hosts/wyndle/configuration.nix (view raw)
1{ self, config, pkgs, lib, ... }:
2
3{
4 imports =
5 [
6 ./hardware-configuration.nix
7 ];
8
9 boot = {
10 loader.systemd-boot.enable = true;
11 loader.systemd-boot.consoleMode = "max";
12 loader.efi.canTouchEfiVariables = true;
13 kernel.sysctl."net.ipv4.ip_forward" = 1;
14 resumeDevice = "/dev/nvme0n1p2";
15 kernelPackages = pkgs.linuxPackages_latest;
16 kernelModules = [ "i2c-dev" ];
17 };
18
19 boot.blacklistedKernelModules = [ "nouveau" "nvidia" "nvidia_drm" "nvidia_modeset" ];
20 boot.extraModprobeConfig = ''
21 blacklist nouveau
22 options nouveau modeset=0
23 '';
24
25 networking = {
26 nameservers = [ "8.8.8.8" "8.8.4.4" ];
27 networkmanager.enable = true;
28 hostName = "wyndle";
29 useDHCP = false;
30 interfaces.wlp6s0.useDHCP = true;
31 firewall.checkReversePath = "loose";
32 };
33
34 i18n.defaultLocale = "en_US.UTF-8";
35 i18n.inputMethod = {
36 enabled = "ibus";
37 };
38 time.timeZone = "Europe/Helsinki";
39
40 nixpkgs.config = {
41 allowUnfree = true;
42 allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
43 "steam"
44 "steam-original"
45 "steam-runtime"
46 ];
47 chromium = {
48 commandLineArgs = "--ozone-platform=wayland";
49 };
50 firefox.enablePlasmaBrowserIntegration = true;
51 };
52
53 nixpkgs.overlays = with self.overlays; [
54 prompt
55 customPkgs
56 ];
57
58 environment = {
59 sessionVariables = rec {
60 NIXOS_OZONE_WL = "1";
61 };
62 variables = {
63 MOZ_USE_XINPUT2 = "1";
64 GDK_SCALE = "2";
65 GDK_DPI_SCALE = "1";
66 };
67 systemPackages = with pkgs; [
68 man-pages
69 git
70 man-pages-posix
71 (lib.hiPrio pkgs.bashInteractive_5)
72 ];
73 gnome.excludePackages = (with pkgs; [
74 gnome-photos
75 gnome-tour
76 ]) ++ (with pkgs.gnome; [
77 cheese
78 epiphany
79 geary
80 totem
81 ]);
82 };
83
84 documentation = {
85 dev.enable = true;
86 man.generateCaches = true;
87 };
88
89 users.motd = with config; ''
90 Host ${networking.hostName}
91 OS NixOS ${system.nixos.release} (${system.nixos.codeName})
92 Version ${system.nixos.version}
93 Kernel ${boot.kernelPackages.kernel.version}
94 '';
95
96 console = {
97 font = "${pkgs.terminus_font}/share/consolefonts/ter-u28n.psf.gz";
98 keyMap = "us";
99 };
100
101 hardware = {
102 bluetooth = {
103 enable = true;
104 powerOnBoot = true;
105 disabledPlugins = [ "sap" ];
106 };
107 nvidia.prime = {
108 offload.enable = false;
109 amdgpuBusId = "PCI:8:0:0";
110 nvidiaBusId = "PCI:1:0:0";
111 };
112 logitech.wireless = {
113 enable = true;
114 enableGraphical = true;
115 };
116 };
117
118 services = {
119 asusd = {
120 enable = true;
121 enableUserService = true;
122 };
123 supergfxd = {
124 enable = true;
125 settings = {
126 mode = "integrated";
127 vfio_enable = false;
128 vfio_save = false;
129 always_reboot = true;
130 no_logind = false;
131 logout_timeout_s = 180;
132 };
133
134 };
135 pipewire = {
136 enable = true;
137 wireplumber.enable = true;
138 alsa.enable = true;
139 alsa.support32Bit = true;
140 pulse.enable = true;
141 };
142 xserver = {
143 enable = true;
144 xkb.layout = "us";
145 desktopManager.gnome.enable = true;
146 displayManager.gdm.enable = true;
147 dpi = 192;
148 videoDrivers = [ "amdgpu" ];
149 screenSection = ''
150 Option "metamodes" "nvidia-auto-select +0+0 {ForceFullCompositionPipeline=On}"
151 Option "AllowIndirectGLXProtocol" "off"
152 Option "TripleBuffer" "on"
153 '';
154 };
155
156 libinput = {
157 enable = true;
158 mouse = {
159 scrollButton = 8;
160 scrollMethod = "button";
161 };
162 };
163
164 ddccontrol.enable = true;
165 tailscale.enable = true;
166 # 1. chmod for rootless backligh1t
167 # 2. lotus58 bootloader mode for rootless qmk flashing
168 udev = {
169 extraRules = ''
