All NixOS config changes since last commit
This commit is contained in:
parent
87c74b0141
commit
2f77fe642b
@ -1,4 +1,4 @@
|
|||||||
{ config, pkgs, ... }:
|
{ config, lib, pkgs, ... }:
|
||||||
|
|
||||||
let
|
let
|
||||||
my-python3-packages = python3-packages: with python3-packages; [
|
my-python3-packages = python3-packages: with python3-packages; [
|
||||||
@ -11,6 +11,10 @@ let
|
|||||||
pyside2
|
pyside2
|
||||||
markdown
|
markdown
|
||||||
psutil
|
psutil
|
||||||
|
|
||||||
|
scipy
|
||||||
|
numpy
|
||||||
|
pillow
|
||||||
];
|
];
|
||||||
#my-python2-packages = python2-packages: with python2-packages; [
|
#my-python2-packages = python2-packages: with python2-packages; [
|
||||||
# pip setuptools
|
# pip setuptools
|
||||||
@ -24,6 +28,10 @@ let
|
|||||||
python3-with-my-packages = pkgs.python3.withPackages my-python3-packages;
|
python3-with-my-packages = pkgs.python3.withPackages my-python3-packages;
|
||||||
#python2-with-my-packages = pkgs.python2.withPackages my-python2-packages;
|
#python2-with-my-packages = pkgs.python2.withPackages my-python2-packages;
|
||||||
linuxPackages = pkgs.linuxPackages_5_10;
|
linuxPackages = pkgs.linuxPackages_5_10;
|
||||||
|
mpvPlus = pkgs.mpv-with-scripts.override {
|
||||||
|
scripts = [ pkgs.mpvScripts.mpris ];
|
||||||
|
};
|
||||||
|
microsoftErgonomicKeyboard = pkgs.callPackage /home/arne/nixpkgs/microsoft-ergonomic-keyboard { kernel = linuxPackages.kernel; };
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
imports =
|
imports =
|
||||||
@ -31,13 +39,20 @@ in
|
|||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
# Use the systemd-boot EFI boot loader.
|
nix.autoOptimiseStore = true;
|
||||||
|
|
||||||
boot.loader.systemd-boot.enable = true;
|
boot.loader.systemd-boot.enable = true;
|
||||||
boot.loader.efi.canTouchEfiVariables = true;
|
boot.loader.efi.canTouchEfiVariables = true;
|
||||||
boot.kernelPackages = linuxPackages;
|
boot.kernelPackages = linuxPackages;
|
||||||
boot.extraModulePackages = [ config.boot.kernelPackages.v4l2loopback ];
|
#boot.kernelPatches = [
|
||||||
boot.kernelModules = [ "v4l2loopback" ];
|
# {
|
||||||
boot.kernelParams = [ "mitigations=off" ];
|
# name = "fixup MS keyboard";
|
||||||
|
# patch = /home/arne/src/linux-5.10.62/0001-change-it.patch;
|
||||||
|
# }
|
||||||
|
#];
|
||||||
|
boot.extraModulePackages = [ config.boot.kernelPackages.v4l2loopback microsoftErgonomicKeyboard ];
|
||||||
|
boot.kernelModules = [ "v4l2loopback" "nct6775" "hid_microsoft_ergonomic" ];
|
||||||
|
boot.kernelParams = [ "mitigations=off" "amdgpu.noretry=0" ];
|
||||||
boot.kernel.sysctl = {
|
boot.kernel.sysctl = {
|
||||||
# enable Alt+SysRq commands
|
# enable Alt+SysRq commands
|
||||||
"kernel.sysrq" = 1;
|
"kernel.sysrq" = 1;
|
||||||
@ -57,12 +72,32 @@ in
|
|||||||
boot.tmpOnTmpfs = true;
|
boot.tmpOnTmpfs = true;
|
||||||
|
|
||||||
hardware.cpu.amd.updateMicrocode = true;
|
hardware.cpu.amd.updateMicrocode = true;
|
||||||
|
