nixos-configuration/roles/workstation.nix

210 lines
4.7 KiB
Nix
Raw Normal View History

2020-05-30 14:07:02 +02:00
{ config, pkgs, builtins, ... }:
{
nixpkgs.config.allowUnfree = true;
2020-11-28 13:01:38 +01:00
# for ihp
nix.trustedUsers = [ "root" "me" ];
2020-11-28 15:52:24 +01:00
boot = {
# use latest kernel
kernelPackages = pkgs.linuxPackages_latest;
# Use the systemd-boot EFI boot loader.
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true;
# mount tmp as tmpfs
tmpOnTmpfs = true;
2020-05-30 14:07:02 +02:00
2020-11-28 15:52:24 +01:00
initrd.luks.devices = {
root = {
device = "/dev/nvme0n1p2";
preLVM = true;
};
2020-05-30 14:07:02 +02:00
};
};
networking.hostName = "w1n5t0n"; # Define your hostname.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# The global useDHCP flag is deprecated, therefore explicitly set to false here.
# Per-interface useDHCP will be mandatory in the future, so this generated config
# replicates the default behaviour.
networking.useDHCP = false;
networking.interfaces.eno1.useDHCP = true;
networking.networkmanager.enable = true;
services.unbound.enable = true;
2020-05-30 14:07:02 +02:00
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Select internationalisation properties.
i18n.defaultLocale = "en_GB.UTF-8";
# console = {
# font = "Lat2-Terminus16";
# keyMap = "eu";
# };
# Set your time zone.
time.timeZone = "Europe/Berlin";
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
2020-12-03 11:04:46 +01:00
arandr
2020-05-30 14:07:02 +02:00
glibcLocales
keepassxc
lxappearance
networkmanagerapplet
nextcloud-client
pavucontrol
termite
vim
which
xfce.thunar
xfce.thunar-volman
# mounting external devices in thunar
gvfs
2020-05-30 14:07:02 +02:00
];
# mounting external devices as user
services.udisks2.enable = true;
2020-05-30 14:07:02 +02:00
# required for nextcloud
services.gnome3.gnome-keyring.enable = true;
2020-11-02 15:00:01 +01:00
virtualisation.podman = {
enable = true;
dockerCompat = true;
};
2020-05-30 14:07:02 +02:00
# virtualisation.lxd.enable = true;
# virtualisation.virtualbox.host.enable = true;
# virtualisation.virtualbox.host.enableExtensionPack = true;
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
pinentryFlavor = "curses";
2020-05-30 14:07:02 +02:00
};
# List services that you want to enable:
# Enable the OpenSSH daemon.
# services.openssh.enable = true;
# Open ports in the firewall.
networking.firewall.allowedTCPPorts = [
# barrier
24800 42829
# pulseaudio over network
# 16001 4713
];
2020-05-30 14:07:02 +02:00
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# Enable CUPS to print documents.
services.printing.enable = true;
# Enable sound.
sound.enable = true;
hardware.pulseaudio = {
enable = true;
# tcp = {
# enable = true;
# anonymousClients.allowAll = true;
# };
};
2020-05-30 14:07:02 +02:00
# set keyboard layout
environment.sessionVariables = {
XKB_DEFAULT_OPTIONS = "caps:escape";
XKB_DEFAULT_LAYOUT = "eu";
};
# Enable the X11 windowing system.
services.xserver = {
enable = true;
layout = "eu";
xkbOptions = "caps:escape";
displayManager = {
defaultSession = "none+i3";
lightdm.enable = true;
};
windowManager.i3 = {
enable = true;
extraPackages = with pkgs; [
dmenu
rofi
i3status
i3lock
i3blocks
];
};
};
# required for i3
environment.pathsToLink = [ "/libexec" ]; # links /libexec from derivations to /run/current-system/sw
# Enable touchpad support.
# services.xserver.libinput.enable = true;
# Enable the KDE Desktop Environment.
# services.xserver.displayManager.sddm.enable = true;
# services.xserver.desktopManager.plasma5.enable = true;
# enable zsh globally
programs.zsh.enable = true;
# Define a user account. Don't forget to set a password with passwd.
users.users.me = {
shell = pkgs.zsh;
createHome = true;
isNormalUser = true;
extraGroups = [
"adbusers"
"audio"
"davfs2"
2020-05-30 14:07:02 +02:00
"disk"
"docker"
"networkmanager"
"plugdev"
"vboxusers"
"video"
"wheel"
];
};
# systemd.services.home-manager-me.preStart = ''
# ${pkgs.nix}/bin/nix-env -i -E
# '';
fonts.fonts = with pkgs; [
font-awesome-ttf
#nerdfonts
noto-fonts-cjk
powerline-fonts
];
# Enable NTFS support
boot.supportedFilesystems = [ "ntfs" ];
imports =
[
./subroles/dev.nix
./subroles/entertainment.nix
./subroles/internet.nix
./subroles/office.nix
./subroles/university.nix
2020-05-30 14:07:02 +02:00
];
}