nixos-config/configuration.nix
2025-04-30 16:58:32 -04:00

187 lines
3.8 KiB
Nix
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{ config, lib, pkgs, ... }:
{
imports =
[
./hardware-configuration.nix
];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
# Kernel
boot.kernelPackages = pkgs.linuxPackages_latest;
boot.kernelParams = [ "kvm.enable_virt_at_load=0" ];
boot.kernelModules = [ "iptable_nat" ];
# System
networking.hostName = "lachrymal-abg"; # Define your hostname.
time.timeZone = "America/Toronto";
i18n.defaultLocale = "ja_JP.UTF-8";
nixpkgs.config.allowUnfree = true;
xdg.portal.enable = true;
services.displayManager.sddm = {
enable = true;
wayland.enable = true;
settings.General.DisplayServer = "wayland";
};
# services.xserver.desktopManager.lxqt.enable = true;
# environment.lxqt.excludePackages = with pkgs; [ lxqt.qterminal ];
services.desktopManager.plasma6.enable = true;
environment.plasma6.excludePackages = with pkgs.kdePackages; [
elisa
kate
khelpcenter
gwenview
kate
konsole
];
# Fonts
fonts = {
packages = with pkgs; [
noto-fonts
noto-fonts-cjk-sans
noto-fonts-cjk-serif
noto-fonts-emoji
liberation_ttf
victor-mono
lmodern
lmmath
wqy_zenhei
];
fontDir.enable = true;
fontconfig = {
enable = true;
};
};
# Enable CUPS to print documents.
services.printing.enable = true;
# Enable sound.
services.pulseaudio.enable = false;
services.pipewire = {
enable = true;
audio.enable = true;
pulse.enable = true;
alsa.enable = true;
alsa.support32Bit = true;
};
# Steam
programs.steam = {
enable = true;
extraCompatPackages = with pkgs; [
proton-ge-bin
];
};
users.users.lach = {
isNormalUser = true;
extraGroups = [ "wheel" "docker" ]; # Enable sudo for the user.
};
environment.systemPackages = with pkgs; [
vesktop
wget
pciutils
gpustat
mg
micro-full
ventoy-full
git-credential-oauth
hugo
gnumake
bun
python314
nodejs
ruff
uv
gcc
pkg-config
rustc
cargo
rust-analyzer
zig
kdePackages.oxygen
];
nixpkgs.overlays = [
(import ./im-overlays.nix)
];
programs.git = {
enable = true;
package = pkgs.gitFull;
config.credential.helper = [ "libsecret" "oauth" ];
};
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
# pinentryPackage = lib.mkForce pkgs.pinentry-qt;
};
services.openssh.enable = true;
# Samba
services.samba = {
package = pkgs.samba4Full;
enable = true;
openFirewall = true;
settings = {
global = {
"security" = "user";
"guest account" = "nobody";
"map to guest" = "bad user";
"server smb encrypt" = "required";
"server min protocol" = "SMB3_00";
};
DL = {
path = "/run/media/lach/A0762DC8762DA050/Downloads";
browseable = "yes";
"read only" = "no";
"guest ok" = "no";
"create mask" = "0644";
"directory mask" = "0755";
"force user" = "lach";
};
Anime = {
path = "/run/media/lach/A0762DC8762DA050/Archive/Anime";
browseable = "yes";
"read only" = "no";
"guest ok" = "no";
"create mask" = "0644";
"directory mask" = "0755";
"force user" = "lach";
};
};
};
services.avahi = {
publish.enable = true;
publish.userServices = true;
enable = true;
openFirewall = true;
};
networking.firewall.enable = true;
networking.firewall.allowPing = true;
networking.firewall.allowedTCPPorts = [ 8888 ];
# virtualisation.docker = {
# enable = true;
# storageDriver = "btrfs";
# };
system.stateVersion = "24.05";
}