201 lines
5.3 KiB
Nix
201 lines
5.3 KiB
Nix
{ inputs, config, pkgs, ... }:
|
|
{
|
|
nix.settings = {
|
|
trusted-substituters = [
|
|
"https://t2linux.cachix.org"
|
|
];
|
|
trusted-public-keys = [
|
|
"t2linux.cachix.org-1:P733c5Gt1qTcxsm+Bae0renWnT8OLs0u9+yfaK2Bejw="
|
|
];
|
|
};
|
|
imports = [
|
|
# ./t2.nix
|
|
# "${builtins.fetchGit { url = "https://github.com/kekrby/nixos-hardware.git"; }}/apple/t2"
|
|
./hardware-configuration.nix
|
|
../common.nix
|
|
inputs.mms.module
|
|
];
|
|
|
|
# boot.supportedFilesystems = pkgs.lib.mkForce [ "ext4" "btrfs" "squashfs" ];
|
|
# networking.wireless.enable = pkgs.lib.mkForce false;
|
|
|
|
# services.xserver.displayManager.autoLogin.user = pkgs.lib.mkForce "jade";
|
|
# users.users.jade = pkgs.lib.mkForce {
|
|
# isNormalUser = true;
|
|
# extraGroups = [ "wheel" "input" "uinput" "libvirtd" ];
|
|
# packages = with pkgs; [
|
|
# ];
|
|
# };
|
|
|
|
jade = {
|
|
desktop.enable = true;
|
|
desktop.compositing = true;
|
|
terminal.enable = true;
|
|
neovim.enable = true;
|
|
zsh.enable = true;
|
|
};
|
|
|
|
fileSystems = {
|
|
"/".options = [ "compress=zstd:3" ];
|
|
"/home".options = [ "compress=zstd:3" ];
|
|
"/nix".options = [ "compress=zstd:3" "noatime" ];
|
|
#"/swap".options = [ "noatime" ];
|
|
};
|
|
|
|
boot.loader.systemd-boot.enable = true;
|
|
boot.loader.efi.canTouchEfiVariables = true;
|
|
|
|
networking.networkmanager.enable = true;
|
|
|
|
networking.hostName = "potatobook-g";
|
|
|
|
|
|
services.xserver = {
|
|
resolutions = [ { x = 1920; y = 1200; } ];
|
|
# dpi = 180;
|
|
layout = "us";
|
|
xkbVariant = "altgr-intl";
|
|
};
|
|
|
|
services.autorandr = {
|
|
enable = true;
|
|
profiles = {
|
|
"default" = {
|
|
config = {
|
|
"eDP-1" = {
|
|
enable = true;
|
|
mode = "1920x1200";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
# environment.variables = {
|
|
# GDK_SCALE = "2";
|
|
# GDK_DPI_SCALE = "0.5";
|
|
# _JAVA_OPTIONS = "-Dsun.java2d.uiScale=2";
|
|
# };
|
|
|
|
hardware.bluetooth.enable = true;
|
|
hardware.keyboard.uhk.enable = true;
|
|
|
|
|
|
# missing: menu-qalc picom-jonaburg
|
|
environment.systemPackages = with pkgs; [
|
|
# TODO: clean up.
|
|
miraclecast blender
|
|
];
|
|
|
|
environment.pathsToLink = [
|
|
"/share/nix-direnv"
|
|
];
|
|
|
|
services.blueman.enable = true;
|
|
|
|
services.gnome.gnome-keyring.enable = true;
|
|
programs.seahorse.enable = true;
|
|
security.pam.services.jade.enableGnomeKeyring = true;
|
|
|
|
# Copy the NixOS configuration file and link it from the resulting system
|
|
# (/run/current-system/configuration.nix). This is useful in case you
|
|
# accidentally delete configuration.nix.
|
|
# system.copySystemConfiguration = true;
|
|
|
|
# networking.firewall.allowedTCPPorts = [ 4713 ];
|
|
systemd.services."NetworkManager-wait-online".enable = false;
|
|
|
|
services.modded-minecraft-servers = {
|
|
# This is mandatory, sorry.
|
|
eula = true;
|
|
|
|
# The name will be used for the state folder and system user.
|
|
# In this case, the folder is `/var/lib/mc-e2es`
|
|
# and the user `mc-e2es`.
|
|
instances = {
|
|
e2es = {
|
|
enable = true;
|
|
jvmMaxAllocation = "7G";
|
|
jvmInitialAllocation = "2G";
|
|
rsyncSSHKeys = [ "" ];
|
|
serverConfig = {
|
|
# Port must be unique
|
|
white-list = true;
|
|
spawn-protection = 0;
|
|
max-tick-time = 5 * 60 * 1000;
|
|
allow-flight = true;
|
|
server-port = 8080;
|
|
motd = "Hello world";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
# i rly should put that important big comment back here
|
|
system.stateVersion = "22.11"; # Did you read the comment?
|
|
|
|
systemd.services = {
|
|
create-swapfile = {
|
|
serviceConfig.Type = "oneshot";
|
|
wantedBy = [ "swap-swapfile.swap" ];
|
|
script = ''
|
|
swapfile="/swap/swapfile"
|
|
if [[ -f "$swapfile" ]]; then
|
|
echo "Swap file $swapfile already exists, taking no action"
|
|
else
|
|
echo "Setting up swap file $swapfile"
|
|
${pkgs.coreutils}/bin/truncate -s 0 "$swapfile"
|
|
${pkgs.e2fsprogs}/bin/chattr +C "$swapfile"
|
|
fi
|
|
'';
|
|
};
|
|
};
|
|
|
|
services.logind.extraConfig = ''
|
|
RuntimeDirectorySize=12G
|
|
'';
|
|
|
|
networking = {
|
|
#nameservers = [
|
|
#"192.168.8.205"
|
|
#];
|
|
wireguard = {
|
|
enable = true;
|
|
interfaces = {
|
|
wg-maxim-vpn = {
|
|
privateKey = "CLcq8sCnusXz0jFHz6ODAZBD2Sn2vb9a5BCfbQGrrXk=";
|
|
listenPort = 21124;
|
|
ips = [
|
|
"10.0.0.4/32"
|
|
];
|
|
peers = [
|
|
{
|
|
allowedIPs = [
|
|
"10.0.0.0/24"
|
|
"192.168.8.0/24"
|
|
#"0.0.0.0/0"
|
|
"::/0"
|
|
];
|
|
endpoint = "vpn.local.germannr4.com:51820";
|
|
persistentKeepalive = 25;
|
|
publicKey = "coP4Hh1smQvVI52ftZFyPfmzvsKZcT/hHa8zHMrlZwE=";
|
|
}
|
|
];
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
#fileSystems."/swap" = {
|
|
# device = "/dev/disk/by-uuid/f6d243ec-6be9-4551-8cbb-aefb7b691a62";
|
|
# fsType = "btrfs";
|
|
# options = [ "subvol=swap" "noatime" ];
|
|
#};
|
|
#systemd.services.nix-daemon.environment.NIX_SSHOPTS = let
|
|
#knownHosts = pkgs.writeText "known-hosts" ''
|
|
#${builtins.readFile ../secret-data/ssh-desktop-knownhosts-thingies}
|
|
#'';
|
|
#in builtins.trace "-oIdentityFile=/home/jade/.ssh/id_rsa -oUserKnownHostsFile=${knownHosts}" "-v -oIdentityFile=/home/jade/.ssh/id_rsa -oUserKnownHostsFile=/home/jade/nix-configs/secret-data/ssh-desktop-knownhosts-thingies";
|
|
}
|
|
|
|
|