2023-08-11 20:41:58 +02:00
|
|
|
{
|
2023-09-29 21:13:48 +02:00
|
|
|
config,
|
|
|
|
pkgs,
|
|
|
|
...
|
|
|
|
}: {
|
|
|
|
imports = [
|
|
|
|
];
|
2023-08-11 20:41:58 +02:00
|
|
|
|
|
|
|
system.stateVersion = "23.05";
|
|
|
|
system.autoUpgrade.enable = true;
|
|
|
|
|
|
|
|
nix = {
|
|
|
|
optimise.automatic = true;
|
|
|
|
gc.automatic = true;
|
|
|
|
gc.options = "--delete-older-than 7d";
|
|
|
|
package = pkgs.nixUnstable;
|
2023-09-29 21:13:48 +02:00
|
|
|
settings.experimental-features = ["nix-command" "flakes"];
|
2023-08-11 20:41:58 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
boot = {
|
|
|
|
kernelPackages = pkgs.linuxPackages_latest;
|
2023-09-29 21:13:48 +02:00
|
|
|
kernelParams = ["msr.allow_writes=on"];
|
|
|
|
supportedFilesystems = ["btrfs"];
|
2023-08-11 20:41:58 +02:00
|
|
|
tmpOnTmpfs = true;
|
|
|
|
initrd.compressor = "zstd";
|
2023-10-01 21:14:30 +02:00
|
|
|
loader.systemd-boot = {
|
|
|
|
enable = true;
|
|
|
|
editor = false;
|
|
|
|
memtest86.enable = true;
|
|
|
|
};
|
2023-08-11 20:41:58 +02:00
|
|
|
loader.efi.canTouchEfiVariables = true;
|
2023-10-01 21:14:30 +02:00
|
|
|
readOnlyNixStore = true;
|
2023-08-11 20:41:58 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
security = {
|
|
|
|
rtkit.enable = true;
|
|
|
|
allowSimultaneousMultithreading = true;
|
|
|
|
sudo.enable = false;
|
|
|
|
doas.enable = true;
|
2023-09-29 21:13:48 +02:00
|
|
|
doas.extraRules = [
|
|
|
|
{
|
|
|
|
users = ["akill"];
|
|
|
|
keepEnv = true;
|
|
|
|
persist = true;
|
|
|
|
}
|
|
|
|
];
|
2023-08-11 20:41:58 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
powerManagement = {
|
|
|
|
enable = true;
|
|
|
|
};
|
|
|
|
|
|
|
|
networking = {
|
|
|
|
firewall.enable = true;
|
|
|
|
hostName = "blue";
|
2023-09-29 21:13:48 +02:00
|
|
|
nameservers = ["127.0.0.1" "::1"];
|
2023-08-11 20:41:58 +02:00
|
|
|
dhcpcd.extraConfig = "nohook resolv.conf";
|
|
|
|
|
|
|
|
networkmanager = {
|
|
|
|
enable = true;
|
|
|
|
dns = "none";
|
2023-09-29 21:13:48 +02:00
|
|
|
/*
|
|
|
|
wifi.backend = "iwd";
|
|
|
|
*/
|
2023-08-11 20:41:58 +02:00
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
time.timeZone = "Europe/Sarajevo";
|
|
|
|
|
|
|
|
nixpkgs.config.allowUnfree = true;
|
|
|
|
environment = {
|
|
|
|
homeBinInPath = true;
|
|
|
|
variables = {
|
|
|
|
PATH = "$HOME/.cargo/bin";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
programs = {
|
2023-09-29 21:13:48 +02:00
|
|
|
gnupg.agent = {
|
|
|
|
enable = true;
|
|
|
|
enableSSHSupport = true;
|
|
|
|
};
|
2023-08-11 20:41:58 +02:00
|
|
|
zsh.enable = true;
|
|
|
|
firejail.enable = true;
|
|
|
|
adb.enable = true;
|
|
|
|
wireshark.enable = true;
|
|
|
|
sway.enable = true;
|
|
|
|
};
|
|
|
|
|
|
|
|
# List services that you want to enable:
|
|
|
|
systemd = {
|
|
|
|
services = {
|
|
|
|
"caps2esc" = {
|
|
|
|
description = "Intercepts keyboard udev events";
