2023-12-05 02:48:58 +00:00
|
|
|
# NixOS configuration for serĉanto
|
|
|
|
{
|
|
|
|
config,
|
|
|
|
pkgs,
|
|
|
|
...
|
|
|
|
}: {
|
|
|
|
imports = [
|
|
|
|
../hardware/system76_lemurPro.nix # Include results of the hardware scan.
|
|
|
|
../profiles/cron-craige.nix # Provide Craige's cron jobs
|
|
|
|
../profiles/desktopCraige.nix # Craige's desktop tools and apps
|
|
|
|
../profiles/haskell-dev.nix # Haskell dev environment
|
|
|
|
../profiles/host_common.nix # Common host configuration options
|
|
|
|
../profiles/iog.nix # IOHK environment
|
|
|
|
../profiles/keyboard.nix
|
|
|
|
../profiles/neomutt.nix # Neomutt email
|
|
|
|
../profiles/nix-community.nix # Nix community aarch64 tooling
|
|
|
|
../profiles/nix-mio-ops.nix # mio-ops Nix tooling
|
|
|
|
../profiles/nixpkgs-dev.nix # Nix pkgs dev tools
|
|
|
|
../profiles/openssh.nix # Enable and configure openssh
|
|
|
|
../profiles/pantheon.nix # Enable and configure the pantheon desktop
|
|
|
|
../profiles/pipewire.nix # Enable and pipewire audio system
|
|
|
|
../profiles/powerManagement.nix # Power management for laptops
|
|
|
|
../profiles/xmonad.nix # Xmonad desktop environment
|
|
|
|
../profiles/yubikey.nix # Yubikey tooling
|
|
|
|
../secrets/craige.nix # Ssshhhhh!
|
|
|
|
../secrets/root.nix # Ssshhhhh!
|
|
|
|
#../secrets/wireless.nix # Hey look! A squirrel!
|
|
|
|
];
|
|
|
|
|
2024-02-06 01:55:33 +00:00
|
|
|
deployment.targetHost = "10.42.0.126";
|
2023-12-05 02:48:58 +00:00
|
|
|
|
|
|
|
nixpkgs = {
|
|
|
|
config = {
|
|
|
|
allowUnfree = true;
|
|
|
|
permittedInsecurePackages = [
|
|
|
|
"openssl-1.0.2u"
|
|
|
|
];
|
|
|
|
};
|
|
|
|
overlays = [(import ../overlays/ncmpcpp.nix)];
|
|
|
|
};
|
|
|
|
|
|
|
|
boot = {
|
|
|
|
loader = {
|
|
|
|
systemd-boot.enable = true;
|
|
|
|
efi.canTouchEfiVariables = true;
|
|
|
|
};
|
|
|
|
kernel.sysctl."net.ipv4.ip_forward" = "1";
|
|
|
|
extraModprobeConfig = "options kvm_intel nested=1";
|
|
|
|
};
|
|
|
|
|
|
|
|
networking = {
|
|
|
|
hostName = "sercanto"; # Define your hostname.
|
|
|
|
networkmanager.enable = true; # Enables network support via NetworkManager.
|
|
|
|
};
|
|
|
|
|
2024-02-06 01:55:33 +00:00
|
|
|
fonts.packages = with pkgs; [
|
2023-12-05 02:48:58 +00:00
|
|
|
anonymousPro
|
|
|
|
dejavu_fonts # A typeface family based on the Bitstream Vera fonts
|
|
|
|
fira-code # Monospace font with programming ligaturess
|
|
|
|
font-awesome
|
|
|
|
hack-font # A typeface designed for source code
|
|
|
|
jetbrains-mono
|
|
|
|
nerdfonts # Iconic font aggregator, collection, & patcher
|
|
|
|
open-sans # Used in in my polybar configuration
|
|
|
|
xkcd-font # Font based handwriting in xkcd comics
|
|
|
|
];
|
|
|
|
|
|
|
|
# List packages installed in system profile. To search, run:
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
|
|
];
|
|
|
|
|
|
|
|
services = {
|
|
|
|
acpid.enable = true;
|
|
|
|
blueman.enable = true;
|
|
|
|
gvfs.enable = true; # required by pcmanfm
|
|
|
|
kbfs.enable = true;
|
|
|
|
};
|
|
|
|
|
|
|
|
networking.firewall = {
|
|
|
|
enable = true;
|
|
|
|
checkReversePath = false; # Needed for libvirtd
|
|
|
|
allowedTCPPorts = [15000];
|
|
|
|
};
|
|
|
|
|
|
|
|
# Virtualisation configuration:
|
|
|
|
virtualisation = {
|
|
|
|
libvirtd = {
|
|
|
|
enable = true; # Enable libvirtd
|
|
|
|
qemu = {
|
|
|
|
#package = pkgs.qemu_kvm; # Enable guest only for the same arch
|
|
|
|
package = pkgs.qemu; # Enable full emulation
|
|
|
|
verbatimConfig = ''
|
|
|
|
user = "craige"
|
|
|
|
group = "libvirtd"
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
onShutdown = "shutdown"; # Set gust VMs to shutdown on host shutdown
|
|
|
|
extraConfig = ''
|
|
|
|
disk_bus = "virtio"
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
# Enable sound.
|
|
|
|
sound.enable = true;
|
|
|
|
hardware = {
|
|
|
|
bluetooth = {
|
|
|
|
enable = true;
|
|
|
|
settings = {Policy = {AutoEnable = "true";};};
|
|
|
|
};
|
|
|
|
opengl.enable = true;
|
|
|
|
};
|
|
|
|
|
|
|
|
# The below pair are set to overcome flakey connections / busy servers that
|
|
|
|
# fail to respond to ssh keep alive requests, sometimes triggering:
|
|
|
|
# client_loop: send disconnect: Broken pipe
|
|
|
|
programs.ssh.extraConfig = ''
|
|
|
|
ServerAliveInterval 20
|
|
|
|
TCPKeepAlive no
|
|
|
|
'';
|
|
|
|
|
|
|
|
users.groups = {lp.members = ["messagebus"];};
|
|
|
|
|
|
|
|
# This value determines the NixOS release with which your system is to be
|
|
|
|
# compatible, in order to avoid breaking some software such as database
|
|
|
|
# servers. You should change this only after NixOS release notes say you
|
|
|
|
# should.
|
|
|
|
system.stateVersion = "23.05"; # Did you read the comment?
|
|
|
|
}
|