292 lines
7.3 KiB
Nix
292 lines
7.3 KiB
Nix
# Edit this configuration file to define what should be installed on
|
||
# your system. Help is available in the configuration.nix(5) man page
|
||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||
|
||
{ config, pkgs, lib, ... }:
|
||
|
||
let
|
||
# bash script to let dbus know about important env variables and
|
||
# propagate them to relevent services run at the end of sway config
|
||
# see
|
||
# https://github.com/emersion/xdg-desktop-portal-wlr/wiki/"It-doesn't-work"-Troubleshooting-Checklist
|
||
# note: this is pretty much the same as /etc/sway/config.d/nixos.conf but also restarts
|
||
# some user services to make sure they have the correct environment variables
|
||
dbus-sway-environment = pkgs.writeTextFile {
|
||
name = "dbus-sway-environment";
|
||
destination = "/bin/dbus-sway-environment";
|
||
executable = true;
|
||
|
||
text = ''
|
||
dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP=sway
|
||
systemctl --user stop pipewire pipewire-media-session xdg-desktop-portal xdg-desktop-portal-wlr
|
||
systemctl --user start pipewire pipewire-media-session xdg-desktop-portal xdg-desktop-portal-wlr
|
||
'';
|
||
};
|
||
|
||
# currently, there is some friction between sway and gtk:
|
||
# https://github.com/swaywm/sway/wiki/GTK-3-settings-on-Wayland
|
||
# the suggested way to set gtk settings is with gsettings
|
||
# for gsettings to work, we need to tell it where the schemas are
|
||
# using the XDG_DATA_DIR environment variable
|
||
# run at the end of sway config
|
||
configure-gtk = pkgs.writeTextFile {
|
||
name = "configure-gtk";
|
||
destination = "/bin/configure-gtk";
|
||
executable = true;
|
||
text = let
|
||
schema = pkgs.gsettings-desktop-schemas;
|
||
datadir = "${schema}/share/gsettings-schemas/${schema.name}";
|
||
in ''
|
||
export XDG_DATA_DIRS=${datadir}:$XDG_DATA_DIRS
|
||
gnome_schema=org.gnome.desktop.interface
|
||
gsettings set $gnome_schema gtk-theme 'Dracula'
|
||
'';
|
||
};
|
||
|
||
in
|
||
|
||
{
|
||
imports =
|
||
[ # Include the results of the hardware scan.
|
||
./hardware-configuration.nix
|
||
];
|
||
|
||
# Bootloader.
|
||
boot.loader.grub.enable = true;
|
||
boot.loader.grub.device = "/dev/sda";
|
||
boot.loader.grub.useOSProber = false;
|
||
|
||
# Setup keyfile
|
||
boot.initrd.secrets = {
|
||
"/crypto_keyfile.bin" = null;
|
||
};
|
||
|
||
# Enable grub cryptodisk
|
||
boot.loader.grub.enableCryptodisk = true;
|
||
|
||
boot.initrd.luks.devices."luks-efc0285c-812e-4946-936b-37e737fb72eb".keyFile = "/crypto_keyfile.bin";
|
||
|
||
# allow crosscompiling for raspberrypi
|
||
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
|
||
|
||
networking.hostName = "lift";
|
||
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
|
||
|
||
networking.networkmanager.enable = true;
|
||
|
||
nix.settings.experimental-features = ["nix-command" "flakes"];
|
||
|
||
# Set your time zone.
|
||
time.timeZone = "Europe/Berlin";
|
||
|
||
# Select internationalisation properties.
|
||
i18n.defaultLocale = "en_US.UTF-8";
|
||
|
||
i18n.extraLocaleSettings = {
|
||
LC_ADDRESS = "de_DE.UTF-8";
|
||
LC_IDENTIFICATION = "de_DE.UTF-8";
|
||
LC_MEASUREMENT = "de_DE.UTF-8";
|
||
LC_MONETARY = "de_DE.UTF-8";
|
||
LC_NAME = "de_DE.UTF-8";
|
||
LC_NUMERIC = "de_DE.UTF-8";
|
||
LC_PAPER = "de_DE.UTF-8";
|
||
LC_TELEPHONE = "de_DE.UTF-8";
|
||
LC_TIME = "de_DE.UTF-8";
|
||
};
|
||
|
||
|
||
# Configure console keymap
|
||
console.keyMap = "de-latin1-nodeadkeys";
|
||
|
||
# Enable scanning
|
||
hardware.sane.enable = true;
|
||
|
||
# bluetooth
|
||
hardware.bluetooth.enable = true;
|
||
|
||
# Enable sound with pipewire.
|
||
sound.enable = true;
|
||
# hardware.pulseaudio.enable = false;
|
||
security.rtkit.enable = true;