|
2023-09-29 21:13:48 +02:00
|
|
|
wants = ["systemd-udevd.service"];
|
|
|
|
wantedBy = ["multi-user.target"];
|
2023-08-11 20:41:58 +02:00
|
|
|
serviceConfig.Nice = -20;
|
|
|
|
script = ''
|
|
|
|
${pkgs.interception-tools}/bin/intercept \
|
|
|
|
-g /dev/input/by-path/*-kbd | \
|
|
|
|
/opt/caps2esc | ${pkgs.interception-tools}/bin/uinput \
|
|
|
|
-d /dev/input/by-path/*-kbd \
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
extraConfig = ''
|
|
|
|
DefaultTimeoutStartSec=30s
|
|
|
|
DefaultTimeoutStopSec=30s
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
services = {
|
|
|
|
acpid.enable = true;
|
|
|
|
btrfs.autoScrub.enable = true;
|
|
|
|
dbus.enable = true;
|
|
|
|
fstrim.enable = true;
|
|
|
|
fwupd.enable = true;
|
|
|
|
ntp.enable = true;
|
|
|
|
openssh.enable = false;
|
|
|
|
printing.enable = true;
|
|
|
|
|
|
|
|
nextcloud = {
|
|
|
|
enable = true;
|
|
|
|
hostName = "localhost";
|
|
|
|
config.adminpassFile = "${pkgs.writeText "adminpass" "test123"}";
|
|
|
|
};
|
|
|
|
|
|
|
|
jellyfin = {
|
|
|
|
enable = false;
|
|
|
|
user = "akill";
|
|
|
|
openFirewall = false;
|
|
|
|
};
|
|
|
|
|
|
|
|
pipewire = {
|
|
|
|
enable = true;
|
|
|
|
alsa.enable = true;
|
|
|
|
alsa.support32Bit = true;
|
|
|
|
pulse.enable = true;
|
|
|
|
};
|
|
|
|
|
|
|
|
xserver = {
|
|
|
|
enable = true;
|
|
|
|
dpi = 144;
|
|
|
|
libinput.enable = true;
|
|
|
|
desktopManager.xterm.enable = false;
|
|
|
|
displayManager = {
|
|
|
|
lightdm.enable = false;
|
|
|
|
startx.enable = true;
|
|
|
|
defaultSession = "none+i3";
|
|
|
|
};
|
|
|
|
windowManager.i3.enable = true;
|
|
|
|
};
|
|
|
|
|
2023-09-29 21:13:48 +02:00
|
|
|
udev.packages = [pkgs.rtl-sdr pkgs.openhantek6022];
|
2023-08-11 20:41:58 +02:00
|
|
|
|
|
|
|
tlp = {
|
|
|
|
enable = true;
|
|
|
|
};
|
|
|
|
|
|
|
|
actkbd = {
|
|
|
|
enable = true;
|
|
|
|
bindings = [
|
|
|
|
{
|
2023-09-29 21:13:48 +02:00
|
|
|
keys = [113];
|
|
|
|
events = ["key"];
|
2023-08-11 20:41:58 +02:00
|
|
|
command = "/run/current-system/sw/bin/runuser -l akill -c 'amixer -q set Master toggle'";
|
|
|
|
}
|
|
|
|
|
|
|
|
{
|
2023-09-29 21:13:48 +02:00
|
|
|
keys = [114];
|
|
|
|
events = ["key" "rep"];
|
2023-08-11 20:41:58 +02:00
|
|
|
command = "/run/current-system/sw/bin/runuser -l akill -c 'amixer -q set Master 5%- unmute'";
|
|
|
|
}
|
|
|
|
|
|
|
|
{
|
2023-09-29 21:13:48 +02:00
|
|
|
keys = [115];
|
|
|
|
events = ["key" "rep"];
|
2023-08-11 20:41:58 +02:00
|
|
|
command = "/run/current-system/sw/bin/runuser -l akill -c 'amixer -q set Master 5%+ unmute'";
|
|
|
|
}
|
|
|
|
|
|
|
|
{
|
2023-09-29 21:13:48 +02:00
|
|
|
keys = [224];
|
|
|
|
events = ["key"];
|
2023-08-11 20:41:58 +02:00
|
|
|
command = "${pkgs.light}/bin/light -U 5";
|
|
|
|
}
|
|
|
|
|
|
|
|
{
|
2023-09-29 21:13:48 +02:00
|
|
|
keys = [225];
|
|
|
|
events = ["key"];
|
2023-08-11 20:41:58 +02:00
|
|
|
