hosts/wyndle/configuration.nix (view raw)
1{ self, config, pkgs, lib, ... }:
2
3{
4 imports =
5 [
6 ./hardware-configuration.nix
7 ];
8
9 boot = {
10 loader.systemd-boot.enable = true;
11 loader.systemd-boot.consoleMode = "max";
12 loader.efi.canTouchEfiVariables = true;
13 kernel.sysctl."net.ipv4.ip_forward" = 1;
14 resumeDevice = "/dev/nvme0n1p2";
15 kernelPackages = pkgs.linuxPackages_latest;
16 kernelModules = [ "i2c-dev" ];
17 };
18
19 boot.blacklistedKernelModules = [ "nouveau" "nvidia" "nvidia_drm" "nvidia_modeset" ];
20 boot.extraModprobeConfig = ''
21 blacklist nouveau
22 options nouveau modeset=0
23 '';
24
25 networking = {
26 nameservers = [ "8.8.8.8" "8.8.4.4" ];
27 networkmanager.enable = true;
28 hostName = "wyndle";
29 useDHCP = false;
30 interfaces.wlp6s0.useDHCP = true;
31 firewall.checkReversePath = "loose";
32 };
33
34 i18n.defaultLocale = "en_US.UTF-8";
35 i18n.inputMethod = {
36 enabled = "ibus";
37 };
38 time.timeZone = "Europe/Helsinki";
39
40 nixpkgs.config = {
41 allowUnfree = true;
42 allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
43 "steam"
44 "steam-original"
45 "steam-runtime"
46 ];
47 chromium = {
48 commandLineArgs = "--ozone-platform=wayland --enable-features=TouchpadOverscrollHistoryNavigation";
49 };
50 firefox.enablePlasmaBrowserIntegration = true;
51 };
52
53 environment = {
54 sessionVariables = rec {
55 NIXOS_OZONE_WL = "1";
56 };
57 variables = {
58 MOZ_USE_XINPUT2 = "1";
59 GDK_SCALE = "2";
60 GDK_DPI_SCALE = "1";
61 };
62 systemPackages = with pkgs; [
63 man-pages
64 git
65 man-pages-posix
66 (lib.hiPrio pkgs.bashInteractive_5)
67 ];
68 gnome.excludePackages = (with pkgs; [
69 gnome-photos
70 gnome-tour
71 ]) ++ (with pkgs.gnome; [
72 cheese
73 epiphany
74 geary
75 totem
76 ]);
77 };
78
79 documentation = {
80 dev.enable = true;
81 man.generateCaches = true;
82 };
83
84 users.motd = with config; ''
85 Host ${networking.hostName}
86 OS NixOS ${system.nixos.release} (${system.nixos.codeName})
87 Version ${system.nixos.version}
88 Kernel ${boot.kernelPackages.kernel.version}
89 '';
90
91 console = {
92 font = "${pkgs.terminus_font}/share/consolefonts/ter-u28n.psf.gz";
93 keyMap = "us";
94 };
95
96 hardware = {
97 bluetooth = {
98 enable = true;
99 powerOnBoot = true;
100 disabledPlugins = [ "sap" ];
101 };
102 nvidia.prime = {
103 offload.enable = false;
104 amdgpuBusId = "PCI:8:0:0";
105 nvidiaBusId = "PCI:1:0:0";
106 };
107 logitech.wireless = {
108 enable = true;
109 enableGraphical = true;
110 };
111 graphics.extraPackages = [ pkgs.amdvlk ];
112 };
113
114 services = {
115 asusd = {
116 enable = true;
117 enableUserService = true;
118 };
119 supergfxd = {
120 enable = true;
121 settings = {
122 mode = "integrated";
123 vfio_enable = false;
124 vfio_save = false;
125 always_reboot = true;
126 no_logind = false;
127 logout_timeout_s = 180;
128 };
129
130 };
131 pipewire = {
132 enable = true;
133 wireplumber.enable = true;
134 alsa.enable = true;
135 alsa.support32Bit = true;
136 pulse.enable = true;
137 };
138 xserver = {
139 enable = true;
140 xkb.layout = "us";
141 desktopManager.gnome.enable = true;
142 displayManager.gdm.enable = true;
143 dpi = 192;
144 videoDrivers = [ "amdgpu" ];
145 screenSection = ''
146 Option "metamodes" "nvidia-auto-select +0+0 {ForceFullCompositionPipeline=On}"
147 Option "AllowIndirectGLXProtocol" "off"
148 Option "TripleBuffer" "on"
149 '';
150 };
151
152 libinput = {
153 enable = true;
154 mouse = {
155 scrollButton = 8;
156 scrollMethod = "button";
157 };
158 };
159
160 ddccontrol.enable = true;
161 tailscale.enable = true;
162 # 1. chmod for rootless backligh1t
163 # 2. lotus58 bootloader mode for rootless qmk flashing
164 udev = {
