nix-configs/potatobook-g/configuration.nix

202 lines
5.3 KiB
Nix

{ inputs, config, pkgs, ... }:
{
nix.settings = {
trusted-substituters = [
"https://t2linux.cachix.org"
];
trusted-public-keys = [
"t2linux.cachix.org-1:P733c5Gt1qTcxsm+Bae0renWnT8OLs0u9+yfaK2Bejw="
];
};
imports = [
# ./t2.nix
# "${builtins.fetchGit { url = "https://github.com/kekrby/nixos-hardware.git"; }}/apple/t2"
./hardware-configuration.nix
../common.nix
../modules
#inputs.mms.module
];
# boot.supportedFilesystems = pkgs.lib.mkForce [ "ext4" "btrfs" "squashfs" ];
# networking.wireless.enable = pkgs.lib.mkForce false;
# services.xserver.displayManager.autoLogin.user = pkgs.lib.mkForce "jade";
# users.users.jade = pkgs.lib.mkForce {
# isNormalUser = true;
# extraGroups = [ "wheel" "input" "uinput" "libvirtd" ];
# packages = with pkgs; [
# ];
# };
jade = {
flatpak.enable = true;
desktop.enable = true;
desktop.compositing = true;
terminal.enable = true;
neovim.enable = true;
zsh.enable = true;
};
fileSystems = {
"/".options = [ "compress=zstd:3" ];
"/home".options = [ "compress=zstd:3" ];
"/nix".options = [ "compress=zstd:3" "noatime" ];
#"/swap".options = [ "noatime" ];
};
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
networking.networkmanager.enable = true;
networking.hostName = "potatobook-g";
services.xserver = {
resolutions = [ { x = 1920; y = 1200; } ];
# dpi = 180;
layout = "us";
xkbVariant = "altgr-intl";
};
services.autorandr = {
enable = true;
profiles = {
"default" = {
config = {
"eDP-1" = {
enable = true;
mode = "1920x1200";
};
};
};
};
};
# environment.variables = {
# GDK_SCALE = "2";
# GDK_DPI_SCALE = "0.5";
# _JAVA_OPTIONS = "-Dsun.java2d.uiScale=2";
# };
hardware.bluetooth.enable = true;
hardware.keyboard.uhk.enable = true;
# missing: menu-qalc picom-jonaburg
environment.systemPackages = with pkgs; [
# TODO: clean up.
];
environment.pathsToLink = [
"/share/nix-direnv"
];
services.blueman.enable = true;
services.gnome.gnome-keyring.enable = true;
programs.seahorse.enable = true;
security.pam.services.jade.enableGnomeKeyring = true;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
# networking.firewall.allowedTCPPorts = [ 4713 ];
systemd.services."NetworkManager-wait-online".enable = false;
#services.modded-minecraft-servers = {
# This is mandatory, sorry.
#eula = true;
# The name will be used for the state folder and system user.
# In this case, the folder is `/var/lib/mc-e2es`
# and the user `mc-e2es`.
#instances = {
#e2es = {
#enable = true;
#jvmMaxAllocation = "7G";
#jvmInitialAllocation = "2G";
#rsyncSSHKeys = [ "" ];
#serverConfig = {
## Port must be unique
#white-list = true;
#spawn-protection = 0;
#max-tick-time = 5 * 60 * 1000;
#allow-flight = true;
#server-port = 8080;
#motd = "Hello world";
#};
#};
#};
#};
# i rly should put that important big comment back here
system.stateVersion = "22.11"; # Did you read the comment?
systemd.services = {
create-swapfile = {
serviceConfig.Type = "oneshot";
wantedBy = [ "swap-swapfile.swap" ];
script = ''
swapfile="/swap/swapfile"
if [[ -f "$swapfile" ]]; then
echo "Swap file $swapfile already exists, taking no action"
else
echo "Setting up swap file $swapfile"
${pkgs.coreutils}/bin/truncate -s 0 "$swapfile"
${pkgs.e2fsprogs}/bin/chattr +C "$swapfile"
fi
'';
};
};
services.logind.extraConfig = ''
RuntimeDirectorySize=12G
'';
networking = {
#nameservers = [
#"192.168.8.205"
#];
wireguard = {
enable = true;
interfaces = {
wg-maxim-vpn = {
privateKey = "CLcq8sCnusXz0jFHz6ODAZBD2Sn2vb9a5BCfbQGrrXk=";
listenPort = 21124;
ips = [
"10.0.0.4/32"
];
peers = [
{
allowedIPs = [
"10.0.0.0/24"
"192.168.8.0/24"
#"0.0.0.0/0"
"::/0"
];
endpoint = "vpn.local.germannr4.com:51820";
persistentKeepalive = 25;
publicKey = "coP4Hh1smQvVI52ftZFyPfmzvsKZcT/hHa8zHMrlZwE=";
}
];
};
};
};
};
#fileSystems."/swap" = {
# device = "/dev/disk/by-uuid/f6d243ec-6be9-4551-8cbb-aefb7b691a62";
# fsType = "btrfs";
# options = [ "subvol=swap" "noatime" ];
#};
#systemd.services.nix-daemon.environment.NIX_SSHOPTS = let
#knownHosts = pkgs.writeText "known-hosts" ''
#${builtins.readFile ../secret-data/ssh-desktop-knownhosts-thingies}
#'';
#in builtins.trace "-oIdentityFile=/home/jade/.ssh/id_rsa -oUserKnownHostsFile=${knownHosts}" "-v -oIdentityFile=/home/jade/.ssh/id_rsa -oUserKnownHostsFile=/home/jade/nix-configs/secret-data/ssh-desktop-knownhosts-thingies";
}