# Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, ... }: let pass = pkgs.pass.withExtensions (exts: [ exts.pass-otp ]); in { imports = [ # Include the results of the hardware scan. /etc/nixos/hardware-configuration.nix ./dotfiles/local/local-nixos.nix ]; # Bootloader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; boot.supportedFilesystems = [ "ntfs" "exfat" ]; boot.kernelModules = [ "v4l2loopback" ]; boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback.out ]; boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. # Configure network proxy if necessary # networking.proxy.default = "http://user:password@proxy:port/"; # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; # Enable networking networking.networkmanager.enable = true; services.printing.enable = true; services.avahi = { enable = true; nssmdns4 = true; openFirewall = true; }; services.printing.drivers = with pkgs; [ epson-escpr2 epson-escpr dcp9020cdwlpr ghostscript cups-filters ]; services.mullvad-vpn.enable = true; services.mullvad-vpn.package = pkgs.mullvad-vpn; services.ollama.enable = true; # Set your time zone. time.timeZone = "Europe/Stockholm"; # Select internationalisation properties. i18n.defaultLocale = "en_US.UTF-8"; i18n.extraLocaleSettings = { LC_ADDRESS = "sv_SE.UTF-8"; LC_IDENTIFICATION = "sv_SE.UTF-8"; LC_MEASUREMENT = "sv_SE.UTF-8"; LC_MONETARY = "sv_SE.UTF-8"; LC_NAME = "sv_SE.UTF-8"; LC_NUMERIC = "sv_SE.UTF-8"; LC_PAPER = "sv_SE.UTF-8"; LC_TELEPHONE = "sv_SE.UTF-8"; LC_TIME = "sv_SE.UTF-8"; }; programs.hyprland.enable = true; services.xserver.enable = true; # You may need to comment out "services.displayManager.gdm.enable = true;" services.displayManager.sddm.enable = true; services.desktopManager.plasma6.enable = true; # Configure console keymap console.keyMap = "sv-latin1"; # Define a user account. Don't forget to set a password with ‘passwd’. users.users.svante = { isNormalUser = true; description = "Svante"; extraGroups = [ "networkmanager" "wheel" "audio" "dialout" "wireshark" ]; shell = pkgs.zsh; packages = with pkgs; []; }; services.udisks2.enable = true; # hardware.pulseaudio.enable = true; # hardware.pulseaudio.support32Bit = true; # nixpkgs.config.pulseaudio = true; programs.zsh.enable = true; programs.dconf.enable = true; # Allow unfree packages nixpkgs.config.allowUnfree = true; services.syncthing = { enable = true; user = "svante"; dataDir = "/home/svante/Documents"; # Default folder for new synced folders configDir = "/home/svante/Documents/.config/syncthing"; # Folder for Syncthing's settings and keys }; # virtualisation.docker.enable = true; # virtualisation.docker.rootless = { # enable = true; # setSocketVariable = true; # }; programs.wireshark.enable = true; virtualisation.containers.enable = true; virtualisation = { podman = { enable = true; # Create a `docker` alias for podman, to use it as a drop-in replacement dockerCompat = true; # Required for containers under podman-compose to be able to talk to each other. defaultNetwork.settings.dns_enabled = true; }; }; # List packages installed in system profile. To search, run: # $ nix search wget environment.systemPackages = with pkgs; [ vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. neovim libsForQt5.lightly curl gsettings-desktop-schemas mlocate gphoto2 waybar glib links2 dolphin pkg-config gnome.nautilus kitty librewolf fuzzel obsidian os-prober libsForQt5.kdeconnect-kde polkit_gnome wireguard-tools git gnupg dmenu gnome.adwaita-icon-theme wtype cifs-utils ffmpeg pulsemixer wineWowPackages.staging xorg.xhost swaybg swww python3 python311Packages.pip python311Packages.pygobject3 gparted libsForQt5.kamoso zoom-us gcc pass cryptsetup vscode-langservers-extracted zsh cowsay tor-browser discord betterdiscordctl grimblast pandoc nodePackages.eslint lmms bluez wl-clipboard home-manager