166 lines
4.5 KiB
Nix
166 lines
4.5 KiB
Nix
{ config, pkgs, lib, disko, sydnix-cli, ... }:
|
|
|
|
{
|
|
imports = [
|
|
./hardware.nix
|
|
./filesystems.nix
|
|
];
|
|
|
|
sydnix = {
|
|
filesystemType = "btrfs";
|
|
wifi.enable = true;
|
|
stylix.enable = true;
|
|
niri.enable = true;
|
|
steam.enable = true;
|
|
bluetooth.enable = true;
|
|
users.users = [
|
|
"crumb"
|
|
"msyds"
|
|
];
|
|
|
|
impermanence = {
|
|
enable = true;
|
|
directories = [
|
|
# "Warning: Neither /var/lib/nixos nor any of its parents are persisted.
|
|
# This means all users/groups without specified uids/gids will have them
|
|
# reassigned on reboot."
|
|
"/var/lib/nixos"
|
|
# We don't want to have different ssh keys on reboot, because ssh keys
|
|
# are expected to consistently identify machines... I think. I mostly
|
|
# just think it's annoying to edit ~/.ssh/known_hosts all the time.
|
|
"/etc/ssh"
|
|
];
|
|
rollback = {
|
|
enable = true;
|
|
device = "/dev/disk/by-id/ata-APPLE_SSD_SM0512G_S29ANYAH526520-part5";
|
|
subvolume = "rootfs";
|
|
};
|
|
};
|
|
};
|
|
|
|
services.displayManager.sddm = {
|
|
enable = true;
|
|
wayland.enable = true;
|
|
autoNumlock = true;
|
|
};
|
|
|
|
services.libinput = {
|
|
enable = true;
|
|
# Disable mouse acceleration.
|
|
mouse.accelProfile = "flat";
|
|
# Sensitivity.
|
|
mouse.accelSpeed = "-0.5";
|
|
};
|
|
|
|
services.pipewire = {
|
|
enable = true;
|
|
alsa.enable = true;
|
|
alsa.support32Bit = true;
|
|
# Pulseaudio compatibility layer.
|
|
pulse.enable = true;
|
|
wireplumber.enable = true;
|
|
};
|
|
|
|
# Ensure pipewire processes get realtime priority.
|
|
security.rtkit.enable = true;
|
|
|
|
# services.xserver.desktopManager.plasma5.enable = true;
|
|
|
|
# Disable systemd-sleep. Let KDE or whatever dim the screen without
|
|
# suspending the computer.
|
|
systemd.sleep.extraConfig = ''
|
|
AllowSuspend=no
|
|
AllowHibernation=no
|
|
AllowHybridSleep=no
|
|
AllowSuspendThenHibernate=no
|
|
'';
|
|
|
|
boot.loader = {
|
|
grub.enable = false;
|
|
systemd-boot.enable = true;
|
|
efi.canTouchEfiVariables = false;
|
|
};
|
|
|
|
time.timeZone = "America/Denver";
|
|
|
|
i18n.defaultLocale = "en_US.UTF-8";
|
|
|
|
console = {
|
|
useXkbConfig = true; # Use xkb.options in tty.
|
|
};
|
|
|
|
hardware.nvidia.open = false;
|
|
|
|
services.xserver = {
|
|
# enable = true;
|
|
xkb = {
|
|
layout = "us";
|
|
options = "ctrl:swapcaps,compose:menu";
|
|
};
|
|
};
|
|
|
|
# Usually we try to delegate declarations of globally-available packages to
|
|
# separate modules. These are some exceptional essentials.
|
|
environment.systemPackages = [
|
|
pkgs.neovim
|
|
pkgs.git
|
|
pkgs.waypipe
|
|
sydnix-cli.packages.x86_64-linux.default
|
|
];
|
|
|
|
services.openssh = {
|
|
enable = true;
|
|
settings.PermitRootLogin = "yes";
|
|
settings.X11Forwarding = true;
|
|
};
|
|
|
|
# TODO: Move to defaults.
|
|
users.mutableUsers = false;
|
|
|
|
nix = {
|
|
settings = {
|
|
allow-import-from-derivation = true;
|
|
trusted-users = [
|
|
"@wheel"
|
|
];
|
|
substituters = [
|
|
"https://cache.deertopia.net"
|
|
"https://nix-community.cachix.org"
|
|
"https://cache.nixos.org"
|
|
"https://cache.iog.io"
|
|
];
|
|
trusted-public-keys = [
|
|
(builtins.readFile ../../public-keys/deertopia-cache.pub.pem)
|
|
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
|
"hydra.iohk.io:f/Ea+s+dFdN+3Y/G+FDgSq+a5NEWhJGzdjvKNGv0/EQ="
|
|
];
|
|
};
|
|
};
|
|
|
|
security.pki.certificateFiles = [
|
|
../../public-keys/lolc.at.crt
|
|
];
|
|
|
|
# This option defines the first version of NixOS you have installed on this
|
|
# particular machine, and is used to maintain compatibility with application
|
|
# data (e.g. databases) created on older NixOS versions.
|
|
#
|
|
# Most users should NEVER change this value after the initial install, for any
|
|
# reason, even if you've upgraded your system to a new NixOS release.
|
|
#
|
|
# This value does NOT affect the Nixpkgs version your packages and OS are
|
|
# pulled from, so changing it will NOT upgrade your system - see
|
|
# https://nixos.org/manual/nixos/stable/#sec-upgrading for how to actually do
|
|
# that.
|
|
#
|
|
# This value being lower than the current NixOS release does NOT mean your
|
|
# system is out of date, out of support, or vulnerable.
|
|
#
|
|
# Do NOT change this value unless you have manually inspected all the changes
|
|
# it would make to your configuration, and migrated your data accordingly.
|
|
#
|
|
# For more information, see `man configuration.nix` or
|
|
# https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
|
|
system.stateVersion = "25.05"; # Did you read the comment?
|
|
}
|