atagen/nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
nix/system/configuration.nix
atagen f6baa7f1b1 final touches
2023-04-19 16:57:28 +10:00

184 lines
4.1 KiB
Nix
Raw Blame History

{ inputs, outputs, lib, config, pkgs, ... }:
# let
# lemurs = callPackage ./system/syspkgs/lemurs.nix {};
# ly = callPackage ./system/syspkgs/ly.nix {};
# in
{
nixpkgs = {
overlays = [
outputs.overlays.additions
outputs.overlays.unstable-pkgs
];
};
nix = {
registry = lib.mapAttrs(_: value: { flake = value; }) inputs;
settings = {
experimental-features = "nix-command flakes";
};
};
# imports = [
# # (import (builtins.fetchTarball "https://github.com/jonascarpay/declarative-cachix/archive/master.tar.gz"))
# ];
# cachix = [
# "nix-community"
# ];
nix.extraOptions = ''
keep-outputs = true
keep-derivations = true
'';
systemd.services.NetworkManager-wait-online.enable = false;
environment.pathsToLink = [ "/share/zsh" ];
boot.loader.systemd-boot.consoleMode = "max";
boot.loader.timeout = 3;
boot.loader.systemd-boot.enable = true;
boot.tmpOnTmpfs = true;
networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
time.timeZone = "Australia/Sydney";
time.hardwareClockInLocalTime = true;
# Select internationalisation properties.
i18n.defaultLocale = "en_AU.UTF-8";
i18n.supportedLocales = [ "en_AU.UTF-8/UTF-8" ];
console = {
font = "Lat2-Terminus16";
useXkbConfig = true; # use xkbOptions in tty.
};
nixpkgs.config.allowUnfree = true;
hardware.opengl.enable = true;
hardware.opengl.driSupport32Bit = true;
#input stuff
services.xserver.enable = false;
services.xserver.xkbOptions = "caps:escape";
services.xserver.layout = "us";
services.xserver.libinput.enable = true;
services.xserver.displayManager.lightdm.enable = false; # gets installed by default..
services.greetd = {
enable = true;
settings = {
default_session = {
command = "${pkgs.greetd.tuigreet}/bin/tuigreet -r -g \"what's good\" --time --sessions ${config.services.xserver.displayManager.sessionData.desktops}/share/wayland-sessions";
user = "greeter";
};
};
};
security.polkit.enable = true;
programs.dconf.enable = true;
xdg.autostart.enable = true;
services.resolved = {
enable = true;
fallbackDns = [ "103.1.206.179" "168.138.8.38" "168.138.12.137" ];
dnssec = "false";
};
# Enable sound.
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# jack.enable = true;
};
qt.enable = true;
qt.platformTheme = "qt5ct";
qt.style = "kvantum";
programs.zsh.enable = true;
users.defaultUserShell = pkgs.zsh;
services.tailscale.enable = true;
environment.systemPackages = with pkgs; [
rnix-lsp
tailscale
home-manager
cachix
helix
ark
curl
git
zsh
nix-index
comma
cachix
];
networking.wg-quick.interfaces = {
mullvad = {
address = [ "10.66.224.186/32" ];
dns = [ "10.64.0.1" ];
privateKey = "WD0CNYazB8D19SJvwz/TdPqoWgWCGfTwA7mim16q7UM=";
peers = [
{
publicKey = "pu22RCPeJCeiDIE7a1XtWvmv3BdgPp8ugF6AyntW8xU=";
allowedIPs = [ "0.0.0.0/0" ];
endpoint = "89.44.10.114:51820";
persistentKeepalive = 25;
}
];
};
};
networking.firewall.enable = true;
networking.firewall = {
trustedInterfaces = [ "tailscale0" ];
checkReversePath = "loose";
};
systemd.services.fixNetworkingForTailscale = {
wantedBy = [ "multi-user.target" ];
after = [ "network.target" "wg-quick-mullvad.service" ];
description = "fix the damn routing table";
serviceConfig = {
Type = "oneshot";
User = "root";
ExecStart = ''${pkgs.bash}/bin/bash -c 'if [[ "$( ${pkgs.iproute2}/bin/ip rule | grep -e "62:.*52" | wc -l)" -eq 0 ]]; then ${pkgs.iproute2}/bin/ip rule add pref 62 table 52; fi'''';
# ExecStop = ''${pkgs.iproute2}/bin/ip rule del pref 62 table 52'';
};
};
security.pam.services.waylock = {
text =''
auth include login
'';
};
system.stateVersion = "23.05"; # Did you read the comment? # lol no
}
Reference in a new issue View git blame Copy permalink