{ config, pkgs, builtins, ... }: { nixpkgs.config.allowUnfree = true; # for ihp nix.trustedUsers = [ "root" "me" ]; boot = { # use latest kernel kernelPackages = pkgs.linuxPackages_latest; # Use the systemd-boot EFI boot loader. loader.systemd-boot.enable = true; loader.efi.canTouchEfiVariables = true; # mount tmp as tmpfs tmpOnTmpfs = true; initrd.luks.devices = { root = { device = "/dev/nvme0n1p2"; preLVM = true; }; }; }; networking.hostName = "w1n5t0n"; # Define your hostname. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. # The global useDHCP flag is deprecated, therefore explicitly set to false here. # Per-interface useDHCP will be mandatory in the future, so this generated config # replicates the default behaviour. networking.useDHCP = false; networking.interfaces.eno1.useDHCP = true; networking.networkmanager.enable = true; services.unbound.enable = true; # Configure network proxy if necessary # networking.proxy.default = "http://user:password@proxy:port/"; # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; # Select internationalisation properties. i18n.defaultLocale = "en_GB.UTF-8"; # console = { # font = "Lat2-Terminus16"; # keyMap = "eu"; # }; # Set your time zone. time.timeZone = "Europe/Berlin"; # List packages installed in system profile. To search, run: # $ nix search wget environment.systemPackages = with pkgs; [ glibcLocales keepassxc lxappearance networkmanagerapplet nextcloud-client pavucontrol termite vim which xfce.thunar xfce.thunar-volman # mounting external devices in thunar gvfs ]; # mounting external devices as user services.udisks2.enable = true; # required for nextcloud services.gnome3.gnome-keyring.enable = true; virtualisation.podman = { enable = true; dockerCompat = true; }; # virtualisation.lxd.enable = true; # virtualisation.virtualbox.host.enable = true; # virtualisation.virtualbox.host.enableExtensionPack = true; # Some programs need SUID wrappers, can be configured further or are # started in user sessions. # programs.mtr.enable = true; programs.gnupg.agent = { enable = true; enableSSHSupport = true; pinentryFlavor = "curses"; }; # List services that you want to enable: # Enable the OpenSSH daemon. # services.openssh.enable = true; # Open ports in the firewall. networking.firewall.allowedTCPPorts = [ # barrier 24800 42829 # pulseaudio over network # 16001 4713 ]; # networking.firewall.allowedUDPPorts = [ ... ]; # Or disable the firewall altogether. # networking.firewall.enable = false; # Enable CUPS to print documents. services.printing.enable = true; # Enable sound. sound.enable = true; hardware.pulseaudio = { enable = true; # tcp = { # enable = true; # anonymousClients.allowAll = true; # }; }; # set keyboard layout environment.sessionVariables = { XKB_DEFAULT_OPTIONS = "caps:escape"; XKB_DEFAULT_LAYOUT = "eu"; }; # Enable the X11 windowing system. services.xserver = { enable = true; layout = "eu"; xkbOptions = "caps:escape"; displayManager = { defaultSession = "none+i3"; lightdm.enable = true; }; windowManager.i3 = { enable = true; extraPackages = with pkgs; [ dmenu rofi i3status i3lock i3blocks ]; }; }; # required for i3 environment.pathsToLink = [ "/libexec" ]; # links /libexec from derivations to /run/current-system/sw # Enable touchpad support. # services.xserver.libinput.enable = true; # Enable the KDE Desktop Environment. # services.xserver.displayManager.sddm.enable = true; # services.xserver.desktopManager.plasma5.enable = true; # enable zsh globally programs.zsh.enable = true; # Define a user account. Don't forget to set a password with ‘passwd’. users.users.me = { shell = pkgs.zsh; createHome = true; isNormalUser = true; extraGroups = [ "adbusers" "audio" "davfs2" "disk" "docker" "networkmanager" "plugdev" "vboxusers" "video" "wheel" ]; }; # systemd.services.home-manager-me.preStart = '' # ${pkgs.nix}/bin/nix-env -i -E # ''; fonts.fonts = with pkgs; [ font-awesome-ttf #nerdfonts noto-fonts-cjk powerline-fonts ]; # Enable NTFS support boot.supportedFilesystems = [ "ntfs" ]; imports = [ ./subroles/dev.nix ./subroles/entertainment.nix ./subroles/internet.nix ./subroles/office.nix ./subroles/university.nix ]; }