hardware.mcelog.enable = true;
|
||||||
services.fstrim.enable = true;
|
services.fstrim.enable = true;
|
||||||
services.journald.extraConfig = "SystemMaxUse=100M";
|
services.journald.extraConfig = "SystemMaxUse=100M";
|
||||||
|
|
||||||
|
#hardware.bluetooth.enable = true;
|
||||||
|
|
||||||
networking.useDHCP = false;
|
networking.useDHCP = false;
|
||||||
networking.interfaces.enp39s0.useDHCP = true;
|
networking.interfaces.enp39s0.useDHCP = true;
|
||||||
|
#networking.interfaces.enp42s0f3u2.useDHCP = false;
|
||||||
|
#networking.interfaces.enp42s0f3u2.proxyARP = true;
|
||||||
|
#networking.interfaces.enp42s0f3u2.ipv4.routes = [
|
||||||
|
# {
|
||||||
|
# address = "10.0.0.0";
|
||||||
|
# prefixLength = 24;
|
||||||
|
# }
|
||||||
|
#];
|
||||||
|
#networking.interfaces.enp42s0f3u2.ipv4.addresses = [
|
||||||
|
# {
|
||||||
|
# address = "10.0.0.1";
|
||||||
|
# prefixLength = 24;
|
||||||
|
# }
|
||||||
|
#];
|
||||||
networking.hostName = "nixOS";
|
networking.hostName = "nixOS";
|
||||||
|
#networking.hosts = {
|
||||||
|
# "10.0.0.2" = [ "arne-ThinkPad-T410" ];
|
||||||
|
#};
|
||||||
networking.firewall.logRefusedConnections = false;
|
networking.firewall.logRefusedConnections = false;
|
||||||
networking.firewall.rejectPackets = true;
|
networking.firewall.rejectPackets = true;
|
||||||
networking.firewall.allowedTCPPorts = [ 12783 12975 25565 ];
|
networking.firewall.allowedTCPPorts = [ 12783 12975 25565 ];
|
||||||
@ -80,7 +115,7 @@ in
|
|||||||
|
|
||||||
security.sudo.extraConfig = ''
|
security.sudo.extraConfig = ''
|
||||||
Defaults insults
|
Defaults insults
|
||||||
Defaults timestamp_timeout=-1
|
Defaults timestamp_timeout=10
|
||||||
'';
|
'';
|
||||||
|
|
||||||
time.timeZone = "Europe/Berlin";
|
time.timeZone = "Europe/Berlin";
|
||||||
@ -99,7 +134,6 @@ in
|
|||||||
KDE_UTF8_FILENAMES = "1";
|
KDE_UTF8_FILENAMES = "1";
|
||||||
ANDROID_SDK_HOME = "$HOME/.cache";
|
ANDROID_SDK_HOME = "$HOME/.cache";
|
||||||
GRADLE_USER_HOME = "$HOME/.cache/gradle";
|
GRADLE_USER_HOME = "$HOME/.cache/gradle";
|
||||||
MATHEMATICA_USERBASE = "$HOME/.cache/mathematica";
|
|
||||||
XCOMPOSECACHE = "$HOME/.cache/X11/xcompose";
|
XCOMPOSECACHE = "$HOME/.cache/X11/xcompose";
|
||||||
};
|
};
|
||||||
environment.extraInit = ''
|
environment.extraInit = ''
|
||||||
@ -125,9 +159,19 @@ in
|
|||||||
services.xserver.enable = true;
|
services.xserver.enable = true;
|
||||||
services.xserver.enableCtrlAltBackspace = true;
|
services.xserver.enableCtrlAltBackspace = true;
|
||||||
services.xserver.libinput.enable = true;
|
services.xserver.libinput.enable = true;
|
||||||
services.xserver.layout = "us";
|
#services.xserver.libinput.accelProfile = "flat";
|
||||||
services.xserver.xkbVariant = "dvorak";
|
services.xserver.layout = "dvorak-custom";
|
||||||
|
services.xserver.extraLayouts = {
|
||||||
|
dvorak-custom = {
|
||||||
|
description = "Dvorak customized";
|
||||||
|
languages = [ "eng" ];
|
||||||
|
