From 2f77fe642b8c3f763dd64bb4bdd539925b43bab0 Mon Sep 17 00:00:00 2001 From: Arne Keller Date: Fri, 4 Feb 2022 18:59:47 +0100 Subject: [PATCH] All NixOS config changes since last commit --- .config/configuration.nix | 205 +++++++++++++++++++++++++------------- 1 file changed, 135 insertions(+), 70 deletions(-) diff --git a/.config/configuration.nix b/.config/configuration.nix index 8e9f83b..43b10c8 100644 --- a/.config/configuration.nix +++ b/.config/configuration.nix @@ -1,4 +1,4 @@ -{ config, pkgs, ... }: +{ config, lib, pkgs, ... }: let my-python3-packages = python3-packages: with python3-packages; [ @@ -11,6 +11,10 @@ let pyside2 markdown psutil + + scipy + numpy + pillow ]; #my-python2-packages = python2-packages: with python2-packages; [ # pip setuptools @@ -22,8 +26,12 @@ let # pyopengl-accelerate #]; python3-with-my-packages = pkgs.python3.withPackages my-python3-packages; - #python2-with-my-packages = pkgs.python2.withPackages my-python2-packages; + #python2-with-my-packages = pkgs.python2.withPackages my-python2-packages; linuxPackages = pkgs.linuxPackages_5_10; + mpvPlus = pkgs.mpv-with-scripts.override { + scripts = [ pkgs.mpvScripts.mpris ]; + }; + microsoftErgonomicKeyboard = pkgs.callPackage /home/arne/nixpkgs/microsoft-ergonomic-keyboard { kernel = linuxPackages.kernel; }; in { imports = @@ -31,13 +39,20 @@ in ./hardware-configuration.nix ]; - # Use the systemd-boot EFI boot loader. + nix.autoOptimiseStore = true; + boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; boot.kernelPackages = linuxPackages; - boot.extraModulePackages = [ config.boot.kernelPackages.v4l2loopback ]; - boot.kernelModules = [ "v4l2loopback" ]; - boot.kernelParams = [ "mitigations=off" ]; + #boot.kernelPatches = [ + # { + # name = "fixup MS keyboard"; + # patch = /home/arne/src/linux-5.10.62/0001-change-it.patch; + # } + #]; + boot.extraModulePackages = [ config.boot.kernelPackages.v4l2loopback microsoftErgonomicKeyboard ]; + boot.kernelModules = [ "v4l2loopback" "nct6775" "hid_microsoft_ergonomic" ]; + boot.kernelParams = [ "mitigations=off" "amdgpu.noretry=0" ]; boot.kernel.sysctl = { # enable Alt+SysRq commands "kernel.sysrq" = 1; @@ -57,12 +72,32 @@ in boot.tmpOnTmpfs = true; hardware.cpu.amd.updateMicrocode = true; + hardware.mcelog.enable = true; services.fstrim.enable = true; services.journald.extraConfig = "SystemMaxUse=100M"; + #hardware.bluetooth.enable = true; + networking.useDHCP = false; networking.interfaces.enp39s0.useDHCP = true; + #networking.interfaces.enp42s0f3u2.useDHCP = false; + #networking.interfaces.enp42s0f3u2.proxyARP = true; + #networking.interfaces.enp42s0f3u2.ipv4.routes = [ + # { + # address = "10.0.0.0"; + # prefixLength = 24; + # } + #]; + #networking.interfaces.enp42s0f3u2.ipv4.addresses = [ + # { + # address = "10.0.0.1"; + # prefixLength = 24; + # } + #]; networking.hostName = "nixOS"; + #networking.hosts = { + # "10.0.0.2" = [ "arne-ThinkPad-T410" ]; + #}; networking.firewall.logRefusedConnections = false; networking.firewall.rejectPackets = true; networking.firewall.allowedTCPPorts = [ 12783 12975 25565 ]; @@ -80,7 +115,7 @@ in security.sudo.extraConfig = '' Defaults insults - Defaults timestamp_timeout=-1 + Defaults timestamp_timeout=10 ''; time.timeZone = "Europe/Berlin"; @@ -99,7 +134,6 @@ in KDE_UTF8_FILENAMES = "1"; ANDROID_SDK_HOME = "$HOME/.cache"; GRADLE_USER_HOME = "$HOME/.cache/gradle"; - MATHEMATICA_USERBASE = "$HOME/.cache/mathematica"; XCOMPOSECACHE = "$HOME/.cache/X11/xcompose"; }; environment.extraInit = '' @@ -125,17 +159,29 @@ in services.xserver.enable = true; services.xserver.enableCtrlAltBackspace = true; services.xserver.libinput.enable = true; - services.xserver.layout = "us"; - services.xserver.xkbVariant = "dvorak"; + #services.xserver.libinput.accelProfile = "flat"; + services.xserver.layout = "dvorak-custom"; + services.xserver.extraLayouts = { + dvorak-custom = { + description = "Dvorak customized"; + languages = [ "eng" ]; + symbolsFile = /home/arne/.config/dvorak-custom; + }; + }; + services.xserver.autoRepeatDelay = 183; + services.xserver.autoRepeatInterval = 33; services.xserver.displayManager.sddm.enable = true; + services.xserver.displayManager.job.logToJournal = true; services.xserver.desktopManager.plasma5.enable = true; xdg.portal.enable = true; xdg.portal.gtkUsePortal = true; - + fonts.enableDefaultFonts = true; fonts.fonts = with pkgs; [ noto-fonts-emoji liberation_ttf + cozette + font-awesome ]; virtualisation.docker.enable = true; @@ -143,6 +189,10 @@ in #virtualisation.anbox.enable = true; # services.printing.enable = true; + services.trilium-server.enable = true; + #services.trilium-server.dataDir = "/home/arne/.local/share/trilium-sync-server-data"; + #services.trilium-server.host = "192.168.178.21"; + services.trilium-server.port = 12783; services.boinc.enable = true; services.vnstat.enable = true; services.gitlab-runner.enable = true; @@ -150,11 +200,12 @@ in shell = { registrationConfigFile = "/home/arne/Documents/gitlab-runner-registration"; executor = "shell"; + buildsDir = "/tmp/builds_dir"; }; - shell2 = { - registrationConfigFile = "/home/arne/Documents/gitlab-runner-registration-kv"; - executor = "shell"; - }; + #shell2 = { + # registrationConfigFile = "/home/arne/Documents/gitlab-runner-registration-kv"; + # executor = "shell"; + #}; }; services.openvpn.servers = { kit-split = { @@ -172,9 +223,24 @@ in }; # services.logmein-hamachi.enable = true; - sound.enable = true; - hardware.pulseaudio.enable = true; - hardware.pulseaudio.support32Bit = true; + sound.enable = false; + #hardware.pulseaudio.enable = false; + #hardware.pulseaudio.support32Bit = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # this does not exist (yet?) + #pulse.support32Bit = true; + # If you want to use JACK applications, uncomment this + #jack.enable = true; + + # use the example session manager (no others are packaged yet so this is enabled by default, + # no need to redefine it in your config for now) + #media-session.enable = true; + }; hardware.opengl.enable = true; hardware.opengl.driSupport = true; @@ -184,7 +250,7 @@ in users.users.arne = { isNormalUser = true; - extraGroups = [ "wheel" "docker" "adbusers" ]; + extraGroups = [ "wheel" "docker" "adbusers" "wireshark" "audio" ]; shell = pkgs.zsh; }; @@ -197,55 +263,43 @@ in "mathematica" "idea-ultimate" "android-studio-stable" - #"logmein-hamachi" ]; packageOverrides = super: let self = super.pkgs; in { maven = super.maven.override { jdk = super.pkgs.jdk11; }; - # remove tesseract and ImageMagick - ripgrep-all = super.ripgrep-all.overrideDerivation (attrs: { - postInstall = '' - wrapProgram $out/bin/rga \ - --prefix PATH ":" "${super.pkgs.lib.makeBinPath [ super.pkgs.pandoc super.pkgs.poppler_utils super.pkgs.ripgrep ]}" - ''; - doInstallCheck = false; + # remove openssl/curl + rustup = super.rustup.overrideAttrs (attrs: rec { + buildInputs = [ super.pkgs.zlib ]; + cargoBuildFlags = [ "--no-default-features --features no-self-update,reqwest-backend,reqwest-rustls-tls" ]; + doCheck = false; }); - qbittorrent = super.qbittorrent.overrideAttrs (attrs: rec { - version = "4.3.4.1"; - src = pkgs.fetchFromGitHub { - owner = "qbittorrent"; - repo = "qbittorrent"; - rev = "release-4.3.4.1"; # TODO: is there some reason this also has to be specified? - sha256 = "0hpv99ky077h5rvxxd76l5xv99ivqa1hq6739jp1gvl4w6w3cbgc"; - }; - }); - # remove openssl - #rustup = super.rustup.overrideAttrs (attrs: rec { - # buildInputs = [ super.pkgs.zlib ]; - # # this does not actually work due to #103130 - # cargoBuildFlags = [ "--no-default-features" "--features" "no-self-update" "reqwest-backend" "reqwest-rustls-tls" ]; - # doCheck = false; - #}); }; }; programs.steam.enable = true; programs.zsh.enable = true; programs.zsh.enableGlobalCompInit = false; + programs.zsh.interactiveShellInit = '' + source ${pkgs.nix-index}/etc/profile.d/command-not-found.sh + ''; + programs.command-not-found.enable = false; programs.adb.enable = true; - programs.gnupg.agent = { + programs.wireshark.enable = true; + programs.wireshark.package = pkgs.wireshark; + programs.gnupg.agent = { enable = true; - enableSSHSupport = true; + enableSSHSupport = false; pinentryFlavor = "qt"; }; + # do not show unlock prompt on login + security.pam.services.sddm.enableKwallet = lib.mkOverride 0 false; environment.systemPackages = with pkgs; [ # standard utilities coreutils gzip - gcc manpages dnsutils - vim htop curl wget file zsh git + vim htop curl wget file zsh git git-branchless tree killall # premium utilities jq tmux @@ -255,6 +309,7 @@ in iotop img2pdf pdftk + exa fd zoxide fzf @@ -263,39 +318,47 @@ in ffmpeg_4 # programming environments - geckodriver + #geckodriver #python2-with-my-packages python3-with-my-packages - jdk11 maven visualvm + jdk8 + #visualvm rustup - jupyter + cargo-outdated cargo-edit + #jupyter vscodium jetbrains.idea-ultimate #androidStudioPackages.stable - nodejs + #nodejs + gcc10 gnumake cmake + llvmPackages_11.bintools + + # cplex + key # CLI applications lynx droidcam sqlite borgbackup - nix-tree - gallery-dl - youtube-dl - plantuml - tectonic + nix-tree rnix-hashes + #gallery-dl + yt-dlp + #plantuml + #tectonic docker-compose qemu graphviz # GUI applications sqlitebrowser - gimp + (gimp-with-plugins.override { plugins = [ gimpPlugins.gmic ]; }) firefox thunderbird + ungoogled-chromium keepassxc josm - anki + #anki tor-browser-bundle-bin mathematica gparted @@ -303,27 +366,25 @@ in qdirstat filelight libreoffice-fresh - filezilla qbittorrent tdesktop - yakuake okular akregator kwalletmanager gwenview ark kcalc kcolorchooser kompare k3b kcharselect - kdeApplications.kruler + alacritty + okular akregator kwalletmanager gwenview ark kcalc kcolorchooser kompare k3b kcharselect kmag + plasma5Packages.kruler kdeconnect plasma-vault ksshaskpass notepadqq - mpv - bitcoin + mpvPlus - xorg.xkbcomp + #xorg.xkbcomp xorg.xrandr + #evtest lm_sensors xclip ntfs3g cryptsetup pinentry-qt - wineWowPackages.full - winetricks cdrkit vnstat aspellDicts.de @@ -332,15 +393,19 @@ in linuxPackages.perf perf-tools smartmontools - libfaketime - afl + #libfaketime + #afl # Games multimc - minecraft + #minecraft #logmein-hamachi - update-resolv-conf + update-resolv-conf # for OpenVPN configs + + # List of packages to get on demand + #wineWowPackages.full + #winetricks ]; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions