{ config, pkgs, lib, ... }: { imports = [ ./hardware.nix ]; # Configure Nix nix.package = pkgs.lixPackageSets.stable.lix; nixpkgs.config.allowUnfree = false; nix.settings.experimental-features = [ "nix-command" "flakes" ]; nix.settings.connect-timeout = 5; nix.settings.fallback = true; # Binary Cache and Substitutes #nix.settings.substituters = [ # "ssh://ssh-nix@pkpnafs" #]; #nix.settings.trusted-substituters = [ # "ssh://ssh-nix@pkpnafs" #]; nix.settings.trusted-public-keys = [ "cache-pkpnafs:guOMrEa3XPWnRihJtf7KraRRFLHlKvd1bmWbk7BZEow=" "cache-senfnvp:8fiqd165A80WZD8gLgzMjiQk6/8AdaANZqERktzIXkU=" "cache-Ohybke:0D+ovjv+/WqRX7hQ2qJzBbpE8NEBGtzmWQDpmlszcHQ=" ]; nix.extraOptions = '' secret-key-files = /root/secrets/cache-LoyAdjo.sec builders-use-substitutes = true ''; #nix.sshServe.enable = true; #nix.sshServe.keys = [ #]; # Nix Builders nix.distributedBuilds = true; nix.buildMachines = [ { hostName = "pkpnafs"; sshUser = "nix-builder"; system = "x86_64-linux"; systems = [ "x86_64-linux" "i686-linux" ]; supportedFeatures = [ "kvm" "big-parallel" ]; maxJobs = 1; } ]; # Nix Security nix.settings.trusted-users=[ "remotebuild" ]; nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ "ungoogled-chromium" "ungoogled-chromium-unwrapped" "widevine-cdm" "veracrypt" "castlabs-electron" "steam" "steam-unwrapped" ]; # Bootloader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; networking.hostName = "LoyAdjo"; # Wireless networking.networkmanager.enable = true; hardware.bluetooth.enable = true; # enables support for Bluetooth hardware.bluetooth.powerOnBoot = true; # powers up the default Bluetooth controller on boot # Locale time.timeZone = "Europe/Berlin"; i18n.defaultLocale = "en_US.UTF-8"; i18n.extraLocaleSettings = { LC_ADDRESS = "de_DE.UTF-8"; LC_IDENTIFICATION = "de_DE.UTF-8"; LC_MEASUREMENT = "de_DE.UTF-8"; LC_MONETARY = "de_DE.UTF-8"; LC_NAME = "de_DE.UTF-8"; LC_NUMERIC = "de_DE.UTF-8"; LC_PAPER = "de_DE.UTF-8"; LC_TELEPHONE = "de_DE.UTF-8"; LC_TIME = "de_DE.UTF-8"; }; # GUI services.xserver.enable = true; services.displayManager.sddm.enable = true; services.desktopManager.plasma6.enable = true; # Input services.xserver.xkb.layout = "de"; services.xserver.xkb.variant = ""; console.keyMap = "de"; services.numen = { enable = true; autoStart = true; phrasesPkg = pkgs.kb-one.numen-phrases.override { customWakeWords-en = [ "enable" "voice" "compute" ]; customWakeWords-de = [ "sprach" "schrift" "aktiv" ]; }; phrases = [ "${config.services.numen.phrasesPkg}/phrases/en-inactive/hibernate.phrases" ]; dotoolXkbLayout = "de"; }; # Security security.rtkit.enable = true; # For Sound security.pam.services = { login.u2fAuth = true; sudo.u2fAuth = true; }; # Output services.pulseaudio.enable = false; services.pipewire = { enable = true; alsa.enable = true; alsa.support32Bit = true; pulse.enable = true; }; services.printing.enable = true; # Users users.users.kb = { # Managed by Homemanager isNormalUser = true; description = "kB"; extraGroups = [ "networkmanager" "wheel" "input" ]; }; users.users.games = { # Managed by Homemanager isNormalUser = true; description = "games"; extraGroups = [ "networkmanager" "input" ]; }; users.users.remotebuild = { isNormalUser = true; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIuvGIdO1nwuzq3YrjpxH84rpGhquNvRKz1SSPwKUsth kb @ Rubtrm" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGRlk8FEIN7P81SRVEkP1wjlBjsiUGcBcqzSbHVGB0sF root @ Ohybke" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAl0qiBLwbdSAMfnZCcpG23LgkhlV3Bko3U17oV3m18A root @ HyperC" ]; }; # Default Editor programs.vim.enable = true; programs.vim.defaultEditor = true; # Steam programs.steam.enable = true; programs.steam.remotePlay.openFirewall = true; hardware.steam-hardware.enable = true; # Languagetool Spellchecking Server services.languagetool = { enable = true; allowOrigin = "*"; }; # SSH programs.ssh.startAgent = true; services.openssh = { enable = true; settings.PasswordAuthentication = false; settings.KbdInteractiveAuthentication = false; ports = [ 7325 ]; openFirewall = true; }; # System Packages environment.systemPackages = with pkgs; [ # To search, run: $ nix search wget vim git tree openvr sops ]; system.stateVersion = "24.05"; # NEVER Change this! }