{ config, lib, pkgs, ... }:
{
imports =
[
./hardware-configuration.nix
];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
# Kernel
boot.kernelPackages = pkgs.linuxPackages_latest;
boot.kernelParams = [ "kvm.enable_virt_at_load=0" ];
boot.kernelModules = [ "iptable_nat" ];
# System
networking.hostName = "lachrymal-abg"; # Define your hostname.
time.timeZone = "America/Toronto";
i18n.defaultLocale = "ja_JP.UTF-8";
nixpkgs.config.allowUnfree = true;
xdg.portal.enable = true;
services.displayManager.sddm = {
enable = true;
wayland.enable = true;
settings.General.DisplayServer = "wayland";
};
# services.xserver.desktopManager.lxqt.enable = true;
# environment.lxqt.excludePackages = with pkgs; [ lxqt.qterminal ];
services.desktopManager.plasma6.enable = true;
environment.plasma6.excludePackages = with pkgs.kdePackages; [
elisa
kate
khelpcenter
gwenview
kate
konsole
];
# Fonts
fonts = {
packages = with pkgs; [
noto-fonts
noto-fonts-cjk-sans
noto-fonts-cjk-serif
noto-fonts-emoji
liberation_ttf
victor-mono
lmodern
lmmath
wqy_zenhei
];
fontDir.enable = true;
fontconfig = {
enable = true;
};
};
# Enable CUPS to print documents.
services.printing.enable = true;
# Enable sound.
services.pulseaudio.enable = false;
services.pipewire = {
enable = true;
audio.enable = true;
pulse.enable = true;
alsa.enable = true;
alsa.support32Bit = true;
};
# Steam
programs.steam = {
enable = true;
extraCompatPackages = with pkgs; [
proton-ge-bin
];
};
users.users.lach = {
isNormalUser = true;
extraGroups = [ "wheel" "docker" ]; # Enable ‘sudo’ for the user.
};
environment.systemPackages = with pkgs; [
vesktop
wget
pciutils
gpustat
mg
micro-full
# ventoy-full
git-credential-oauth
hugo
gnumake
cmake
bun
python314
nodejs
ruff
uv
gcc
pkg-config
rustc
cargo
rust-analyzer
zig
kdePackages.oxygen
wayland-scanner
];
nixpkgs.overlays = [
(import ./im-overlays.nix)
];
programs.git = {
enable = true;
package = pkgs.gitFull;
config.credential.helper = [ "libsecret" "oauth" ];
};
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
# pinentryPackage = lib.mkForce pkgs.pinentry-qt;
};
services.openssh.enable = true;
# Samba
services.samba = {
package = pkgs.samba4Full;
enable = true;
openFirewall = true;
settings = {
global = {
"security" = "user";
"guest account" = "nobody";
"map to guest" = "bad user";
"server smb encrypt" = "required";
"server min protocol" = "SMB3_00";
};
DL = {
path = "/run/media/lach/A0762DC8762DA050/Downloads";
browseable = "yes";
"read only" = "no";
"guest ok" = "no";
"create mask" = "0644";
"directory mask" = "0755";
"force user" = "lach";
};
Anime = {
path = "/run/media/lach/A0762DC8762DA050/Archive/Anime";
browseable = "yes";
"read only" = "no";
"guest ok" = "no";
"create mask" = "0644";
"directory mask" = "0755";
"force user" = "lach";
};
};
};
services.avahi = {
publish.enable = true;
publish.userServices = true;
enable = true;
openFirewall = true;
};
networking.firewall.enable = true;
networking.firewall.allowPing = true;
networking.firewall.allowedTCPPorts = [ 8888 ];
# virtualisation.docker = {
# enable = true;
# storageDriver = "btrfs";
# };
system.stateVersion = "24.05";
}