165 extraRules = ''
166 ACTION=="add", SUBSYSTEM=="backlight", KERNEL=="amdgpu_bl1", MODE="0666", RUN+="${pkgs.coreutils}/bin/chmod a+w /sys/class/backlight/%k/brightness"
167 ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="2341", ATTRS{idProduct}=="0036", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
168 KERNEL=="i2c-[0-9]*", GROUP="i2c", MODE="0660"
169
170 # Remove NVIDIA USB xHCI Host Controller devices, if present
171 ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x0c0330", ATTR{power/control}="auto", ATTR{remove}="1"
172 # Remove NVIDIA USB Type-C UCSI devices, if present
173 ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x0c8000", ATTR{power/control}="auto", ATTR{remove}="1"
174 # Remove NVIDIA Audio devices, if present
175 ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x040300", ATTR{power/control}="auto", ATTR{remove}="1"
176 # Remove NVIDIA VGA/3D controller devices
177 ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x03[0-9]*", ATTR{power/control}="auto", ATTR{remove}="1"
178 '';
179 extraHwdb = ''
180 evdev:input:b0003v0B05p19B6*
181 KEYBOARD_KEY_ff31007c=f20 # x11 mic-mute
182 '';
183 path = [
184 pkgs.coreutils
185 ];
186 };
187 logind.extraConfig = ''
188 HandlePowerKey=hibernate
189 '';
190
191 keyd = {
192 enable = true;
193 keyboards.default = {
194 ids = [ "*" ];
195 extraConfig = ''
196 [main]
197 capslock = overload(capslock, rightalt)
198 leftmeta = layer(meta_mac)
199 rightmeta = layer(meta_mac)
200 leftalt = layer(option_mac)
201 rightalt = layer(option_mac)
202
203 [capslock]
204 h = left
205 j = down
206 k = up
207 l = right
208
209 # Activates when both capslock and shift is pressed
210 [capslock+shift]
211 h = C-left
212 j = C-down
213 k = C-up
214 l = C-right
215
216 # macOS style bindings
217 [meta_mac:M]
218 l = C-l
219 a = C-a
220 t = C-t
221 w = C-w
222 f = C-f
223 c = C-c
224 v = C-v
225 backspace = C-backspace
226
227 [option_mac:A]
228 backspace = C-backspace
229 '';
230 };
231 };
232 pcscd.enable = true;
233 };
234
235 virtualisation.docker = {
236 enable = true;
237 logDriver = "json-file";
238 extraOptions = ''
239 --insecure-registry "http://sini:5000"
240 '';
241 };
242
243 security = {
244 doas.enable = true;
245 sudo.enable = true;
246 doas.extraConfig = ''
247 permit nopass :wheel
248 '';
249 doas.extraRules = [{
250 users = [ "icy" ];
251 }];
252 pki.certificateFiles = [ ./ca.crt ];
253 };
254
255 powerManagement = {
256 enable = true;
257 powertop.enable = true;
258 };
259
260 users.users.icy = {
261 isNormalUser = true;
262 extraGroups = [ "wheel" "docker" "audio" "video" "dialout" "i2c" ];
263 };
264
265 programs = {
266 steam.enable = true;
267 gamemode.enable = true;
268 };
269
270 nix = {
271 package = pkgs.nixVersions.stable;
272 extraOptions = ''
273 experimental-features = nix-command flakes ca-derivations
274 warn-dirty = false
275 keep-outputs = false
276 '';
277 settings = {
278 trusted-users = [
279 "root"
280 "icy"
281 ];
282 };
283 };
284
285 # https://github.com/NixOS/nixpkgs/issues/180175
286 systemd.services.systemd-udevd.restartIfChanged = false;
287 systemd.services.NetworkManager-wait-online.enable = lib.mkForce
288 false;
289
290
291 # This value determines the NixOS release from which the default
292 # settings for stateful data, like file locations and database versions
293 # on your system were taken. It‘s perfectly fine and recommended to leave
294 # this value at the release version of the first install of this system.
295 # Before changing this value read the documentation for this option
296 # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
297 system.stateVersion = "21.11"; # Did you read the comment?
298
299}
300