command = "${pkgs.light}/bin/light -A 5";
|
|
|
|
}
|
|
|
|
];
|
|
|
|
};
|
|
|
|
|
|
|
|
mpd = {
|
|
|
|
musicDirectory = "/home/mpd/music";
|
|
|
|
enable = false;
|
|
|
|
extraConfig = ''
|
|
|
|
audio_output {
|
|
|
|
type "pulse"
|
|
|
|
name "pulsee srv"
|
|
|
|
server "127.0.0.1"
|
|
|
|
}
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
dnscrypt-proxy2 = {
|
|
|
|
enable = true;
|
|
|
|
settings = {
|
|
|
|
ipv6_servers = true;
|
|
|
|
require_dnssec = true;
|
|
|
|
|
|
|
|
sources.public-resolvers = {
|
|
|
|
urls = [
|
|
|
|
"https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md"
|
|
|
|
"https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md"
|
|
|
|
];
|
|
|
|
cache_file = "/var/lib/dnscrypt-proxy2/public-resolvers.md";
|
|
|
|
minisign_key = "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
journald.extraConfig = ''
|
|
|
|
SystemMaxUse=50M
|
|
|
|
'';
|
|
|
|
|
|
|
|
logind.extraConfig = ''
|
|
|
|
KillUserProcesses=yes
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
|
|
|
|
fonts = {
|
|
|
|
fontconfig = {
|
|
|
|
cache32Bit = true;
|
|
|
|
allowBitmaps = true;
|
|
|
|
useEmbeddedBitmaps = true;
|
|
|
|
defaultFonts = {
|
2023-09-29 21:13:48 +02:00
|
|
|
monospace = ["JetBrainsMono"];
|
2023-08-11 20:41:58 +02:00
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
fonts = with pkgs; [
|
|
|
|
dejavu_fonts
|
|
|
|
dina-font
|
|
|
|
fira-code
|
|
|
|
fira-code-symbols
|
|
|
|
font-awesome
|
|
|
|
font-awesome_4
|
|
|
|
inconsolata
|
|
|
|
iosevka
|
|
|
|
jetbrains-mono
|
|
|
|
liberation_ttf
|
|
|
|
noto-fonts
|
|
|
|
noto-fonts-cjk
|
|
|
|
noto-fonts-emoji
|
|
|
|
proggyfonts
|
|
|
|
siji
|
|
|
|
terminus_font
|
|
|
|
terminus_font_ttf
|
|
|
|
ubuntu_font_family
|
|
|
|
];
|
|
|
|
};
|
|
|
|
|
|
|
|
virtualisation = {
|
|
|
|
containers.storage.settings = {
|
|
|
|
storage = {
|
|
|
|
driver = "btrfs";
|
|
|
|
graphroot = "/var/lib/containers/storage";
|
|
|
|
runroot = "/run/containers/storage";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
podman = {
|
|
|
|
enable = true;
|
|
|
|
dockerCompat = true;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
sound.enable = true;
|
|
|
|
|
|
|
|
hardware = {
|
|
|
|
bluetooth = {
|
|
|
|
enable = true;
|
|
|
|
settings = {
|
|
|
|
General = {
|
|
|
|
Enable = "Source,Sink,Media,Socket";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
opengl = {
|
|
|
|
enable = true;
|
|
|
|
driSupport = true;
|
|
|
|
driSupport32Bit = true;
|
|
|
|
extraPackages = with pkgs; [
|
|
|
|
];
|
|
|
|
};
|
|
|
|
};
|
|
|
|
|
|
|
|
zramSwap = {
|
|
|
|
enable = false;
|
|
|
|
algorithm = "zstd";
|
|
|
|
};
|
|
|
|
|
|
|
|
users.users.akill = {
|
|
|
|
isNormalUser = true;
|
|
|
|
shell = pkgs.zsh;
|
2023-09-29 21:13:48 +02:00
|
|
|
extraGroups = ["wireshark" "kvm" "tty" "audio" "sound" "adbusers" "dialout"];
|
2023-08-11 20:41:58 +02:00
|
|
|
};
|
|
|
|
}
|