hosts/wyndle/configuration.nix (view raw)
1{ self, config, pkgs, lib, ... }:
2
3{
4 imports =
5 [
6 ./hardware-configuration.nix
7 ];
8
9 boot = {
10 loader.systemd-boot.enable = true;
11 loader.systemd-boot.consoleMode = "max";
12 loader.efi.canTouchEfiVariables = true;
13 kernel.sysctl."net.ipv4.ip_forward" = 1;
14 resumeDevice = "/dev/nvme0n1p2";
15 kernelPackages = pkgs.linuxPackages_latest;
16 kernelModules = [ "i2c-dev" ];
17 };
18
19 boot.blacklistedKernelModules = [ "nouveau" "nvidia" "nvidia_drm" "nvidia_modeset" ];
20 boot.extraModprobeConfig = ''
21 blacklist nouveau
22 options nouveau modeset=0
23 '';
24
25 networking = {
26 nameservers = [ "8.8.8.8" "8.8.4.4" ];
27 networkmanager.enable = true;
28 hostName = "wyndle";
29 useDHCP = false;
30 interfaces.wlp6s0.useDHCP = true;
31 firewall.checkReversePath = "loose";
32 };
33
34 i18n.defaultLocale = "en_US.UTF-8";
35 i18n.inputMethod = {
36 enabled = "ibus";
37 };
38 time.timeZone = "Europe/Helsinki";
39
40 nixpkgs.config = {
41 allowUnfree = true;
42 allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
43 "steam"
44 "steam-original"
45 "steam-runtime"
46 ];
47 chromium = {
48 commandLineArgs = "--ozone-platform=wayland --enable-features=TouchpadOverscrollHistoryNavigation";
49 };
50 firefox.enablePlasmaBrowserIntegration = true;
51 };
52
53
54 environment = {
55 sessionVariables = rec {
56 NIXOS_OZONE_WL = "1";
57 };
58 variables = {
59 MOZ_USE_XINPUT2 = "1";
60 GDK_SCALE = "2";
61 GDK_DPI_SCALE = "1";
62 };
63 systemPackages = with pkgs; [
64 man-pages
65 git
66 man-pages-posix
67 (lib.hiPrio pkgs.bashInteractive_5)
68 ];
69 gnome.excludePackages = (with pkgs; [
70 gnome-photos
71 gnome-tour
72 ]) ++ (with pkgs.gnome; [
73 cheese
74 epiphany
75 geary
76 totem
77 ]);
78 };
79
80 documentation = {
81 dev.enable = true;
82 man.generateCaches = true;
83 };
84
85 users.motd = with config; ''
86 Host ${networking.hostName}
87 OS NixOS ${system.nixos.release} (${system.nixos.codeName})
88 Version ${system.nixos.version}
89 Kernel ${boot.kernelPackages.kernel.version}
90 '';
91
92 console = {
93 font = "${pkgs.terminus_font}/share/consolefonts/ter-u28n.psf.gz";
94 keyMap = "us";
95 };
96
97 hardware = {
98 bluetooth = {
99 enable = true;
100 powerOnBoot = true;
101 disabledPlugins = [ "sap" ];
102 };
103 nvidia.prime = {
104 offload.enable = false;
105 amdgpuBusId = "PCI:8:0:0";
106 nvidiaBusId = "PCI:1:0:0";
107 };
108 logitech.wireless = {
109 enable = true;
110 enableGraphical = true;
111 };
112 graphics.extraPackages = [ pkgs.amdvlk ];
113 };
114
115 services = {
116 asusd = {
117 enable = true;
118 enableUserService = true;
119 };
120 supergfxd = {
121 enable = true;
122 settings = {
123 mode = "integrated";
124 vfio_enable = false;
125 vfio_save = false;
126 always_reboot = true;
127 no_logind = false;
128 logout_timeout_s = 180;
129 };
130
131 };
132 pipewire = {
133 enable = true;
134 wireplumber.enable = true;
135 alsa.enable = true;
136 alsa.support32Bit = true;
137 pulse.enable = true;
138 };
139 xserver = {
140 enable = true;
141 xkb.layout = "us";
142 desktopManager.gnome.enable = true;
143 displayManager.gdm.enable = true;
144 dpi = 192;
145 videoDrivers = [ "amdgpu" ];
146 screenSection = ''
147 Option "metamodes" "nvidia-auto-select +0+0 {ForceFullCompositionPipeline=On}"
148 Option "AllowIndirectGLXProtocol" "off"
149 Option "TripleBuffer" "on"
150 '';
151 };
152
153 libinput = {
154 enable = true;
155 mouse = {
156 scrollButton = 8;
157 scrollMethod = "button";
158 };
159 };
160
161 ddccontrol.enable = true;
162 tailscale.enable = true;
163 # 1. chmod for rootless backligh1t
164 # 2. lotus58 bootloader mode for rootless qmk flashing
165 udev = {
