From ad25a3cfe117900f19c08f0bdc2797fc03eff054 Mon Sep 17 00:00:00 2001 From: Asmir A Date: Fri, 29 Sep 2023 22:39:06 +0200 Subject: [PATCH] meta: move config to separate file --- configuration.nix | 341 ---------------------------------------------- 1 file changed, 341 deletions(-) delete mode 100644 configuration.nix diff --git a/configuration.nix b/configuration.nix deleted file mode 100644 index 1428810..0000000 --- a/configuration.nix +++ /dev/null @@ -1,341 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). -{ - config, - pkgs, - lib, - caps2esc, - nix-xilinx, - sops-nix, - zremap, - ... -}: { - imports = []; - - system.stateVersion = "23.05"; - system.autoUpgrade.enable = false; - - sops.age.sshKeyPaths = ["/etc/ssh/ssh_host_ed25519_key"]; - sops.secrets."peerix/private" = { - sopsFile = ./secrets/peerix.yaml; - mode = "0400"; - owner = config.users.users.nobody.name; - group = config.users.users.nobody.group; - }; - - nix = { - optimise.automatic = true; - gc.automatic = true; - gc.options = "--delete-older-than 7d"; - package = pkgs.nixUnstable; - settings = { - experimental-features = ["nix-command" "flakes"]; - trusted-public-keys = [ - "binarycache.mediabox.lan:3vZwbCaCuOK5fc92rKknvyU7e5fDbnKEKLb/VTaICoU=" - ]; - }; - }; - - boot = { - extraModulePackages = with config.boot.kernelPackages; [usbip]; - initrd.compressor = "zstd"; - initrd.kernelModules = ["amdgpu"]; - kernelPackages = pkgs.linuxPackages_latest; - kernelParams = ["psmouse.synaptics_intertouch=0"]; - loader.efi.canTouchEfiVariables = true; - loader.systemd-boot.editor = false; - loader.systemd-boot.enable = true; - readOnlyNixStore = true; - supportedFilesystems = ["btrfs"]; - tmp.useTmpfs = true; - }; - - security = { - rtkit.enable = true; - allowSimultaneousMultithreading = true; - sudo.enable = true; - doas.enable = true; - doas.extraRules = [ - { - users = ["akill"]; - keepEnv = true; - persist = true; - } - ]; - }; - - powerManagement = { - enable = true; - }; - - networking = { - firewall = { - enable = true; - allowedTCPPorts = [80 443]; - }; - - hostName = "nixy"; - nameservers = ["127.0.0.1" "::1"]; - dhcpcd.extraConfig = "nohook resolv.conf"; - - extraHosts = '' - 192.168.88.171 jellyfin.mediabox.lan - 192.168.88.171 mediabox.lan - 192.168.88.171 qbittorrent.mediabox.lan - 192.168.88.1 router.lan - 192.168.88.231 workstation.lan - ''; - - networkmanager = { - enable = true; - dns = "none"; - wifi.backend = "iwd"; - }; - - wireless.iwd = { - enable = true; - settings = { - General = { - AddressRandomization = "network"; - #EnableNetworkConfiguration = true; - }; - }; - }; - }; - - time.timeZone = "Europe/Sarajevo"; - - nixpkgs.config.allowUnfree = true; - nixpkgs.overlays = [nix-xilinx.overlay]; - environment = { - homeBinInPath = true; - variables = { - PATH = "$HOME/.cargo/bin"; - }; - }; - - programs = { - gnupg.agent = { - enable = true; - enableSSHSupport = true; - }; - zsh.enable = true; - firejail.enable = true; - adb.enable = true; - wireshark.enable = true; - sway.enable = true; - }; - - # List services that you want to enable: - systemd = { - services = { - "zremap" = { - description = "Intercepts keyboard udev events"; - wants = ["systemd-udevd.service"]; - wantedBy = ["multi-user.target"]; - serviceConfig.Nice = -20; - script = '' - sleep 1 - ${zremap.defaultPackage.x86_64-linux}/bin/zremap \ - /dev/input/by-path/platform-i8042-serio-0-event-kbd - ''; - }; - }; - - extraConfig = '' - DefaultTimeoutStartSec=30s - DefaultTimeoutStopSec=30s - ''; - }; - - services = { - acpid.enable = true; - btrfs.autoScrub.enable = true; - dbus.enable = true; - fstrim.enable = true; - fwupd.enable = true; - ntp.enable = true; - openssh.enable = true; - printing.enable = true; - - pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - }; - - xserver = { - enable = true; - dpi = 144; - libinput.enable = true; - desktopManager.xterm.enable = false; - displayManager = { - lightdm.enable = false; - startx.enable = true; - defaultSession = "none+i3"; - }; - windowManager.i3.enable = true; - }; - - udev = { - packages = [pkgs.rtl-sdr pkgs.openhantek6022]; - extraRules = '' - #Xilinx FTDI - ACTION=="add", ATTR{idVendor}=="0403", ATTR{manufacturer}=="Xilinx", MODE:="666" - - #Xilinx Digilent - ATTR{idVendor}=="1443", MODE:="666" - ACTION=="add", ATTR{idVendor}=="0403", ATTR{manufacturer}=="Digilent", MODE:="666" - ''; - }; - - tlp = { - enable = true; - }; - - actkbd = { - enable = true; - bindings = [ - { - keys = [113]; - events = ["key"]; - command = "/run/current-system/sw/bin/runuser -l akill -c 'amixer -q set Master toggle'"; - } - - { - keys = [114]; - events = ["key" "rep"]; - command = "/run/current-system/sw/bin/runuser -l akill -c 'amixer -q set Master 5%- unmute'"; - } - - { - keys = [115]; - events = ["key" "rep"]; - command = "/run/current-system/sw/bin/runuser -l akill -c 'amixer -q set Master 5%+ unmute'"; - } - - { - keys = [224]; - events = ["key"]; - command = "${pkgs.light}/bin/light -U 5"; - } - - { - keys = [225]; - events = ["key"]; - command = "${pkgs.light}/bin/light -A 5"; - } - ]; - }; - - dnscrypt-proxy2 = { - enable = true; - settings = { - ipv6_servers = true; - require_dnssec = true; - - sources.public-resolvers = { - urls = [ - "https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md" - "https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md" - ]; - cache_file = "/var/lib/dnscrypt-proxy2/public-resolvers.md"; - minisign_key = "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3"; - }; - }; - }; - - nix-serve = { - enable = false; - secretKeyFile = "/var/cache-priv-key.pem"; - }; - - journald.extraConfig = '' - SystemMaxUse=50M - ''; - - logind.extraConfig = '' - KillUserProcesses=yes - ''; - }; - - fonts = { - fontconfig = { - cache32Bit = true; - allowBitmaps = true; - useEmbeddedBitmaps = true; - defaultFonts = { - monospace = ["JetBrainsMono"]; - }; - }; - - packages = with pkgs; [ - dejavu_fonts - dina-font - fira-code - fira-code-symbols - font-awesome - font-awesome_4 - inconsolata - iosevka - jetbrains-mono - liberation_ttf - noto-fonts - noto-fonts-cjk - noto-fonts-emoji - proggyfonts - siji - terminus_font - terminus_font_ttf - ubuntu_font_family - ]; - }; - - virtualisation = { - containers.storage.settings = { - storage = { - driver = "btrfs"; - graphroot = "/var/lib/containers/storage"; - runroot = "/run/containers/storage"; - }; - }; - podman = { - enable = true; - autoPrune.enable = true; - dockerCompat = true; - }; - }; - - sound.enable = true; - - hardware = { - bluetooth = { - enable = true; - settings = { - General = { - Enable = "Source,Sink,Media,Socket"; - }; - }; - }; - - opengl = { - enable = true; - driSupport = true; - driSupport32Bit = true; - extraPackages = with pkgs; []; - }; - }; - - zramSwap = { - enable = false; - algorithm = "zstd"; - }; - - users.users.akill = { - isNormalUser = true; - shell = pkgs.zsh; - extraGroups = ["wireshark" "kvm" "tty" "audio" "sound" "adbusers" "dialout" "wheel"]; - }; -}