nix/hosts/wyndle/configuration.nix (view raw)
1{ self, config, pkgs, lib, ... }:
2
3{
4 imports =
5 [
6 ./hardware-configuration.nix
7 ];
8
9 boot = {
10 loader.systemd-boot.enable = true;
11 loader.efi.canTouchEfiVariables = true;
12 kernel.sysctl."net.ipv4.ip_forward" = 1;
13 resumeDevice = "/dev/nvme0n1p2";
14 kernelPackages = pkgs.linuxPackages_latest;
15 };
16
17 networking = {
18 nameservers = [ "8.8.8.8" "8.8.4.4" ];
19 wireless = {
20 enable = true;
21 interfaces = [ "wlp6s0" ];
22 environmentFile = "/home/icy/secrets/wireless.env";
23 networks = {
24 Sanic.psk = "@PSK_SANI@";
25 Gopalan5G.psk = "@PSK_GOPA@";
26 denim.psk = "@PSK_DENI@";
27 };
28 extraConfig = ''
29 ctrl_interface=/run/wpa_supplicant
30 ctrl_interface_group=wheel
31 '';
32 };
33 # dhcpcd.enable = true;
34 hostName = "wyndle";
35 useDHCP = false;
36 interfaces.wlp6s0.useDHCP = true;
37 firewall.checkReversePath = "loose";
38 };
39
40 i18n.defaultLocale = "en_US.UTF-8";
41 time.timeZone = "Asia/Kolkata";
42
43 nixpkgs.config = {
44 allowUnfree = true;
45 allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
46 "steam"
47 "steam-original"
48 "steam-runtime"
49 ];
50 st = {
51 conf = builtins.readFile ../../programs/st/config.h;
52 extraLibs = with pkgs; [ harfbuzz ];
53 patches = [
54 ../../patches/st/xres.diff
55 ../../patches/st/bright.diff
56 ../../patches/st/ligatures.diff
57 ];
58 };
59 chromium = {
60 commandLineArgs = "--ozone-platform=wayland";
61 };
62 firefox.enablePlasmaBrowserIntegration = true;
63 };
64
65 nixpkgs.overlays = with self.overlays; [
66 nvim-nightly
67 prompt
68 ];
69
70 environment = {
71 sessionVariables = rec {
72 NIXOS_OZONE_WL = "1";
73 };
74 variables = {
75 MOZ_USE_XINPUT2 = "1";
76 GDK_SCALE = "2";
77 GDK_DPI_SCALE = "0.5";
78 };
79 systemPackages = with pkgs; [
80 man-pages
81 git
82 man-pages-posix
83 (lib.hiPrio pkgs.bashInteractive_5)
84 ];
85 etc = {
86 "wireplumber/bluetooth.lua.d/51-bluez-config.lua".text = ''
87 bluez_monitor.properties = {
88 ["bluez5.enable-sbc-xq"] = true,
89 ["bluez5.enable-msbc"] = true,
90 ["bluez5.enable-hw-volume"] = true,
91 ["bluez5.headset-roles"] = "[ hsp_hs hsp_ag hfp_hf hfp_ag ]"
92 }
93 '';
94 };
95 };
96
97 documentation = {
98 dev.enable = true;
99 man.generateCaches = true;
100 };
101
102 users.motd = with config; ''
103 Host ${networking.hostName}
104 OS NixOS ${system.nixos.release} (${system.nixos.codeName})
105 Version ${system.nixos.version}
106 Kernel ${boot.kernelPackages.kernel.version}
107 '';
108
109 console = {
110 font = "${pkgs.terminus_font}/share/consolefonts/ter-u28n.psf.gz";
111 keyMap = "us";
112 };
113
114 sound.enable = true;
115 hardware = {
116 opengl.driSupport = true;
117 bluetooth = {
118 enable = true;
119 powerOnBoot = true;
120 disabledPlugins = [ "sap" ];
121 };
122 nvidia.prime = {
123 offload.enable = true;
124 amdgpuBusId = "PCI:8:0:0";
125 nvidiaBusId = "PCI:1:0:0";
126 };
127 logitech.wireless = {
128 enable = true;
129 enableGraphical = true;
130 };
131 };
132
133 services = {
134 pipewire = {
135 enable = true;
136 alsa.enable = true;
137 alsa.support32Bit = true;
138 pulse.enable = true;
139 };
140 xserver = {
141 enable = true;
142 layout = "us";
143 desktopManager.plasma5.enable = true;
144 displayManager.sddm = {
145 enable = true;
146 enableHidpi = true;
147 };
148 dpi = 192;
149 videoDrivers = [ "nvidia" ];
150 screenSection = ''
151 Option "metamodes" "nvidia-auto-select +0+0 {ForceFullCompositionPipeline=On}"
152 Option "AllowIndirectGLXProtocol" "off"
153 Option "TripleBuffer" "on"
154 '';
155 libinput = {
156 enable = true;
157 mouse = {
158 scrollButton = 8;
159 scrollMethod = "button";
160 };
161 };
162 };
163 tailscale.enable = true;
164 auto-cpufreq.enable = true;
165 # 1. chmod for rootless backligh1t
166 # 2. lotus58 bootloader mode for rootless qmk flashing
167 udev = {
168 extraRules = ''
169 ACTION=="add", SUBSYSTEM=="backlight", KERNEL=="amdgpu_bl1", MODE="0666", RUN+="${pkgs.coreutils}/bin/chmod a+w /sys/class/backlight/%k/brightness"
170 ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="2341", ATTRS{idProduct}=="0036", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
171 '';
172 extraHwdb = ''
173 evdev:input:b0003v0B05p19B6*
174 KEYBOARD_KEY_ff31007c=f20 # x11 mic-mute
175 '';
176 path = [
177 pkgs.coreutils
178 ];
179 };
180 logind.extraConfig = ''
181 HandlePowerKey=hibernate
182 '';
183 };
184
185 virtualisation.docker = {
186 enable = true;
187 logDriver = "json-file";
188 };
189
190 security = {
191 doas.enable = true;
192 sudo.enable = true;
193 doas.extraConfig = ''
194 permit nopass :wheel
195 '';
196 doas.extraRules = [{
197 users = [ "icy" ];
198 }];
199 pki.certificateFiles = [ "/home/icy/.local/share/caddy/pki/authorities/local/root.crt" ];
200 };
201
202 powerManagement = {
203 enable = true;
204 powertop.enable = true;
205 };
206
207 users.users.icy = {
208 isNormalUser = true;
209 extraGroups = [ "wheel" "docker" "audio" "video" "dialout" ];
210 };
211
212 programs = {
213 steam.enable = true;
214 gamemode.enable = true;
215 };
216
217 nix = {
218 package = pkgs.nixVersions.stable;
219 extraOptions = ''
220 experimental-features = nix-command flakes ca-derivations
221 warn-dirty = false
222 keep-outputs = false
223 '';
224 settings = {
225 trusted-users = [
226 "root"
227 "icy"
228 ];
229 };
230 };
231
232
233 # This value determines the NixOS release from which the default
234 # settings for stateful data, like file locations and database versions
235 # on your system were taken. It‘s perfectly fine and recommended to leave
236 # this value at the release version of the first install of this system.
237 # Before changing this value read the documentation for this option
238 # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
239 system.stateVersion = "21.11"; # Did you read the comment?
240
241}
242