file dive # look into docker image layers podman-tui # status of containers in the terminal podman-compose # start group of containers for dev (epsonscan2.override { withNonFreePlugins = true; }) ]; security.polkit.enable = true; environment.variables = { LD_LIBRARY_PATH = with pkgs; lib.makeLibraryPath [ fontconfig freetype libGL libxkbcommon wayland ]; }; programs.nix-ld.libraries = with pkgs; [ stdenv.cc.cc zlib fuse3 icu zlib nss openssl curl expat fontconfig wayland libGL libxkbcommon ]; security.rtkit.enable = true; services.pipewire = { enable = true; wireplumber.enable = true; alsa.enable = true; alsa.support32Bit = false; pulse.enable = true; }; security.sudo.extraRules = [ { groups = [ "wheel" ]; commands = [ { command = "/run/current-system/sw/bin/wg-quick"; options = [ "NOPASSWD" ]; } { command = "/run/current-system/sw/bin/wg"; options = [ "NOPASSWD" ]; } ]; } ]; environment.etc = { "wireplumber/bluetooth.lua.d/51-bluez-config.lua".text = '' bluez_monitor.properties = { ["bluez5.enable-sbc-xq"] = true, ["bluez5.enable-msbc"] = true, ["bluez5.enable-hw-volume"] = true, ["bluez5.headset-roles"] = "[ hsp_hs hsp_ag hfp_hf hfp_ag ]" } ''; }; hardware.bluetooth.enable = true; # enables support for Bluetooth hardware.bluetooth.powerOnBoot = true; # powers up the default Bluetooth controller on boot services.blueman.enable = true; services.pcscd.enable = true; services.locate = { enable = true; package = pkgs.mlocate; interval = "hourly"; localuser = null; }; programs.nix-ld.enable = true; programs.gnupg.agent = { enable = true; pinentryPackage = pkgs.pinentry-gnome3; }; virtualisation.virtualbox.host.enable = true; users.extraGroups.vboxusers.members = [ "svante" ]; services.dbus.packages = [ pkgs.gcr ]; nix.settings.experimental-features = [ "nix-command" "flakes" ]; services.xserver.xkb.layout = "se"; services.xserver.xkb.variant = ""; fonts.packages = with pkgs; [ (nerdfonts.override { fonts = [ "FiraCode" "RobotoMono" "JetBrainsMono" ]; }) comic-mono ]; nixpkgs.config.permittedInsecurePackages = [ "electron-25.9.0" ]; # For mount.cifs, required unless domain name resolution is not needed. fileSystems."/mnt/UngDataStyrelse" = { device = "//vanten-s.com/UngDataStyrelse"; fsType = "cifs"; options = let # this line prevents hanging on network split automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users,exec"; in ["${automount_opts},credentials=/etc/nixos/smb-secrets,uid=1000,gid=100"]; }; fileSystems."/mnt/models" = { device = "//vanten-s.com/models"; fsType = "cifs"; options = let # this line prevents hanging on network split automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users,exec"; in ["${automount_opts},credentials=/etc/nixos/smb-secrets,uid=1000,gid=100"]; }; fileSystems."/mnt/photos" = { device = "//vanten-s.com/photos"; fsType = "cifs"; options = let # this line prevents hanging on network split automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users,exec"; in ["${automount_opts},credentials=/etc/nixos/smb-secrets,uid=1000,gid=100"]; }; # Some programs need SUID wrappers, can be configured further or are # started in user sessions. # programs.mtr.enable = true; # programs.gnupg.agent = { # enable = true; # enableSSHSupport = true; # }; # List services that you want to enable: # Enable the OpenSSH daemon. services.openssh.enable = true; # Open ports in the firewall. # networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ]; # Or disable the firewall altogether. # networking.firewall.enable = false; networking.firewall = { enable = true; allowedTCPPortRanges = [ { from = 1714; to = 1764; } # KDE Connect { from = 22000; to = 22000; } # KDE Connect ]; allowedUDPPortRanges = [ { from = 22000; to = 22000; } # KDE Connect ]; }; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "23.11"; # Did you read the comment? }