166 extraRules = ''
167 ACTION=="add", SUBSYSTEM=="backlight", KERNEL=="amdgpu_bl1", MODE="0666", RUN+="${pkgs.coreutils}/bin/chmod a+w /sys/class/backlight/%k/brightness"
168 ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="2341", ATTRS{idProduct}=="0036", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
169 KERNEL=="i2c-[0-9]*", GROUP="i2c", MODE="0660"
170
171 # Remove NVIDIA USB xHCI Host Controller devices, if present
172 ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x0c0330", ATTR{power/control}="auto", ATTR{remove}="1"
173 # Remove NVIDIA USB Type-C UCSI devices, if present
174 ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x0c8000", ATTR{power/control}="auto", ATTR{remove}="1"
175 # Remove NVIDIA Audio devices, if present
176 ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x040300", ATTR{power/control}="auto", ATTR{remove}="1"
177 # Remove NVIDIA VGA/3D controller devices
178 ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x03[0-9]*", ATTR{power/control}="auto", ATTR{remove}="1"
179 '';
180 extraHwdb = ''
181 evdev:input:b0003v0B05p19B6*
182 KEYBOARD_KEY_ff31007c=f20 # x11 mic-mute
183 '';
184 path = [
185 pkgs.coreutils
186 ];
187 };
188 logind.extraConfig = ''
189 HandlePowerKey=hibernate
190 '';
191
192 keyd = {
193 enable = true;
194 keyboards.default = {
195 ids = [ "*" ];
196 extraConfig = ''
197 [main]
198 capslock = overload(capslock, rightalt)
199 leftmeta = layer(meta_mac)
200 rightmeta = layer(meta_mac)
201 leftalt = layer(option_mac)
202 rightalt = layer(option_mac)
203
204 [capslock]
205 h = left
206 j = down
207 k = up
208 l = right
209
210 # Activates when both capslock and shift is pressed
211 [capslock+shift]
212 h = C-left
213 j = C-down
214 k = C-up
215 l = C-right
216
217 # macOS style bindings
218 [meta_mac:M]
219 l = C-l
220 a = C-a
221 t = C-t
222 w = C-w
223 f = C-f
224 c = C-c
225 v = C-v
226 backspace = C-backspace
227
228 [option_mac:A]
229 backspace = C-backspace
230 '';
231 };
232 };
233 pcscd.enable = true;
234 };
235
236 virtualisation.docker = {
237 enable = true;
238 logDriver = "json-file";
239 extraOptions = ''
240 --insecure-registry "http://sini:5000"
241 '';
242 };
243
244 security = {
245 doas.enable = true;
246 sudo.enable = true;
247 doas.extraConfig = ''
248 permit nopass :wheel
249 '';
250 doas.extraRules = [{
251 users = [ "icy" ];
252 }];
253 pki.certificateFiles = [ ./ca.crt ];
254 };
255
256 powerManagement = {
257 enable = true;
258 powertop.enable = true;
259 };
260
261 users.users.icy = {
262 isNormalUser = true;
263 extraGroups = [ "wheel" "docker" "audio" "video" "dialout" "i2c" ];
264 };
265
266 programs = {
267 steam.enable = true;
268 gamemode.enable = true;
269 };
270
271 nix = {
272 package = pkgs.nixVersions.stable;
273 extraOptions = ''
274 experimental-features = nix-command flakes ca-derivations
275 warn-dirty = false
276 keep-outputs = false
277 '';
278 settings = {
279 trusted-users = [
280 "root"
281 "icy"
282 ];
283 };
284 };
285
286 # https://github.com/NixOS/nixpkgs/issues/180175
287 systemd.services.systemd-udevd.restartIfChanged = false;
288 systemd.services.NetworkManager-wait-online.enable = lib.mkForce
289 false;
290
291
292 # This value determines the NixOS release from which the default
293 # settings for stateful data, like file locations and database versions
294 # on your system were taken. It‘s perfectly fine and recommended to leave
295 # this value at the release version of the first install of this system.
296 # Before changing this value read the documentation for this option
297 # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
298 system.stateVersion = "21.11"; # Did you read the comment?
299
300}
301