2020-05-05 15:21:17 +00:00
|
|
|
# NixOps configuration for dionach
|
|
|
|
|
|
|
|
{ config, pkgs, ... }:
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
imports = [
|
2021-05-09 06:34:31 +00:00
|
|
|
../hardware/purism_librem_15.nix # Include results of the hardware scan.
|
2021-03-21 10:14:03 +00:00
|
|
|
../profiles/android.nix # Provide an Android dev environment
|
|
|
|
../profiles/cron-craige.nix # Provide Craige's cron jobs
|
|
|
|
../profiles/daedalus.nix # The open source cryptocurrency wallet for ADA
|
|
|
|
../profiles/desktop-feeds.nix # Tools for news feeds and podcasts
|
2021-07-09 05:04:25 +00:00
|
|
|
../profiles/desktopCraige.nix # Craige's desktop tools and apps
|
2021-03-21 10:14:03 +00:00
|
|
|
../profiles/haskell-dev.nix # Haskel dev environment
|
|
|
|
../profiles/host_common.nix # Common host configuration options
|
|
|
|
../profiles/iohk.nix # IOHK environment
|
2021-05-20 23:46:22 +00:00
|
|
|
../profiles/keyboard.nix
|
2021-03-21 10:14:03 +00:00
|
|
|
../profiles/neomutt.nix # Neomutt email
|
|
|
|
../profiles/nix-community.nix # Nix community aarch64 tooling
|
|
|
|
../profiles/nix-mio-ops.nix # mio-ops Nix tooling
|
|
|
|
../profiles/nixpkgs-dev.nix # Nix pkgs dev tools
|
|
|
|
../profiles/openssh.nix # Enable and configure openssh
|
2021-05-09 06:34:31 +00:00
|
|
|
../profiles/powerManagement.nix # Power management for laptops
|
2021-03-21 10:14:03 +00:00
|
|
|
../profiles/qemu.nix # Qemu virtualisation
|
2021-05-21 05:14:16 +00:00
|
|
|
../profiles/typingTutor.nix # Typing tutorials
|
2021-03-21 10:14:03 +00:00
|
|
|
../profiles/weechat.nix # Weechat environment
|
|
|
|
../profiles/xmonad.nix # Xmonad desktop environment
|
|
|
|
../profiles/yubikey.nix # Yubikey tooling
|
|
|
|
../secrets/craige.nix # Ssshhhhh!
|
|
|
|
../secrets/root.nix # Ssshhhhh!
|
|
|
|
../secrets/wireless.nix # Hey look! A squirrel!
|
2020-05-05 15:21:17 +00:00
|
|
|
];
|
|
|
|
|
2020-06-23 00:49:45 +00:00
|
|
|
deployment.targetHost = "localhost";
|
|
|
|
|
2020-05-05 15:21:17 +00:00
|
|
|
nixpkgs.config = {
|
|
|
|
allowUnfree = true;
|
|
|
|
permittedInsecurePackages = [
|
|
|
|
"openssl-1.0.2u"
|
2021-05-03 12:01:09 +00:00
|
|
|
"minecraft"
|
2020-05-05 15:21:17 +00:00
|
|
|
];
|
|
|
|
};
|
|
|
|
|
|
|
|
# Use the GRUB 2 boot loader.
|
|
|
|
boot.loader.grub.enable = true;
|
|
|
|
boot.loader.grub.version = 2;
|
2020-09-07 01:02:52 +00:00
|
|
|
boot.loader.grub.device = "/dev/nvme0n1"; # or "nodev" for efi only
|
2020-05-05 15:21:17 +00:00
|
|
|
boot.kernel.sysctl."net.ipv4.ip_forward" = "1";
|
|
|
|
boot.extraModprobeConfig = "options kvm_intel nested=1";
|
|
|
|
|
|
|
|
networking = {
|
|
|
|
hostName = "dionach"; # Define your hostname.