symbolsFile = /home/arne/.config/dvorak-custom;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
services.xserver.autoRepeatDelay = 183;
|
||||||
|
services.xserver.autoRepeatInterval = 33;
|
||||||
services.xserver.displayManager.sddm.enable = true;
|
services.xserver.displayManager.sddm.enable = true;
|
||||||
|
services.xserver.displayManager.job.logToJournal = true;
|
||||||
services.xserver.desktopManager.plasma5.enable = true;
|
services.xserver.desktopManager.plasma5.enable = true;
|
||||||
xdg.portal.enable = true;
|
xdg.portal.enable = true;
|
||||||
xdg.portal.gtkUsePortal = true;
|
xdg.portal.gtkUsePortal = true;
|
||||||
@ -136,6 +180,8 @@ in
|
|||||||
fonts.fonts = with pkgs; [
|
fonts.fonts = with pkgs; [
|
||||||
noto-fonts-emoji
|
noto-fonts-emoji
|
||||||
liberation_ttf
|
liberation_ttf
|
||||||
|
cozette
|
||||||
|
font-awesome
|
||||||
];
|
];
|
||||||
|
|
||||||
virtualisation.docker.enable = true;
|
virtualisation.docker.enable = true;
|
||||||
@ -143,6 +189,10 @@ in
|
|||||||
#virtualisation.anbox.enable = true;
|
#virtualisation.anbox.enable = true;
|
||||||
|
|
||||||
# services.printing.enable = true;
|
# services.printing.enable = true;
|
||||||
|
services.trilium-server.enable = true;
|
||||||
|
#services.trilium-server.dataDir = "/home/arne/.local/share/trilium-sync-server-data";
|
||||||
|
#services.trilium-server.host = "192.168.178.21";
|
||||||
|
services.trilium-server.port = 12783;
|
||||||
services.boinc.enable = true;
|
services.boinc.enable = true;
|
||||||
services.vnstat.enable = true;
|
services.vnstat.enable = true;
|
||||||
services.gitlab-runner.enable = true;
|
services.gitlab-runner.enable = true;
|
||||||
@ -150,11 +200,12 @@ in
|
|||||||
shell = {
|
shell = {
|
||||||
registrationConfigFile = "/home/arne/Documents/gitlab-runner-registration";
|
registrationConfigFile = "/home/arne/Documents/gitlab-runner-registration";
|
||||||
executor = "shell";
|
executor = "shell";
|
||||||
|
buildsDir = "/tmp/builds_dir";
|
||||||
};
|
};
|
||||||
shell2 = {
|
#shell2 = {
|
||||||
registrationConfigFile = "/home/arne/Documents/gitlab-runner-registration-kv";
|
# registrationConfigFile = "/home/arne/Documents/gitlab-runner-registration-kv";
|
||||||
executor = "shell";
|
# executor = "shell";
|
||||||
};
|
#};
|
||||||
};
|
};
|
||||||
services.openvpn.servers = {
|
services.openvpn.servers = {
|
||||||
kit-split = {
|
kit-split = {
|
||||||
@ -172,9 +223,24 @@ in
|
|||||||
};
|
};
|
||||||
# services.logmein-hamachi.enable = true;
|
# services.logmein-hamachi.enable = true;
|
||||||
|
|
||||||
sound.enable = true;
|
sound.enable = false;
|
||||||
hardware.pulseaudio.enable = true;
|
#hardware.pulseaudio.enable = false;
|
||||||
hardware.pulseaudio.support32Bit = true;
|
#hardware.pulseaudio.support32Bit = false;
|
||||||
|
security.rtkit.enable = true;
|
||||||
|
services.pipewire = {
|
||||||
|
enable = true;
|
||||||
|
alsa.enable = true;
|
||||||
|
alsa.support32Bit = true;
|
||||||
|
pulse.enable = true;
