mirror of
https://git.kb-one.de/kb01/aux-config.git
synced 2025-12-05 10:28:53 +00:00
155 lines
3.5 KiB
Nix
155 lines
3.5 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
{
|
|
imports = [
|
|
./hardware.nix
|
|
];
|
|
|
|
# Configure Nix
|
|
nix.package = pkgs.lixPackageSets.stable.lix;
|
|
nix.settings = {
|
|
experimental-features = [ "nix-command" "flakes" ];
|
|
};
|
|
nix.extraOptions = ''
|
|
secret-key-files = /root/secrets/cache-Ohybke.sec
|
|
builders-use-substitutes = true
|
|
'';
|
|
nixpkgs.config.allowUnfree = true;
|
|
nixpkgs.config.permittedInsecurePackages = [
|
|
"electron-27.3.11"
|
|
"olm-3.2.16"
|
|
"electron-34.5.8"
|
|
];
|
|
nix.buildMachines = [
|
|
{
|
|
hostName = "kb-senfnvp-remotebuild";
|
|
systems = [ "aarch64-linux" ];
|
|
protocol = "ssh-ng";
|
|
maxJobs = 10;
|
|
speedFactor = 2;
|
|
supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" ];
|
|
mandatoryFeatures = [];
|
|
}
|
|
];
|
|
nix.distributedBuilds = true;
|
|
|
|
# Networking
|
|
networking.hostName = "Ohybke";
|
|
networking.networkmanager.enable = true;
|
|
networking.firewall.allowedTCPPortRanges = [{ from = 1714; to = 1764; }]; # Allow KDE Connect
|
|
networking.firewall.allowedUDPPortRanges = [{ from = 1714; to = 1764; }]; # Allow KDE Connect
|
|
networking.firewall.allowedTCPPorts = [ 8010 ]; # Allow VLC Chromecast
|
|
|
|
# Enable Bluetooth
|
|
hardware.bluetooth.enable = true;
|
|
hardware.bluetooth.powerOnBoot = true;
|
|
|
|
# Localisation
|
|
time.timeZone = "Europe/Berlin";
|
|
i18n.defaultLocale = "en_US.UTF-8";
|
|
i18n.extraLocaleSettings = {
|
|
LC_ADDRESS = "de_DE.UTF-8";
|
|
LC_IDENTIFICATION = "de_DE.UTF-8";
|
|
LC_MEASUREMENT = "de_DE.UTF-8";
|
|
LC_MONETARY = "de_DE.UTF-8";
|
|
LC_NAME = "de_DE.UTF-8";
|
|
LC_NUMERIC = "de_DE.UTF-8";
|
|
LC_PAPER = "de_DE.UTF-8";
|
|
LC_TELEPHONE = "de_DE.UTF-8";
|
|
LC_TIME = "de_DE.UTF-8";
|
|
};
|
|
services.xserver.xkb = {
|
|
layout = "de";
|
|
variant = "mac_nodeadkeys";
|
|
options = "";
|
|
};
|
|
console = {
|
|
font = "Lat2-Terminus16";
|
|
# keyMap = "de";
|
|
useXkbConfig = true;
|
|
};
|
|
|
|
# Desktop
|
|
services.xserver.enable = true;
|
|
services.displayManager.sddm.enable = true;
|
|
services.desktopManager.plasma6.enable = true;
|
|
|
|
# Security
|
|
security.rtkit.enable = true; # For Sound
|
|
security.pam.services = {
|
|
login.u2fAuth = true;
|
|
sudo.u2fAuth = true;
|
|
};
|
|
|
|
# Printing
|
|
services.printing.enable = true;
|
|
|
|
# Sound
|
|
services.pulseaudio.enable = false;
|
|
services.pipewire = {
|
|
enable = true;
|
|
alsa.enable = true;
|
|
alsa.support32Bit = true;
|
|
pulse.enable = true;
|
|
};
|
|
|
|
# Services
|
|
services.protonmail-bridge.enable = true;
|
|
services.languagetool = {
|
|
enable = true;
|
|
allowOrigin = "*";
|
|
};
|
|
services.avahi.enable = true; # For Chromecast
|
|
|
|
# Users
|
|
users.users.kb = { # Managed by Homemanager
|
|
isNormalUser = true;
|
|
description = "kB";
|
|
extraGroups = [ "networkmanager" "wheel" ];
|
|
};
|
|
|
|
# Default Editor
|
|
programs.vim.enable = true;
|
|
programs.vim.defaultEditor = true;
|
|
|
|
|
|
# Enable SSH-Agent
|
|
programs.ssh.startAgent = true;
|
|
|
|
# Enable Steam
|
|
programs.steam.enable = true;
|
|
|
|
# Tailscale
|
|
services.tailscale.enable = true;
|
|
|
|
services.numen = {
|
|
enable = true;
|
|
autoStart = false;
|
|
phrasesPkg = pkgs.kb-one.numen-phrases.override {
|
|
customWakeWords-en = [ "cyber" "writer" "activate" ];
|
|
customWakeWords-de = [ "aktivier" "cyber" "schreiber" ];
|
|
};
|
|
phrases = [
|
|
"${config.services.numen.phrasesPkg}/phrases/en-inactive/hibernate.phrases"
|
|
];
|
|
dotoolXkbLayout = "de";
|
|
};
|
|
|
|
|
|
# Packages installed in system profile. Search Packages: $ nix search wget
|
|
environment.systemPackages = with pkgs; [
|
|
vim
|
|
helix
|
|
git
|
|
tree
|
|
dmg2img
|
|
curl
|
|
python3
|
|
sops
|
|
];
|
|
|
|
system.stateVersion = "24.11"; # NEVER Change this!
|
|
|
|
}
|
|
|