|
|
|
|
};
|
|
|
|
|
2020-09-07 01:02:52 +00:00
|
|
|
fonts.fonts = with pkgs; [
|
|
|
|
dejavu_fonts # A typeface family based on the Bitstream Vera fonts
|
|
|
|
fira-code # Monospace font with programming ligatures
|
|
|
|
#monoid # Customisable coding font with alternates, ligatures and contextual positioning
|
2021-04-25 01:09:20 +00:00
|
|
|
nerdfonts # Iconic font aggregator, collection, & patcher
|
|
|
|
xkcd-font # Font based handwriting in xkcd comics
|
2020-09-07 01:02:52 +00:00
|
|
|
];
|
|
|
|
|
2020-05-05 15:21:17 +00:00
|
|
|
# List packages installed in system profile. To search, run:
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
|
|
bash
|
|
|
|
binutils
|
|
|
|
bluez-tools
|
|
|
|
brave # Privacy-oriented browser
|
|
|
|
bridge-utils # for brctl
|
|
|
|
chromium
|
|
|
|
clang
|
|
|
|
ddrescue
|
|
|
|
docutils # Python Documentation Utilities
|
|
|
|
electrum # Bitcoin wallet
|
2020-12-31 01:55:41 +00:00
|
|
|
element-desktop # A feature-rich client for Matrix.org
|
2020-05-05 15:21:17 +00:00
|
|
|
evince
|
|
|
|
exiftool # A tool to read, write and edit EXIF meta information
|
|
|
|
ffmpeg-full # record, convert and stream audio and video
|
|
|
|
file
|
|
|
|
firefox
|
|
|
|
gcc
|
|
|
|
gimp
|
|
|
|
gnome2.gvfs
|
|
|
|
gnumake
|
|
|
|
gnused
|
|
|
|
google-authenticator # 2FA
|
|
|
|
google-chrome # A freeware web browser developed by Google
|
2020-06-14 06:14:26 +00:00
|
|
|
googleearth # A world sphere viewer
|
2021-04-25 01:07:12 +00:00
|
|
|
graphviz # Graph visualization tools
|
2020-05-05 15:21:17 +00:00
|
|
|
gvfs
|
|
|
|
imagemagick
|
2021-02-11 00:37:49 +00:00
|
|
|
inetutils # Common network utilies
|
2020-12-31 01:58:58 +00:00
|
|
|
inotify-tools
|
2020-05-05 15:21:17 +00:00
|
|
|
iptables # iptables
|
|
|
|
libmtp
|
|
|
|
libgphoto2
|
|
|
|
libreoffice-fresh # Libreoffice - fresh version
|
|
|
|
lxmenu-data
|
2021-05-03 12:01:09 +00:00
|
|
|
minecraft
|
2020-05-05 15:21:17 +00:00
|
|
|
mkpasswd
|
|
|
|
mp3info # MP3 tag editor / query tool
|
|
|
|
mpd
|
|
|
|
mplayer
|
|
|
|
mtpfs
|
|
|
|
multimc
|
|
|
|
ncmpcpp
|
|
|
|
nextcloud-client
|
2020-10-14 00:10:40 +00:00
|
|
|
nvme-cli # NVM-Express user space tooling for Linux
|
2020-05-05 15:21:17 +00:00
|
|
|
obs-studio # Free and open source software for video recording and live streaming
|
|
|
|
openjdk8
|
2020-09-07 01:02:52 +00:00
|
|
|
openssl # A cryptographic library that implements the SSL and TLS protocols
|
2020-05-05 15:21:17 +00:00
|
|
|
p7zip
|
|
|
|
pandoc
|
|
|
|
pavucontrol
|
|
|
|
pcmanfm
|
|
|
|
pstree # Show the set of running processes as a tree
|
|
|
|
pwgen
|
2020-10-27 07:05:38 +00:00
|
|
|
python37Packages.pygments
|
2020-05-05 15:21:17 +00:00
|
|
|
pythonFull
|
2020-10-27 07:05:38 +00:00
|
|
|
python37Packages.restview # ReStructuredText viewer
|
2020-05-05 15:21:17 +00:00
|
|
|
python37Packages.sphinx # A tool that makes it easy to create intelligent and beautifulul documentation for Python projects
|
|
|
|
radiotray-ng # Internet radio player
|
|
|
|
rdiff-backup # External backups
|
|
|
|
shared_mime_info
|
|
|
|
shotwell
|
|
|
|
signal-desktop
|
2020-10-14 00:10:40 +00:00
|
|
|
smartmontools # Tools for monitoring the health of hard drives
|
2020-05-05 15:21:17 +00:00
|
|
|
sshfs
|
|
|
|
taskwarrior # Highly flexible command-line tool to manage TODO lists
|
|
|
|
tcpdump # tcpdump
|
|
|
|
tectonic
|
2020-05-12 12:35:48 +00:00
