151 lines
3.2 KiB
Nix
151 lines
3.2 KiB
Nix
{ config, pkgs, lib, self, ... }:
|
|
|
|
{
|
|
system.stateVersion = "23.05";
|
|
# Hardware
|
|
hardware = {
|
|
enableRedistributableFirmware = lib.mkDefault true;
|
|
cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
|
bluetooth = {
|
|
enable = true; # enables support for Bluetooth
|
|
powerOnBoot = true; # powers up the default Bluetooth controller on boot
|
|
settings = {
|
|
General = {
|
|
Enable = "Source,Sink,Media,Socket";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
# Boot
|
|
boot = {
|
|
loader = {
|
|
systemd-boot.enable = true;
|
|
efi.canTouchEfiVariables = true;
|
|
};
|
|
initrd = {
|
|
availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" ];
|
|
kernelModules = [ ];
|
|
};
|
|
kernelModules = [ "kvm-intel" ];
|
|
extraModulePackages = [ ];
|
|
# Prevent tampering of the pkgstore
|
|
readOnlyNixStore = true;
|
|
};
|
|
|
|
fileSystems."/" = {
|
|
device = "/dev/disk/by-uuid/7a97edd8-c5a9-4354-a461-24c0f311e61b";
|
|
fsType = "ext4";
|
|
};
|
|
|
|
fileSystems."/boot" = {
|
|
device = "/dev/disk/by-uuid/F0BD-FE72";
|
|
fsType = "vfat";
|
|
};
|
|
|
|
swapDevices = [
|
|
{
|
|
device = "/dev/disk/by-uuid/e107d78d-d934-4939-889d-1860410321d5";
|
|
}
|
|
];
|
|
|
|
# Networking
|
|
networking = {
|
|
hostName = "katana"; # Define your hostname.
|
|
networkmanager.enable = true; #Enable Network Manager
|
|
firewall = {
|
|
checkReversePath = "loose";
|
|
allowedTCPPorts = [ ];
|
|
allowedUDPPorts = [ ];
|
|
};
|
|
};
|
|
|
|
|
|
# Localization
|
|
time.timeZone = "America/Detroit";
|
|
i18n = {
|
|
defaultLocale = "en_US.UTF-8";
|
|
extraLocaleSettings = {
|
|
LC_ADDRESS = "en_US.UTF-8";
|
|
LC_IDENTIFICATION = "en_US.UTF-8";
|
|
LC_MEASUREMENT = "en_US.UTF-8";
|
|
LC_MONETARY = "en_US.UTF-8";
|
|
LC_NAME = "en_US.UTF-8";
|
|
LC_NUMERIC = "en_US.UTF-8";
|
|
LC_PAPER = "en_US.UTF-8";
|
|
LC_TELEPHONE = "en_US.UTF-8";
|
|
LC_TIME = "en_US.UTF-8";
|
|
};
|
|
};
|
|
|
|
# Services.
|
|
services = {
|
|
pcscd.enable = true;
|
|
blueman.enable = true;
|
|
pulseaudio.enable = false;
|
|
printing.enable = true;
|
|
xserver = {
|
|
xkb = {
|
|
layout = "us";
|
|
variant = "";
|
|
};
|
|
};
|
|
};
|
|
|
|
# Package Manager
|
|
nixpkgs = {
|
|
config = {
|
|
allowUnfree = true;
|
|
};
|
|
hostPlatform = lib.mkDefault "x86_64-linux";
|
|
};
|
|
|
|
nix = {
|
|
# Enable flakes and nix-command
|
|
extraOptions = ''experimental-features = nix-command flakes'';
|
|
# Auto maintainence
|
|
settings.auto-optimise-store = lib.mkDefault true;
|
|
# Garbage collection
|
|
gc = {
|
|
automatic = true;
|
|
dates = "weekly";
|
|
options = "--delete-older-than 7d";
|
|
};
|
|
};
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
gparted
|
|
bluez
|
|
blueman
|
|
home-manager
|
|
pkg-config
|
|
ripgrep
|
|
openssl
|
|
tree
|
|
eza
|
|
zsh
|
|
dig #dns lookup
|
|
rage #file encryption
|
|
age-plugin-yubikey #plugin for rage to manage yubi-2fa
|
|
sops #file based secrets operations
|
|
direnv #used for development environments
|
|
gcc
|
|
bottom
|
|
felix-fm
|
|
discord
|
|
neovim
|
|
brave
|
|
libation
|
|
libreoffice-qt6
|
|
spotify
|
|
p7zip
|
|
yubioath-flutter
|
|
steam
|
|
];
|
|
|
|
# Fonts
|
|
fonts.packages = [
|
|
pkgs.nerd-fonts.droid-sans-mono
|
|
];
|
|
|
|
}
|