# NixOS configuration for serĉanto { config, pkgs, ... }: { imports = [ ../hardware/system76_lemurPro.nix # Include results of the hardware scan. ../profiles/cron-craige.nix # Provide Craige's cron jobs ../profiles/desktopCraige.nix # Craige's desktop tools and apps ../profiles/haskell-dev.nix # Haskell dev environment ../profiles/host_common.nix # Common host configuration options ../profiles/iog.nix # IOHK environment ../profiles/keyboard.nix ../profiles/neomutt.nix # Neomutt email ../profiles/nix-community.nix # Nix community aarch64 tooling ../profiles/nix-mio-ops.nix # mio-ops Nix tooling ../profiles/nixpkgs-dev.nix # Nix pkgs dev tools ../profiles/openssh.nix # Enable and configure openssh ../profiles/pantheon.nix # Enable and configure the pantheon desktop ../profiles/pipewire.nix # Enable and pipewire audio system ../profiles/powerManagement.nix # Power management for laptops ../profiles/xmonad.nix # Xmonad desktop environment ../profiles/yubikey.nix # Yubikey tooling ../secrets/craige.nix # Ssshhhhh! ../secrets/root.nix # Ssshhhhh! #../secrets/wireless.nix # Hey look! A squirrel! ]; deployment.targetHost = "10.42.0.180"; nixpkgs = { config = { allowUnfree = true; permittedInsecurePackages = [ "openssl-1.0.2u" ]; }; overlays = [(import ../overlays/ncmpcpp.nix)]; }; boot = { loader = { systemd-boot.enable = true; efi.canTouchEfiVariables = true; }; kernel.sysctl."net.ipv4.ip_forward" = "1"; extraModprobeConfig = "options kvm_intel nested=1"; }; networking = { hostName = "sercanto"; # Define your hostname. networkmanager.enable = true; # Enables network support via NetworkManager. }; fonts.packages = with pkgs; [ anonymousPro dejavu_fonts # A typeface family based on the Bitstream Vera fonts fira-code # Monospace font with programming ligaturess font-awesome hack-font # A typeface designed for source code jetbrains-mono nerdfonts # Iconic font aggregator, collection, & patcher open-sans # Used in in my polybar configuration xkcd-font # Font based handwriting in xkcd comics ]; # List packages installed in system profile. To search, run: environment.systemPackages = with pkgs; [ ]; services = { acpid.enable = true; blueman.enable = true; gvfs.enable = true; # required by pcmanfm kbfs.enable = true; }; networking.firewall = { enable = true; checkReversePath = false; # Needed for libvirtd allowedTCPPorts = [15000]; }; # Virtualisation configuration: virtualisation = { libvirtd = { enable = true; # Enable libvirtd qemu = { #package = pkgs.qemu_kvm; # Enable guest only for the same arch package = pkgs.qemu; # Enable full emulation verbatimConfig = '' user = "craige" group = "libvirtd" ''; }; onShutdown = "shutdown"; # Set gust VMs to shutdown on host shutdown extraConfig = '' disk_bus = "virtio" ''; }; }; # Enable sound. sound.enable = true; hardware = { bluetooth = { enable = true; settings = {Policy = {AutoEnable = "true";};}; }; opengl.enable = true; }; # The below pair are set to overcome flakey connections / busy servers that # fail to respond to ssh keep alive requests, sometimes triggering: # client_loop: send disconnect: Broken pipe programs.ssh.extraConfig = '' ServerAliveInterval 20 TCPKeepAlive no ''; users.groups = {lp.members = ["messagebus"];}; # This value determines the NixOS release with which your system is to be # compatible, in order to avoid breaking some software such as database # servers. You should change this only after NixOS release notes say you # should. system.stateVersion = "23.05"; # Did you read the comment? }