234 lines
5.4 KiB
Nix
234 lines
5.4 KiB
Nix
{
|
|
inputs,
|
|
outputs,
|
|
lib,
|
|
config,
|
|
pkgs,
|
|
nix-rice,
|
|
nix-std,
|
|
...
|
|
}: {
|
|
nixpkgs = {
|
|
overlays = [
|
|
inputs.nur.overlay
|
|
outputs.overlays.additions
|
|
outputs.overlays.pkg-sets
|
|
inputs.nix-rice.overlays.default
|
|
outputs.overlays.rice
|
|
inputs.helix.overlays.default
|
|
inputs.nixd.overlays.default
|
|
inputs.nix-ld-rs.overlays.default
|
|
];
|
|
config = {
|
|
allowUnfree = true;
|
|
allowUnfreePredicate = _: true;
|
|
};
|
|
};
|
|
|
|
nix = {
|
|
registry = lib.mapAttrs (_: value: {flake = value;}) inputs;
|
|
settings = {
|
|
trusted-users = ["bolt" "plank"];
|
|
experimental-features = "nix-command flakes";
|
|
substitute = true;
|
|
substituters = [];
|
|
trusted-public-keys = [];
|
|
};
|
|
};
|
|
|
|
imports = [
|
|
../util/temp-iproute-patch.nix
|
|
];
|
|
|
|
disabledModules = ["config/iproute2.nix"];
|
|
|
|
nix.extraOptions = ''
|
|
keep-outputs = true
|
|
keep-derivations = true
|
|
'';
|
|
|
|
systemd.services.NetworkManager-wait-online.enable = true; # for some reason nm doesn't enable without this
|
|
|
|
environment.pathsToLink = ["/share/zsh"];
|
|
|
|
hardware.enableRedistributableFirmware = true;
|
|
hardware.enableAllFirmware = true;
|
|
boot.loader.systemd-boot.consoleMode = "max";
|
|
boot.loader.timeout = 3;
|
|
|
|
boot.loader.systemd-boot.enable = true;
|
|
boot.tmp.useTmpfs = true;
|
|
|
|
networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
|
|
|
|
time.timeZone = "Australia/Sydney";
|
|
# fix windows to use utc instead
|
|
time.hardwareClockInLocalTime = false;
|
|
|
|
# Select internationalisation properties.
|
|
i18n.defaultLocale = "en_AU.UTF-8";
|
|
i18n.supportedLocales = ["en_AU.UTF-8/UTF-8"];
|
|
console = {
|
|
font = "Lat2-Terminus16";
|
|
useXkbConfig = true; # use xkbOptions in tty.
|
|
};
|
|
|
|
hardware.opengl.enable = true;
|
|
hardware.opengl.driSupport32Bit = true;
|
|
|
|
#input stuff
|
|
services.xserver.enable = false;
|
|
services.xserver.xkbOptions = "caps:escape";
|
|
services.xserver.layout = "us";
|
|
services.xserver.libinput.enable = true;
|
|
|
|
services.udisks2.enable = true;
|
|
|
|
services.xserver.windowManager.qtile = {
|
|
enable = true;
|
|
backend = "wayland";
|
|
package = inputs.qtile.packages.x86_64-linux.qtile;
|
|
configFile = null; # using hm instead
|
|
extraPackages = python3Packages:
|
|
with python3Packages; [
|
|
pkgs.stable.python3Packages.qtile-extras
|
|
# coconut
|
|
];
|
|
};
|
|
|
|
services.greetd = {
|
|
enable = true;
|
|
settings = {
|
|
default_session = {
|
|
# command = "${lib.getExe pkgs.greetd.tuigreet} -r -g \"what's good\" --time --cmd sway";
|
|
command = "${lib.getExe pkgs.greetd.tuigreet} -r -g \"what's good\" --time --cmd \"qtile start -b wayland\"";
|
|
user = "greeter";
|
|
};
|
|
};
|
|
};
|
|
|
|
security.polkit.enable = true;
|
|
|
|
programs.dconf.enable = true;
|
|
|
|
xdg.autostart.enable = true;
|
|
xdg.portal = {
|
|
enable = true;
|
|
extraPortals = with pkgs; [
|
|
xdg-desktop-portal-gtk
|
|
xdg-desktop-portal-wlr
|
|
];
|
|
config = {
|
|
common = {
|
|
default = "wlr";
|
|
};
|
|
};
|
|
};
|
|
|
|
services.resolved = {
|
|
enable = true;
|
|
fallbackDns = ["103.1.206.179" "168.138.8.38" "168.138.12.137"];
|
|
dnssec = "false";
|
|
};
