all repos — dotfiles @ c552090ad3a1237e9fbfd329d8b510527c6643af

my *nix dotfiles

nix/hosts/lapis/configuration.nix (view raw)

  1{ self, config, pkgs, theme, ... }:
  2
  3{
  4  imports =
  5    [
  6      ./hardware-configuration.nix
  7    ];
  8
  9  boot.loader.systemd-boot.enable = true;
 10  boot.loader.efi.canTouchEfiVariables = true;
 11  boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
 12
 13  networking = {
 14    nameservers = [ "1.1.1.1" "1.0.0.1" ];
 15    wireless = {
 16      enable = true;
 17      interfaces = [ "wlan0" ];
 18      environmentFile = "/home/icy/secrets/wireless.env";
 19      networks = {
 20        Sanic.psk = "@PSK_SANI@";
 21        Gopalan.psk = "@PSK_GOPA@";
 22        "GoSpaze 2" = {
 23          psk = "@PSK_GOSP@";
 24        };
 25      };
 26      extraConfig = ''
 27        ctrl_interface=/run/wpa_supplicant
 28        ctrl_interface_group=wheel
 29      '';
 30    };
 31    # dhcpcd.enable = true;
 32    hostName = "lapis";
 33    useDHCP = false;
 34    interfaces.wlan0.useDHCP = true;
 35  };
 36
 37  i18n.defaultLocale = "en_US.UTF-8";
 38  time.timeZone = "Asia/Kolkata";
 39
 40  nixpkgs.config = {
 41    allowUnfree = true;
 42    st = {
 43      conf = builtins.readFile ../../programs/st/config.h;
 44      extraLibs = with pkgs; [ harfbuzz ];
 45      patches = [
 46        ../../patches/st/xres.diff
 47        ../../patches/st/bright.diff
 48        ../../patches/st/ligatures.diff
 49      ];
 50    };
 51  };
 52
 53  nixpkgs.overlays = with self.overlays; [
 54    nvim-nightly
 55    prompt
 56  ];
 57
 58  environment.systemPackages = with pkgs; [
 59    cwm
 60    man-pages
 61    git
 62    man-pages-posix
 63    (lib.hiPrio pkgs.bashInteractive_5)
 64  ];
 65
 66  documentation = {
 67    dev.enable = true;
 68    man.generateCaches = true;
 69  };
 70
 71  users.motd = with config; ''
 72    Host       ${networking.hostName}
 73    OS         NixOS ${system.nixos.release} (${system.nixos.codeName})
 74    Version    ${system.nixos.version}
 75    Kernel     ${boot.kernelPackages.kernel.version}
 76  '';
 77
 78  console = {
 79    font = "Lat2-Terminus16";
 80    keyMap = "us";
 81  };
 82
 83  sound.enable = true;
 84  hardware = {
 85    pulseaudio.enable = true;
 86    bluetooth = {
 87      enable = true;
 88      powerOnBoot = true;
 89    };
 90  };
 91
 92  services = {
 93    xserver = {
 94      enable = true;
 95      layout = "us";
 96      displayManager.startx.enable = true;
 97      libinput.enable = true;
 98    };
 99    tailscale.enable = true;
100
101    # 1. chmod for rootless backligh1t
102    # 2. lotus58 bootloader mode for rootless qmk flashing
103    udev = {
104      extraRules = ''
105        ACTION=="add", SUBSYSTEM=="backlight", KERNEL=="intel_backlight", MODE="0666", RUN+="${pkgs.coreutils}/bin/chmod a+w /sys/class/backlight/%k/brightness"
106        ACTION=="add", SUBSYSTEM=="usb", ATTRS{idVendor}=="2341", ATTRS{idProduct}=="0036", TAG+="uaccess", ENV{ID_MM_DEVICE_IGNORE}="1"
107      '';
108      path = [
109        pkgs.coreutils
110      ];
111    };
112  };
113
114  virtualisation.docker = {
115    enable = true;
116    logDriver = "json-file";
117  };
118
119  security = {
120    doas.enable = true;
121    sudo.enable = true;
122    doas.extraConfig = ''
123      permit nopass :wheel
124    '';
125    doas.extraRules = [{
126      users = [ "icy" ];
127    }];
128    pki.certificateFiles = [ "/home/icy/.local/share/caddy/pki/authorities/local/root.crt" ];
129  };
130
131
132  users.users.icy = {
133    isNormalUser = true;
134    extraGroups = [ "wheel" "docker" "audio" "video" "dialout" ];
135  };
136
137  nix = {
138    package = pkgs.nixFlakes;
139    extraOptions = ''
140      experimental-features = nix-command flakes ca-derivations
141      warn-dirty = false
142      keep-outputs = false
143    '';
144    settings = {
145      trusted-users = [
146        "root"
147        "icy"
148      ];
149    };
150  };
151
152
153  # This value determines the NixOS release from which the default
154  # settings for stateful data, like file locations and database versions
155  # on your system were taken. It‘s perfectly fine and recommended to leave
156  # this value at the release version of the first install of this system.
157  # Before changing this value read the documentation for this option
158  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
159  system.stateVersion = "21.11"; # Did you read the comment?
160
161}
162