frame.nix (4340B)
1 { 2 pkgs, 3 lib, 4 hostName, 5 isDarwin, 6 ... 7 }: 8 { 9 imports = [ 10 ../../users/root.nix 11 ../../modules/nix_settings.nix 12 ../../modules/nm.nix 13 ]; 14 15 sops.defaultSopsFile = ../../secrets.yaml; 16 sops.defaultSopsFormat = "yaml"; 17 sops.age.keyFile = "/home/mika/.config/sops/age/keys.txt"; 18 19 system.stateVersion = "25.11"; 20 21 # vm 22 virtualisation.vmVariant = { 23 virtualisation = { 24 diskSize = 50 * 1028; # 50 GB 25 memorySize = 16 * 1028; # 16 GB 26 cores = 6; 27 resolution = { 28 x = 1600; 29 y = 900; 30 }; 31 qemu.options = [ 32 "-enable-kvm" 33 "-cpu host" 34 "-display gtk,zoom-to-fit=false" 35 "-vga virtio" 36 ]; 37 }; 38 }; 39 40 virtualisation.docker = { 41 enable = true; 42 rootless = { 43 enable = true; 44 setSocketVariable = true; 45 }; 46 }; 47 48 # boot 49 boot = { 50 loader = { 51 systemd-boot.enable = true; 52 efi.canTouchEfiVariables = true; 53 }; 54 kernelPackages = pkgs.linuxPackages_latest; 55 kernelParams = [ 56 "loglevel=3" 57 "nowatchdog" 58 "migrations=auto" 59 "amd_iommu=on" 60 "iommu=pt" 61 "rtc_cmos.use_acpi_alarm=1" 62 "usbcore.autosuspend=-1" 63 "pcie_port_pm=off" 64 "acpi.no_ec_wakup=1" 65 ]; 66 supportedFilesystems = [ 67 "btrfs" 68 "ext4" 69 "vfat" 70 "ntfs" 71 ]; 72 }; 73 74 # netowrk 75 networking.hostName = "${hostName}"; 76 networking.wireless.enable = true; 77 networking.firewall.enable = false; 78 79 # time/locale 80 i18n.defaultLocale = "en_US.UTF-8"; 81 82 # programs 83 programs = { 84 nix-ld.enable = true; 85 zsh.enable = true; 86 dconf.enable = true; 87 gnupg.agent = { 88 enable = true; 89 enableSSHSupport = true; 90 }; 91 }; 92 93 environment.variables = { 94 __ETC_ZSHRC_SOURCED = "1"; 95 __ETC_ZSHENV_SOURCED = "1"; 96 }; 97 98 # users 99 users = { 100 users = { 101 mika = { 102 isNormalUser = true; 103 extraGroups = [ 104 "wheel" 105 "docker" 106 ]; 107 initialPassword = "123"; 108 shell = pkgs.zsh; 109 }; 110 root = { 111 shell = pkgs.zsh; 112 }; 113 }; 114 }; 115 security.sudo.wheelNeedsPassword = false; 116 117 powerManagement.powertop.enable = true; 118 119 # services 120 services = { 121 automatic-timezoned.enable = true; 122 gvfs.enable = true; 123 udisks2.enable = true; 124 upower.enable = true; 125 fwupd.enable = true; 126 openssh.enable = true; 127 tlp.enable = false; 128 power-profiles-daemon.enable = true; 129 pipewire = { 130 enable = true; 131 alsa.enable = true; 132 alsa.support32Bit = true; 133 pulse.enable = true; 134 }; 135 xserver = { 136 enable = true; 137 serverFlagsSection = '' 138 Option "Xauth" "$XAUTHORITY" 139 ''; 140 displayManager.startx = { 141 enable = true; 142 }; 143 }; 144 getty.autologinUser = "mika"; 145 logind.settings.Login = { 146 SleepOperation = "suspend-then-hibernate"; 147 HandlePowerKey = "suspend-then-hibernate"; 148 HandleLidSwitch = "suspend-then-hibernate"; 149 HandlePowerKeyLongPress = "poweroff"; 150 }; 151 } 152 // lib.optionalAttrs (!isDarwin) { 153 gnome.gnome-keyring.enable = true; 154 libinput = { 155 enable = true; 156 touchpad.naturalScrolling = false; 157 }; 158 openssh = { 159 enable = true; 160 settings = { 161 PasswordAuthentication = false; 162 KbdInteractiveAuthentication = false; 163 PermitRootLogin = "no"; 164 AllowUsers = [ "myUser" ]; 165 }; 166 }; 167 }; 168 169 systemd.sleep.settings.Sleep = { 170 HibernateDelaySec = "20m"; 171 }; 172 173 systemd.network.links."10-wlan0" = { 174 matchConfig.MACAddress = "14:AC:60:29:82:AB"; 175 linkConfig.Name = "wlan0"; 176 }; 177 178 # hardware 179 hardware.bluetooth.enable = true; 180 hardware.sensor.iio.enable = false; # disable light sensors 181 security.rtkit.enable = true; 182 183 # packages 184 nixpkgs.config.allowUnfree = true; 185 environment.systemPackages = with pkgs; [ 186 neovim 187 wget 188 git 189 nix 190 curl 191 tree 192 coreutils 193 stdenv 194 dbus-broker 195 pciutils 196 util-linux 197 pstree 198 wireguard-tools 199 gnome.gvfs 200 ntfs3g 201 202 upower 203 lm_sensors 204 acpilight 205 ]; 206 207 # fonts 208 fonts.packages = with pkgs; [ 209 nerd-fonts.terminess-ttf 210 noto-fonts 211 noto-fonts-color-emoji 212 terminus_font 213 liberation_ttf 214 fira-code 215 fira-code-symbols 216 ubuntu-classic 217 corefonts 218 ]; 219 fonts.fontconfig.useEmbeddedBitmaps = true; 220 }