|
|
|
|
# Enable sound.
|
|
security.rtkit.enable = true;
|
|
services.pipewire = {
|
|
enable = true;
|
|
alsa.enable = true;
|
|
alsa.support32Bit = true;
|
|
pulse.enable = true;
|
|
# jack.enable = true;
|
|
};
|
|
|
|
qt.enable = true;
|
|
qt.platformTheme = "gtk2";
|
|
qt.style = "gtk2";
|
|
|
|
programs.zsh.enable = true;
|
|
users.defaultUserShell = pkgs.zsh;
|
|
|
|
services.tumbler.enable = true; # thumbnailer for thunar
|
|
# services.tailscale.enable = true;
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
man-pages
|
|
man-pages-posix
|
|
|
|
rnix-lsp
|
|
nixd
|
|
|
|
home-manager
|
|
cachix
|
|
|
|
curl
|
|
eza
|
|
swaybg
|
|
|
|
git
|
|
|
|
nix-index
|
|
starship
|
|
|
|
cachix
|
|
|
|
alejandra
|
|
];
|
|
|
|
documentation.dev.enable = true;
|
|
documentation.man.enable = true;
|
|
documentation.enable = true;
|
|
|
|
programs.nix-index-database.comma.enable = true;
|
|
programs.nix-index.enableZshIntegration = false;
|
|
programs.nix-index.enableBashIntegration = false;
|
|
|
|
services.gvfs.enable = true;
|
|
|
|
services.mullvad-vpn.enable = true;
|
|
|
|
programs.nix-ld = {
|
|
enable = true;
|
|
package = pkgs.nix-ld-rs;
|
|
};
|
|
|
|
networking.firewall.enable = true;
|
|
networking.firewall = {
|
|
# TODO: use tailscale with interface blacklist patch?
|
|
# trustedInterfaces = ["tailscale0"];
|
|
checkReversePath = "loose";
|
|
};
|
|
|
|
# programs.sway = {
|
|
# # to use home-manager
|
|
# package = null;
|
|
# enable = true;
|
|
# wrapperFeatures = {
|
|
# base = true;
|
|
# gtk = true;
|
|
# };
|
|
# # extraPackages = with pkgs; [swaylock swayidle foot dmenu vulkan-validation-layers];
|
|
# };
|
|
|
|
# systemd.services.fixNetworkingForTailscale = {
|
|
# wantedBy = ["multi-user.target"];
|
|
# after = ["network.target" "mullvad-daemon.service"];
|
|
# description = "fix the damn routing table";
|
|
# serviceConfig = {
|
|
# Type = "oneshot";
|
|
# User = "root";
|
|
# ExecStart = ''${pkgs.bash}/bin/bash -c "if [[ \"$( ${pkgs.iproute2}/bin/ip rule | grep -e \"62:.*52\" | wc -l)\" -eq 0 ]]; then ${pkgs.iproute2}/bin/ip rule add pref 62 table 52; fi"'';
|
|
# };
|
|
# };
|
|
|
|
# give cpuset to user
|
|
systemd.services."user@".serviceConfig.Delegate = "memory pids cpu cpuset";
|
|
|
|
security.pam.services.gtklock = {
|
|
text = ''
|
|
auth include login
|
|
'';
|
|
};
|
|
|
|
system.stateVersion = "22.11"; # Did you read the comment?
|
|
}
|