|
|
|
tdesktop # Telegram Desktop messaging app
|
2020-05-05 15:21:17 +00:00
|
|
|
termonad-with-packages
|
|
|
|
texlive.combined.scheme-full
|
2020-07-01 09:56:32 +00:00
|
|
|
tmate # Instant Terminal Sharing
|
2020-05-05 15:21:17 +00:00
|
|
|
tpm-tools
|
2021-02-11 00:37:02 +00:00
|
|
|
#tor-browser-bundle-bin
|
2020-07-30 03:01:13 +00:00
|
|
|
tree # Command to produce a depth indented directory listing
|
2020-05-05 15:21:17 +00:00
|
|
|
udevil
|
|
|
|
unrar
|
|
|
|
unzip
|
|
|
|
vcsh
|
|
|
|
vgo2nix # Required for packaging Golang applications
|
|
|
|
wget
|
2020-12-31 01:58:58 +00:00
|
|
|
wesnoth # Turn-based strategy game
|
2020-05-05 15:21:17 +00:00
|
|
|
xorg.xev
|
|
|
|
youtube-dl
|
|
|
|
zip # zip all the zip's
|
|
|
|
zlib
|
|
|
|
zlib.dev
|
|
|
|
];
|
|
|
|
|
|
|
|
environment.variables = {
|
|
|
|
GIO_EXTRA_MODULES = [ "${pkgs.gvfs}/lib/gio/modules" ];
|
|
|
|
};
|
|
|
|
|
|
|
|
services.acpid.enable = true;
|
|
|
|
services.blueman.enable = true;
|
|
|
|
services.kbfs.enable = true;
|
|
|
|
|
|
|
|
services.xserver.desktopManager.enlightenment.enable = true;
|
|
|
|
|
|
|
|
networking.firewall = {
|
|
|
|
enable = true;
|
|
|
|
checkReversePath = false; # Needed for libvirtd
|
|
|
|
allowedTCPPorts = [ 15000 ];
|
|
|
|
};
|
|
|
|
|
|
|
|
# Virtualisation configuration:
|
|
|
|
virtualisation = {
|
|
|
|
libvirtd = {
|
|
|
|
enable = true; # Enable libvirtd
|
|
|
|
#qemuPackage = pkgs.qemu_kvm; # Enable guest only for the same arch
|
|
|
|
qemuPackage = pkgs.qemu; # Enable full emulation
|
|
|
|
onShutdown = "shutdown"; # Set gust VMs to shutdown on host shutdown
|
|
|
|
extraConfig = ''
|
|
|
|
disk_bus = "virtio"
|
|
|
|
'';
|
|
|
|
qemuVerbatimConfig = ''
|
|
|
|
user = "craige"
|
|
|
|
group = "libvirtd"
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
# Enable sound.
|
|
|
|
sound.enable = true;
|
|
|
|
hardware = {
|
|
|
|
pulseaudio = {
|
|
|
|
enable = true;
|
|
|
|
systemWide = false;
|
|
|
|
extraModules = [ pkgs.pulseaudio-modules-bt ];
|
|
|
|
package = pkgs.pulseaudioFull;
|
|
|
|
};
|
|
|
|
bluetooth = {
|
|
|
|
enable = true;
|
2021-06-04 00:32:51 +00:00
|
|
|
settings = {
|
2020-05-05 15:21:17 +00:00
|
|
|
General = {
|
|
|
|
Enable = "Source,Sink,Media,Socket";
|
2021-05-14 04:07:34 +00:00
|
|
|
NoPlugin = "sap";
|
2020-05-05 15:21:17 +00:00
|
|
|
};
|
|
|
|
Policy = {
|
|
|
|
AutoEnable = "true";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
opengl.enable = true;
|
|
|
|
};
|
|
|
|
|
2021-02-11 00:37:02 +00:00
|
|
|
# The below pair are set to overcome flakey connections / busy servers that
|
|
|
|
# fail to respond to ssh keep alive requests, sometimes triggering:
|
|
|
|
# client_loop: send disconnect: Broken pipe
|
|
|
|
programs.ssh.extraConfig = ''
|
|
|
|
ServerAliveInterval 20
|
|
|
|
TCPKeepAlive no
|
|
|
|
'';
|
|
|
|
|
2021-04-25 01:05:34 +00:00
|
|
|
users.groups = {
|
|
|
|
lp.members = [
|
|
|
|
"messagebus"
|
|
|
|
];
|
|
|
|
};
|
|
|
|
|
2020-05-05 15:21:17 +00:00
|
|
|
# This value determines the NixOS release with which your system is to be
|
|
|
|
# compatible, in order to avoid breaking some software such as database
|
|
|
|
# servers. You should change this only after NixOS release notes say you
|
|
|
|
# should.
|
2020-09-07 01:02:52 +00:00
|
|
|
system.stateVersion = "20.03"; # Did you read the comment?
|
2020-05-05 15:21:17 +00:00
|
|
|
|
|
|
|
}
|