|
||||||
|
# this does not exist (yet?)
|
||||||
|
#pulse.support32Bit = true;
|
||||||
|
# If you want to use JACK applications, uncomment this
|
||||||
|
#jack.enable = true;
|
||||||
|
|
||||||
|
# use the example session manager (no others are packaged yet so this is enabled by default,
|
||||||
|
# no need to redefine it in your config for now)
|
||||||
|
#media-session.enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
hardware.opengl.enable = true;
|
hardware.opengl.enable = true;
|
||||||
hardware.opengl.driSupport = true;
|
hardware.opengl.driSupport = true;
|
||||||
@ -184,7 +250,7 @@ in
|
|||||||
|
|
||||||
users.users.arne = {
|
users.users.arne = {
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
extraGroups = [ "wheel" "docker" "adbusers" ];
|
extraGroups = [ "wheel" "docker" "adbusers" "wireshark" "audio" ];
|
||||||
shell = pkgs.zsh;
|
shell = pkgs.zsh;
|
||||||
};
|
};
|
||||||
|
|
||||||
@ -197,55 +263,43 @@ in
|
|||||||
"mathematica"
|
"mathematica"
|
||||||
"idea-ultimate"
|
"idea-ultimate"
|
||||||
"android-studio-stable"
|
"android-studio-stable"
|
||||||
#"logmein-hamachi"
|
|
||||||
];
|
];
|
||||||
packageOverrides = super: let self = super.pkgs; in {
|
packageOverrides = super: let self = super.pkgs; in {
|
||||||
maven = super.maven.override {
|
maven = super.maven.override {
|
||||||
jdk = super.pkgs.jdk11;
|
jdk = super.pkgs.jdk11;
|
||||||
};
|
};
|
||||||
# remove tesseract and ImageMagick
|
# remove openssl/curl
|
||||||
ripgrep-all = super.ripgrep-all.overrideDerivation (attrs: {
|
rustup = super.rustup.overrideAttrs (attrs: rec {
|
||||||
postInstall = ''
|
buildInputs = [ super.pkgs.zlib ];
|
||||||
wrapProgram $out/bin/rga \
|
cargoBuildFlags = [ "--no-default-features --features no-self-update,reqwest-backend,reqwest-rustls-tls" ];
|
||||||
--prefix PATH ":" "${super.pkgs.lib.makeBinPath [ super.pkgs.pandoc super.pkgs.poppler_utils super.pkgs.ripgrep ]}"
|
doCheck = false;
|
||||||
'';
|
|
||||||
doInstallCheck = false;
|
|
||||||
});
|
});
|
||||||
qbittorrent = super.qbittorrent.overrideAttrs (attrs: rec {
|
|
||||||
version = "4.3.4.1";
|
|
||||||
src = pkgs.fetchFromGitHub {
|
|
||||||
owner = "qbittorrent";
|
|
||||||
repo = "qbittorrent";
|
|
||||||
rev = "release-4.3.4.1"; # TODO: is there some reason this also has to be specified?
