Thiago Sposito
2a8494b24b
* add `.sops.yaml`, secrets, pgp keys * add nitrokey + smartcard pkgs, udev rules * update flake inputs * comment out ollama-cuda
162 lines
3.1 KiB
Nix
162 lines
3.1 KiB
Nix
{ pkgs, ... }:
|
|
{
|
|
|
|
imports = [
|
|
../common/default.nix
|
|
../common/network.nix
|
|
./apple.nix
|
|
./hardware-configuration.nix
|
|
];
|
|
boot = {
|
|
loader.systemd-boot.enable = true;
|
|
loader.efi.canTouchEfiVariables = true;
|
|
kernelPackages = pkgs.linuxPackages_latest;
|
|
};
|
|
|
|
environment.sessionVariables = { NIXOS_OZONE_WL = "1"; };
|
|
environment.systemPackages = with pkgs; [
|
|
exfat
|
|
gcsfuse
|
|
git
|
|
home-manager
|
|
hwinfo
|
|
libinput
|
|
neovim
|
|
nil
|
|
nixpkgs-fmt
|
|
wget
|
|
];
|
|
|
|
networking.hostName = "Nixbook";
|
|
programs.hyprland.enable = false;
|
|
programs.hyprland.withUWSM = false;
|
|
|
|
hardware = {
|
|
sane.enable = true;
|
|
graphics.enable = true;
|
|
};
|
|
|
|
i18n.defaultLocale = "en_US.UTF-8";
|
|
i18n.extraLocaleSettings = {
|
|
LC_ADDRESS = "pt_BR.UTF-8";
|
|
LC_IDENTIFICATION = "pt_BR.UTF-8";
|
|
LC_MEASUREMENT = "pt_BR.UTF-8";
|
|
LC_MONETARY = "pt_BR.UTF-8";
|
|
LC_NAME = "pt_BR.UTF-8";
|
|
LC_NUMERIC = "pt_BR.UTF-8";
|
|
LC_PAPER = "pt_BR.UTF-8";
|
|
LC_TELEPHONE = "pt_BR.UTF-8";
|
|
LC_TIME = "pt_BR.UTF-8";
|
|
};
|
|
|
|
nix = {
|
|
settings = {
|
|
auto-optimise-store = true;
|
|
};
|
|
};
|
|
|
|
programs = {
|
|
dconf.enable = true;
|
|
virt-manager.enable = true;
|
|
};
|
|
|
|
security = {
|
|
pam.services.gdm.enableGnomeKeyring = true;
|
|
polkit.enable = true;
|
|
polkit.extraConfig = ''
|
|
polkit.addRule(function(action, subject) {
|
|
if (action.id == "org.bluez.GattProfile1.Release") {
|
|
return polkit.Result.YES;
|
|
}
|
|
});
|
|
'';
|
|
rtkit.enable = true;
|
|
};
|
|
services = {
|
|
xserver = {
|
|
enable = true;
|
|
xkb = {
|
|
layout = "us";
|
|
variant = "alt-intl";
|
|
};
|
|
};
|
|
|
|
desktopManager.gnome.enable = true;
|
|
|
|
displayManager = {
|
|
gdm.enable = true;
|
|
gdm.wayland = true;
|
|
defaultSession = "gnome";
|
|
};
|
|
|
|
avahi = {
|
|
enable = true;
|
|
nssmdns4 = true;
|
|
openFirewall = true;
|
|
extraConfig = ''
|
|
[server]
|
|
allow-interfaces=wlp7s0
|
|
'';
|
|
};
|
|
|
|
earlyoom = {
|
|
enable = true;
|
|
freeMemThreshold = 5;
|
|
freeSwapThreshold = 10;
|
|
};
|
|
|
|
flatpak.enable = true;
|
|
|
|
libinput = {
|
|
enable = true;
|
|
touchpad.clickMethod = "clickfinger";
|
|
};
|
|
|
|
openssh = {
|
|
enable = true;
|
|
settings = {
|
|
PermitRootLogin = "yes";
|
|
PasswordAuthentication = false;
|
|
};
|
|
};
|
|
|
|
pipewire = {
|
|
enable = true;
|
|
alsa.enable = true;
|
|
alsa.support32Bit = true;
|
|
pulse.enable = true;
|
|
};
|
|
};
|
|
|
|
systemd = {
|
|
services."getty@tty1".enable = false;
|
|
services."autovt@tty1".enable = false;
|
|
};
|
|
|
|
systemd.timers.btrfs-scrub = {
|
|
description = "Run Btrfs Scrub Daily";
|
|
wantedBy = [ "timers.target" ];
|
|
timerConfig = {
|
|
OnCalendar = "daily";
|
|
Persistent = true;
|
|
};
|
|
};
|
|
|
|
systemd.services = {
|
|
btrfs-scrub = {
|
|
description = "Daily Btrfs Scrub";
|
|
serviceConfig = {
|
|
Type = "oneshot";
|
|
Nice = 19;
|
|
IOSchedulingClass = "idle";
|
|
ExecStart = "${pkgs.btrfs-progs}/bin/btrfs scrub start -n 2 -B / && ${pkgs.btrfs-progs}/bin/btrfs scrub start -n 2 -B /mnt/hdd0";
|
|
};
|
|
};
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
system.stateVersion = "23.11";
|
|
}
|