lib.mkForce "no"; # xss-lock programs.xss-lock = { enable = true; lockerCommand = "${pkgs.i3lock}/bin/i3lock"; }; # Sway programs.sway.enable = true; xdg.portal = { enable = true; extraPortals = [ pkgs.xdg-desktop-portal-wlr ]; }; # Fonts fonts.fonts = with pkgs; [ fira-code noto-fonts noto-fonts-emoji noto-fonts-extra ]; fonts.fontconfig = { enable = true; defaultFonts = { emoji = [ "Noto Color Emoji" ]; monospace = [ "Fira Code" ]; sansSerif = [ "Noto Sans" ]; }; }; virtualisation.virtualbox.host.enable = true; users.users.joachim = { isNormalUser = true; home = "/home/joachim"; shell = pkgs.fish; extraGroups = [ "wheel" "scanner" ]; }; # Yubikey PAM security.pam.yubico = { enable = true; mode = "challenge-response"; }; # This value determines the NixOS release with which your system is to be # compatible, in order to avoid breaking some software such as database # servers. You should change this only after NixOS release notes say you # should. system.stateVersion = "20.03"; # Did you read the comment? }