# NixOps configuration for dionach { config, pkgs, ... }: { imports = [ ../hardware/purism_librem_15.nix # Include the results of the hardware scan. ../roles/android.nix # Provide an Android dev environment ../roles/cron-craige.nix # Provide Craige's cron jobs ../roles/daedalus.nix # The open source cryptocurrency wallet for ADA ../roles/desktop-feeds.nix # Tools for news feeds and podcasts ../roles/haskell-dev.nix # Haskel dev environment ../roles/host_common.nix # Common host configuration options ../roles/iohk.nix # IOHK environment ../roles/neomutt.nix # Neomutt email ../roles/nix-community.nix # Nix community aarch64 tooling ../roles/nix-mio-ops.nix # mio-ops Nix tooling ../roles/nixpkgs-dev.nix # Nix pkgs dev tools ../roles/openssh.nix # Enable and configure openssh ../roles/qemu.nix # Qemu virtualisation ../roles/weechat.nix # Weechat environment ../roles/xmonad.nix # Xmonad desktop environment ../roles/yubikey.nix # Yubikey tooling ../secrets/craige.nix # Ssshhhhh! ../secrets/root.nix # Swshhhhh! ../secrets/wireless.nix # Hey look! A squirrel! ]; deployment.targetHost = "localhost"; nixpkgs.config = { allowUnfree = true; permittedInsecurePackages = [ "openssl-1.0.2u" ]; }; # Use the GRUB 2 boot loader. boot.loader.grub.enable = true; boot.loader.grub.version = 2; boot.loader.grub.device = "/dev/nvme0n1"; # or "nodev" for efi only boot.kernel.sysctl."net.ipv4.ip_forward" = "1"; boot.extraModprobeConfig = "options kvm_intel nested=1"; networking = { hostName = "dionach"; # Define your hostname. }; fonts.fonts = with pkgs; [ dejavu_fonts # A typeface family based on the Bitstream Vera fonts fira-code # Monospace font with programming ligatures #monoid # Customisable coding font with alternates, ligatures and contextual positioning ]; # List packages installed in system profile. To search, run: environment.systemPackages = with pkgs; [ bash binutils bluez-tools brave # Privacy-oriented browser bridge-utils # for brctl chromium clang ddrescue docutils # Python Documentation Utilities electrum # Bitcoin wallet emacs25-nox # Emacs, no X11 evince exiftool # A tool to read, write and edit EXIF meta information fd # A simple, fast and user-friendly alternative to find ffmpeg-full # record, convert and stream audio and video file firefox gcc gimp gnome2.gvfs gnumake gnused google-authenticator # 2FA google-chrome # A freeware web browser developed by Google googleearth # A world sphere viewer gvfs imagemagick iptables # iptables libmtp libgphoto2 libreoffice-fresh # Libreoffice - fresh version lxmenu-data mkpasswd mp3info # MP3 tag editor / query tool mpd mplayer mtpfs multimc ncmpcpp nextcloud-client nvme-cli # NVM-Express user space tooling for Linux obs-studio # Free and open source software for video recording and live streaming openjdk8 openssl # A cryptographic library that implements the SSL and TLS protocols p7zip pandoc pavucontrol pcmanfm pstree # Show the set of running processes as a tree pwgen python37Packages.pygments pythonFull python37Packages.restview # ReStructuredText viewer python37Packages.sphinx # A tool that makes it easy to create intelligent and beautifulul documentation for Python projects radiotray-ng # Internet radio player rdiff-backup # External backups riot-desktop # A feature-rich client for Matrix.org shared_mime_info shotwell signal-desktop smartmontools # Tools for monitoring the health of hard drives sshfs taskwarrior # Highly flexible command-line tool to manage TODO lists tcpdump # tcpdump tectonic tdesktop # Telegram Desktop messaging app termonad-with-packages texlive.combined.scheme-full tmate # Instant Terminal Sharing tpm-tools tor-browser-bundle-bin tree # Command to produce a depth indented directory listing udevil unrar unzip vcsh vgo2nix # Required for packaging Golang applications wget xorg.xev youtube-dl zip # zip all the zip's zlib zlib.dev ( import ../roles/vim.nix ) ]; environment.variables = { GIO_EXTRA_MODULES = [ "${pkgs.gvfs}/lib/gio/modules" ]; }; services.acpid.enable = true; services.blueman.enable = true; services.kbfs.enable = true; services.xserver.desktopManager.enlightenment.enable = true; networking.firewall = { enable = true; checkReversePath = false; # Needed for libvirtd allowedTCPPorts = [ 15000 ]; }; # Virtualisation configuration: virtualisation = { libvirtd = { enable = true; # Enable libvirtd #qemuPackage = pkgs.qemu_kvm; # Enable guest only for the same arch qemuPackage = pkgs.qemu; # Enable full emulation onShutdown = "shutdown"; # Set gust VMs to shutdown on host shutdown extraConfig = '' disk_bus = "virtio" ''; qemuVerbatimConfig = '' user = "craige" group = "libvirtd" ''; }; }; # Enable sound. sound.enable = true; hardware = { pulseaudio = { enable = true; systemWide = false; extraModules = [ pkgs.pulseaudio-modules-bt ]; package = pkgs.pulseaudioFull; }; bluetooth = { enable = true; config = { General = { Enable = "Source,Sink,Media,Socket"; }; Policy = { AutoEnable = "true"; }; }; }; opengl.enable = true; }; # This value determines the NixOS release with which your system is to be # compatible, in order to avoid breaking some software such as database # servers. You should change this only after NixOS release notes say you # should. system.stateVersion = "20.03"; # Did you read the comment? }