170 ACTION=="add", SUBSYSTEM=="backlight", KERNEL=="amdgpu_bl1", MODE="0666", RUN+="${pkgs.coreutils}/bin/chmod a+w /sys/class/backlight/%k/brightness"
171 ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="2341", ATTRS{idProduct}=="0036", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
172 KERNEL=="i2c-[0-9]*", GROUP="i2c", MODE="0660"
173
174 # Remove NVIDIA USB xHCI Host Controller devices, if present
175 ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x0c0330", ATTR{power/control}="auto", ATTR{remove}="1"
176 # Remove NVIDIA USB Type-C UCSI devices, if present
177 ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x0c8000", ATTR{power/control}="auto", ATTR{remove}="1"
178 # Remove NVIDIA Audio devices, if present
179 ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x040300", ATTR{power/control}="auto", ATTR{remove}="1"
180 # Remove NVIDIA VGA/3D controller devices
181 ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x03[0-9]*", ATTR{power/control}="auto", ATTR{remove}="1"
182 '';
183 extraHwdb = ''
184 evdev:input:b0003v0B05p19B6*
185 KEYBOARD_KEY_ff31007c=f20 # x11 mic-mute
186 '';
187 path = [
188 pkgs.coreutils
189 ];
190 };
191 logind.extraConfig = ''
192 HandlePowerKey=hibernate
193 '';
194
195 keyd = {
196 enable = true;
197 keyboards.default = {
198 ids = [ "*" ];
199 extraConfig = ''
200 [main]
201 capslock = overload(capslock, rightalt)
202 leftmeta = layer(meta_mac)
203 rightmeta = layer(meta_mac)
204 leftalt = layer(option_mac)
205 rightalt = layer(option_mac)
206
207 [capslock]
208 h = left
209 j = down
210 k = up
211 l = right
212
213 # Activates when both capslock and shift is pressed
214 [capslock+shift]
215 h = C-left
216 j = C-down
217 k = C-up
218 l = C-right
219
220 # macOS style bindings
221 [meta_mac:M]
222 l = C-l
223 a = C-a
224 t = C-t
225 w = C-w
226 f = C-f
227 c = C-c
228 v = C-v
229 backspace = C-backspace
230
231 [option_mac:A]
232 backspace = C-backspace
233 '';
234 };
235 };
236 pcscd.enable = true;
237 };
238
239 virtualisation.docker = {
240 enable = true;
241 logDriver = "json-file";
242 extraOptions = ''
243 --insecure-registry "http://sini:5000"
244 '';
245 };
246
247 security = {
248 doas.enable = true;
249 sudo.enable = true;
250 doas.extraConfig = ''
251 permit nopass :wheel
252 '';
253 doas.extraRules = [{
254 users = [ "icy" ];
255 }];
256 pki.certificateFiles = [ ./ca.crt ];
257 };
258
259 powerManagement = {
260 enable = true;
261 powertop.enable = true;
262 };
263
264 users.users.icy = {
265 isNormalUser = true;
266 extraGroups = [ "wheel" "docker" "audio" "video" "dialout" "i2c" ];
267 };
268
269 programs = {
270 steam.enable = true;
271 gamemode.enable = true;
272 };
273
274 nix = {
275 package = pkgs.nixVersions.stable;
276 extraOptions = ''
277 experimental-features = nix-command flakes ca-derivations
278 warn-dirty = false
279 keep-outputs = false
280 '';
281 settings = {
282 trusted-users = [
283 "root"
284 "icy"
285 ];
286 };
287 };
288
289 # https://github.com/NixOS/nixpkgs/issues/180175
290 systemd.services.systemd-udevd.restartIfChanged = false;
291 systemd.services.NetworkManager-wait-online.enable = lib.mkForce
292 false;
293
294
295 # This value determines the NixOS release from which the default
296 # settings for stateful data, like file locations and database versions
297 # on your system were taken. It‘s perfectly fine and recommended to leave
298 # this value at the release version of the first install of this system.
299 # Before changing this value read the documentation for this option
300 # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
301 system.stateVersion = "21.11"; # Did you read the comment?
302
303}
304