1{ self, config, pkgs, theme, ... }:
  2
  3{
  4  imports =
  5    [
  6      ./hardware-configuration.nix
  7    ];
  8
  9  boot.loader.systemd-boot.enable = true;
 10  boot.loader.efi.canTouchEfiVariables = true;
 11  boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
 12
 13  networking = {
 14    nameservers = [ "1.1.1.1" "1.0.0.1" ];
 15    hostName = "lapis";
 16    useDHCP = false;
 17    interfaces.wlan0.useDHCP = true;
 18    wireless.iwd.enable = true;
 19  };
 20
 21  i18n.defaultLocale = "en_US.UTF-8";
 22  time.timeZone = "Asia/Kolkata";
 23
 24  nixpkgs.config = {
 25    allowUnfree = true;
 26    st = {
 27      conf = builtins.readFile ../../programs/st/config.h;
 28      extraLibs = with pkgs; [ harfbuzz ];
 29      patches = [
 30        ../../patches/st/xres.diff
 31        ../../patches/st/bright.diff
 32        ../../patches/st/ligatures.diff
 33      ];
 34    };
 35  };
 36
 37  nixpkgs.overlays = with self.overlays; [
 38    nvim-nightly
 39    prompt
 40  ];
 41
 42  environment.systemPackages = with pkgs; [
 43    cwm
 44    man-pages
 45    git
 46    man-pages-posix
 47    (lib.hiPrio pkgs.bashInteractive_5)
 48  ];
 49
 50  documentation = {
 51    dev.enable = true;
 52    man.generateCaches = true;
 53  };
 54
 55  users.motd = with config; ''
 56    Host       ${networking.hostName}
 57    OS         NixOS ${system.nixos.release} (${system.nixos.codeName})
 58    Version    ${system.nixos.version}
 59    Kernel     ${boot.kernelPackages.kernel.version}
 60  '';
 61
 62  console = {
 63    font = "Lat2-Terminus16";
 64    keyMap = "us";
 65  };
 66
 67  sound.enable = true;
 68  hardware = {
 69    pulseaudio.enable = true;
 70    bluetooth = {
 71      enable = true;
 72      powerOnBoot = true;
 73    };
 74  };
 75
 76  services = {
 77    xserver = {
 78      enable = true;
 79      layout = "us";
 80      xkbVariant = "workman";
 81      displayManager.startx.enable = true;
 82      libinput.enable = true;
 83    };
 84    tailscale.enable = true;
 85  };
 86
 87  virtualisation.docker = {
 88    enable = true;
 89    logDriver = "json-file";
 90  };
 91
 92  security = {
 93    doas.enable = true;
 94    sudo.enable = true;
 95    doas.extraConfig = ''
 96      permit nopass :wheel
 97    '';
 98    doas.extraRules = [{
 99      users = [ "icy" ];
100    }];
101  };
102
103
104  users.users.icy = {
105    isNormalUser = true;
106    extraGroups = [ "wheel" "docker" "audio" "video" ];
107  };
108
109  nix = {
110    package = pkgs.nixUnstable;
111    extraOptions = ''
112      experimental-features = nix-command flakes ca-derivations
113      warn-dirty = false
114      keep-outputs = false
115    '';
116    settings = {
117      trusted-users = [
118        "root"
119        "icy"
120      ];
121    };
122  };
123
124
125  # This value determines the NixOS release from which the default
126  # settings for stateful data, like file locations and database versions
127  # on your system were taken. It‘s perfectly fine and recommended to leave
128  # this value at the release version of the first install of this system.
129  # Before changing this value read the documentation for this option
130  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
131  system.stateVersion = "21.11"; # Did you read the comment?
132
133}
134