|
||
|
||
# Define a user account. Don't forget to set a password with ‘passwd’.
|
||
users.users.rothe = {
|
||
isNormalUser = true;
|
||
description = "rothe";
|
||
extraGroups = [ "networkmanager" "wheel" "video" "scanner" "lp" "docker"];
|
||
shell = pkgs.fish;
|
||
packages = with pkgs; [
|
||
chromium
|
||
firefox
|
||
flatpak
|
||
thunderbird
|
||
];
|
||
};
|
||
|
||
nixpkgs.config.allowUnfree = true;
|
||
environment.systemPackages = with pkgs; [
|
||
ack
|
||
avrdude
|
||
bind
|
||
black # code formatting
|
||
calibre
|
||
configure-gtk
|
||
cmake
|
||
cryptsetup
|
||
curl
|
||
dbus-sway-environment
|
||
dracula-theme
|
||
dmenu
|
||
docker-compose
|
||
evince
|
||
ffmpeg
|
||
fish
|
||
foot
|
||
fzf
|
||
gammastep
|
||
gcc
|
||
gimp
|
||
git
|
||
glib
|
||
gnome.eog
|
||
gnome.nautilus
|
||
gnome.simple-scan
|
||
gnucash
|
||
gnumake
|
||
gnupg
|
||
go
|
||
google-cloud-sdk
|
||
gotools
|
||
htop
|
||
i3status
|
||
inkscape
|
||
ispell
|
||
jq
|
||
kanshi
|
||
keychain
|
||
libreoffice
|
||
mako
|
||
mosquitto
|
||
mypy
|
||
nextcloud-client
|
||
nodePackages.pnpm
|
||
nodePackages.typescript
|
||
nmap
|
||
pass-secret-service
|
||
pavucontrol
|
||
pinentry
|
||
portfolio
|
||
pulseaudio
|
||
pylint
|
||
python311
|
||
python311Packages.flake8
|
||
python311Packages.ipython
|
||
roboto-mono
|
||
rofi # dmenu replacement
|
||
scrot # screenshot
|
||
signal-desktop
|
||
silver-searcher
|
||
shellcheck
|
||
spotify
|
||
sqlite
|
||
sway
|
||
sway-contrib.grimshot
|
||
swayidle
|
||
swaylock
|
||
syncthing
|
||
tailscale
|
||
telegram-desktop
|
||
tinygo
|
||
tmux
|
||
tree
|
||
unzip
|
||
vim-full
|
||
vlc
|
||
wayland
|
||
wayshot
|
||
wdisplays
|
||
wget
|
||
wl-clipboard
|
||
xdg-utils
|
||
yt-dlp
|
||
];
|
||
|
||
xdg.portal = {
|
||
enable = true;
|
||
wlr.enable = true;
|
||
# gtk portal needed to make gtk apps happy
|
||
extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
|
||
};
|
||
|
||
# enable sway window manager
|
||
programs.sway = {
|
||
enable = true;
|
||
wrapperFeatures.gtk = true;
|
||
};
|
||
programs.light.enable = true;
|
||
programs.fish.enable = true;
|
||
programs.gnupg.agent = {
|
||
enable = true;
|
||
pinentryFlavor = "gtk2";
|
||
enableSSHSupport = true;
|
||
};
|
||
|
||
# List services that you want to enable:
|
||
services.resolved = {
|
||
enable = true;
|
||
};
|
||
services.pcscd.enable = true;
|
||
# xdg-desktop-portal works by exposing a series of D-Bus interfaces
|
||
# known as portals under a well-known name
|
||
# (org.freedesktop.portal.Desktop) and object path
|
||
# (/org/freedesktop/portal/desktop).
|
||
# The portal interfaces include APIs for file access, opening URIs,
|
||
# printing and others.
|
||
services.dbus.enable = true;
|
||
services.pipewire = {
|
||
enable = true;
|
||
alsa.enable = true;
|
||
pulse.enable = true;
|
||
};
|
||
services.passSecretService.enable = true;
|
||
services.tailscale.enable = true;
|
||
services.gvfs.enable = true;
|
||
services.xserver.displayManager.gdm.enable = true;
|
||
# Enable CUPS to print documents.
|
||
services.printing.enable = true;
|
||
services.blueman.enable = true;
|
||
services.syncthing = {
|
||
enable = true;
|
||
user = "rothe";
|
||
group = "users";
|
||
dataDir = "/home/rothe";
|
||
overrideFolders = false;
|
||
overrideDevices = false;
|
||
};
|
||
|
||
fonts.packages = with pkgs; [
|
||
roboto-mono
|
||
];
|
||
|
||
networking.firewall = {
|
||
enable = true;
|
||
allowedTCPPorts = [ ];
|
||
};
|
||
# This value determines the NixOS release from which the default
|
||
# settings for stateful data, like file locations and database versions
|
||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||
# this value at the release version of the first install of this system.
|
||
# Before changing this value read the documentation for this option
|
||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||
system.stateVersion = "23.05"; # Did you read the comment?
|
||
|
||
virtualisation = {
|
||
podman = {
|
||
enable = true;
|
||
|
||
# Required for containers under podman-compose to be able to talk to each other.
|
||
#defaultNetwork.settings.dns_enabled = true;
|
||
};
|
||
};
|
||
}
|