# Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, lib, lix-module, rs-programs, ... }: with lib; with builtins; { imports = [lix-module.nixosModules.default]; nix = { package = pkgs.nixVersions.stable; settings = { extra-substituters = [ "https://cache.lix.systems" ]; trusted-public-keys = [ "cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o=" ]; }; extraOptions = '' experimental-features = nix-command flakes keep-outputs = true keep-derivations = true ''; }; nixpkgs = { config = { allowUnfree = true; permittedInsecurePackages = [ "electron-27.3.11" "nodejs-16.20.0" ]; }; overlays = [rs-programs]; }; environment = { systemPackages = with pkgs; [ overskride pulsemixer htmlq prusa-slicer zed-editor wget git neofetch pciutils zip unzip gnutar iw btop nodejs maven jetbrains.idea-ultimate jetbrains.rust-rover jdk libsecret fzf ripgrep appimage-run git-crypt file whois p7zip file tree socat smartmontools mprocs dig aria2 cyme numbat devd libjxl s10e-jrnl ungoogled-chromium scc speedtest-rs ]; }; networking = { networkmanager = { enable = true; }; }; services = { systemd-lock-handler.enable = true; openssh = { enable = true; # settings.PasswordAuthentication = false; # settings.KbdInteractiveAuthentication = false; }; }; programs = { ssh.startAgent = false; gnupg.agent = { enable = true; enableSSHSupport = true; }; dconf.enable = true; mtr.enable = true; }; hardware.gpgSmartcards.enable = true; time.timeZone = "Europe/Berlin"; home-manager.users.jade = { nixosConfig, pkgs, ... }: { home.sessionVariables.TZ = nixosConfig.time.timeZone; }; nixpkgs.config.packageOverrides = pkgs: { sudo = pkgs.sudo.override {withInsults = true;}; }; security.sudo.extraConfig = "Defaults insults"; boot.kernel.sysctl."vm.max_map_count" = 2147483642; hardware = { uinput.enable = true; bluetooth.enable = true; # keyboard.uhk.enable = true; }; services.avahi = { enable = true; }; security.rtkit.enable = true; users.users.jade = { isNormalUser = true; extraGroups = ["wheel" "input" "uinput" "libvirtd" "adbusers" "dialout" "plugdev" "wireshark"]; }; zramSwap = { enable = true; algorithm = "zstd"; }; users.defaultUserShell = pkgs.nushell; nix.gc = { automatic = true; dates = "weekly"; options = "--delete-older-than 60d"; }; }