# NixOps configuration for dionach { config, pkgs, ... }: { imports = [ ../hardware/purism_librem_15.nix # Include results of the hardware scan. ../profiles/android.nix # Provide an Android dev environment ../profiles/cron-craige.nix # Provide Craige's cron jobs ../profiles/daedalus.nix # The open source cryptocurrency wallet for ADA ../profiles/desktop-feeds.nix # Tools for news feeds and podcasts ../profiles/desktopCraige.nix # Craige's desktop tools and apps ../profiles/haskell-dev.nix # Haskell dev environment ../profiles/host_common.nix # Common host configuration options ../profiles/iog.nix # IOHK environment ../profiles/keyboard.nix ../profiles/neomutt.nix # Neomutt email ../profiles/nix-community.nix # Nix community aarch64 tooling ../profiles/nix-mio-ops.nix # mio-ops Nix tooling ../profiles/nixpkgs-dev.nix # Nix pkgs dev tools ../profiles/openssh.nix # Enable and configure openssh ../profiles/powerManagement.nix # Power management for laptops ../profiles/qemu.nix # Qemu virtualisation ../profiles/typingTutor.nix # Typing tutorials ../profiles/weechat.nix # Weechat environment ../profiles/xmonad.nix # Xmonad desktop environment ../profiles/yubikey.nix # Yubikey tooling ../secrets/craige.nix # Ssshhhhh! ../secrets/root.nix # Ssshhhhh! ../secrets/wireless.nix # Hey look! A squirrel! ]; deployment.targetHost = "localhost"; nixpkgs.config = { allowUnfree = true; permittedInsecurePackages = ["openssl-1.0.2u" "minecraft"]; }; # Use the GRUB 2 boot loader. boot.loader.grub.enable = true; boot.loader.grub.version = 2; boot.loader.grub.device = "/dev/nvme0n1"; # or "nodev" for efi only boot.kernel.sysctl."net.ipv4.ip_forward" = "1"; boot.extraModprobeConfig = "options kvm_intel nested=1"; networking = { hostName = "dionach"; # Define your hostname. }; systemd.network.networks.enp0s20f0u4u4i5.ipv6SendRAConfig = { EmitDNS = true; Managed = true; OtherInformation = true; }; fonts.fonts = with pkgs; [ dejavu_fonts # A typeface family based on the Bitstream Vera fonts fira-code # Monospace font with programming ligatures #monoid # Customisable coding font with alternates, ligatures and contextual positioning nerdfonts # Iconic font aggregator, collection, & patcher xkcd-font # Font based handwriting in xkcd comics ]; # List packages installed in system profile. To search, run: environment.systemPackages = with pkgs; [ bash binutils bluez-tools brave # Privacy-oriented browser bridge-utils # for brctl chromium clang ddrescue docutils # Python Documentation Utilities electrum # Bitcoin wallet element-desktop # A feature-rich client for Matrix.org evince exiftool # A tool to read, write and edit EXIF meta information ffmpeg-full # record, convert and stream audio and video file firefox gcc gimp gnome2.gvfs gnumake gnused google-authenticator # 2FA google-chrome # A freeware web browser developed by Google googleearth # A world sphere viewer graphviz # Graph visualization tools gvfs imagemagick inetutils # Common network utilies inotify-tools iptables # iptables libmtp libgphoto2 libreoffice-fresh # Libreoffice - fresh version lxmenu-data minecraft mkpasswd mp3info # MP3 tag editor / query tool mpd mtpfs multimc ncmpcpp nextcloud-client nvme-cli # NVM-Express user space tooling for Linux obs-studio # Free and open source software for video recording and live streaming openjdk8 openssl # A cryptographic library that implements the SSL and TLS protocols p7zip pandoc pavucontrol pcmanfm pstree # Show the set of running processes as a tree pwgen python3Full python39Packages.restview # ReStructuredText viewer python39Packages.sphinx # A tool that makes it easy to create intelligent and beautifulul documentation for Python projects radiotray-ng # Internet radio player rdiff-backup # External backups shared_mime_info shotwell signal-desktop smartmontools # Tools for monitoring the health of hard drives sshfs taskwarrior # Highly flexible command-line tool to manage TODO lists tcpdump # tcpdump tectonic tdesktop # Telegram Desktop messaging app termonad-with-packages texlive.combined.scheme-full tmate # Instant Terminal Sharing tpm-tools #tor-browser-bundle-bin tree # Command to produce a depth indented directory listing udevil unrar unzip vcsh vgo2nix # Required for packaging Golang applications wget wesnoth # Turn-based strategy game xorg.xev zip # zip all the zip's zlib zlib.dev ]; environment.variables = { GIO_EXTRA_MODULES = ["${pkgs.gvfs}/lib/gio/modules"]; }; services.acpid.enable = true; services.blueman.enable = true; services.kbfs.enable = true; services.xserver.desktopManager.enlightenment.enable = true; networking.firewall = { enable = true; checkReversePath = false; # Needed for libvirtd allowedTCPPorts = [15000]; }; # Virtualisation configuration: virtualisation = { libvirtd = { enable = true; # Enable libvirtd qemu = { #package = pkgs.qemu_kvm; # Enable guest only for the same arch package = pkgs.qemu; # Enable full emulation verbatimConfig = '' user = "craige" group = "libvirtd" ''; }; onShutdown = "shutdown"; # Set gust VMs to shutdown on host shutdown extraConfig = '' disk_bus = "virtio" ''; }; }; # Enable sound. sound.enable = true; hardware = { pulseaudio = { enable = true; systemWide = false; extraModules = [pkgs.pulseaudio-modules-bt]; package = pkgs.pulseaudioFull; }; bluetooth = { enable = true; hsphfpd.enable = true; settings = {Policy = {AutoEnable = "true";};}; }; opengl.enable = true; }; # The below pair are set to overcome flakey connections / busy servers that # fail to respond to ssh keep alive requests, sometimes triggering: # client_loop: send disconnect: Broken pipe programs.ssh.extraConfig = '' ServerAliveInterval 20 TCPKeepAlive no ''; users.groups = {lp.members = ["messagebus"];}; # This value determines the NixOS release with which your system is to be # compatible, in order to avoid breaking some software such as database # servers. You should change this only after NixOS release notes say you # should. system.stateVersion = "20.03"; # Did you read the comment? }