|
|
||||||
sha256 = "0hpv99ky077h5rvxxd76l5xv99ivqa1hq6739jp1gvl4w6w3cbgc";
|
|
||||||
};
|
|
||||||
});
|
|
||||||
# remove openssl
|
|
||||||
#rustup = super.rustup.overrideAttrs (attrs: rec {
|
|
||||||
# buildInputs = [ super.pkgs.zlib ];
|
|
||||||
# # this does not actually work due to #103130
|
|
||||||
# cargoBuildFlags = [ "--no-default-features" "--features" "no-self-update" "reqwest-backend" "reqwest-rustls-tls" ];
|
|
||||||
# doCheck = false;
|
|
||||||
#});
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
programs.steam.enable = true;
|
programs.steam.enable = true;
|
||||||
programs.zsh.enable = true;
|
programs.zsh.enable = true;
|
||||||
programs.zsh.enableGlobalCompInit = false;
|
programs.zsh.enableGlobalCompInit = false;
|
||||||
|
programs.zsh.interactiveShellInit = ''
|
||||||
|
source ${pkgs.nix-index}/etc/profile.d/command-not-found.sh
|
||||||
|
'';
|
||||||
|
programs.command-not-found.enable = false;
|
||||||
programs.adb.enable = true;
|
programs.adb.enable = true;
|
||||||
|
programs.wireshark.enable = true;
|
||||||
|
programs.wireshark.package = pkgs.wireshark;
|
||||||
programs.gnupg.agent = {
|
programs.gnupg.agent = {
|
||||||
enable = true;
|
enable = true;
|
||||||
enableSSHSupport = true;
|
enableSSHSupport = false;
|
||||||
pinentryFlavor = "qt";
|
pinentryFlavor = "qt";
|
||||||
};
|
};
|
||||||
|
# do not show unlock prompt on login
|
||||||
|
security.pam.services.sddm.enableKwallet = lib.mkOverride 0 false;
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
# standard utilities
|
# standard utilities
|
||||||
coreutils
|
coreutils
|
||||||
gzip
|
gzip
|
||||||
gcc
|
|
||||||
manpages
|
manpages
|
||||||
dnsutils
|
dnsutils
|
||||||
vim htop curl wget file zsh git
|
vim htop curl wget file zsh git git-branchless
|
||||||
tree killall
|
tree killall
|
||||||
# premium utilities
|
# premium utilities
|
||||||
jq tmux
|
jq tmux
|
||||||
@ -255,6 +309,7 @@ in
|
|||||||
iotop
|
iotop
|
||||||
img2pdf
|
img2pdf
|
||||||
pdftk
|
pdftk
|
||||||
|
exa
|
||||||
fd
|
fd
|
||||||
zoxide
|
zoxide
|
||||||
fzf
|
fzf
|
||||||
@ -263,39 +318,47 @@ in
|
|||||||
ffmpeg_4
|
ffmpeg_4
|
||||||
|
|
||||||
# programming environments
|
# programming environments
|
||||||
geckodriver
|
#geckodriver
|
||||||
#python2-with-my-packages
|
#python2-with-my-packages
|
||||||
python3-with-my-packages
|
python3-with-my-packages
|
||||||
jdk11 maven visualvm
|
jdk8
|
||||||
|
#visualvm
|
||||||
rustup
|
rustup
|
||||||
jupyter
|
cargo-outdated cargo-edit
|
||||||
|
#jupyter
|
||||||
vscodium
|
vscodium
|
||||||
jetbrains.idea-ultimate
|
jetbrains.idea-ultimate
|
||||||
#androidStudioPackages.stable
|
#androidStudioPackages.stable
|
||||||
nodejs
|
#nodejs
|
||||||
|
gcc10 gnumake cmake
|
||||||
|
llvmPackages_11.bintools
|
||||||
|
|
||||||
|
# cplex
|
||||||
|
key
|
||||||
|
|
||||||
# CLI applications
|
# CLI applications
|
||||||
lynx
|
lynx
|
||||||
droidcam
|
droidcam
|
||||||
sqlite
|
sqlite
|
||||||
borgbackup
|
borgbackup
|
||||||
nix-tree
|
nix-tree rnix-hashes
|
||||||
gallery-dl
|
#gallery-dl
|
||||||
youtube-dl
|
yt-dlp
|
||||||
plantuml
|
#plantuml
|
||||||
tectonic
|
#tectonic
|
||||||
docker-compose
|
docker-compose
|
||||||
qemu
|
qemu
|
||||||
graphviz
|
graphviz
|
||||||
|
|
||||||
# GUI applications
|
# GUI applications
|
||||||
sqlitebrowser
|
sqlitebrowser
|
||||||
gimp
|
(gimp-with-plugins.override { plugins = [ gimpPlugins.gmic ]; })
|
||||||
firefox
|
firefox
|
||||||
thunderbird
|
thunderbird
|
||||||
|
ungoogled-chromium
|
||||||
keepassxc
|
keepassxc
|
||||||
josm
|
josm
|
||||||
anki
|
#anki
|
||||||
tor-browser-bundle-bin
|
tor-browser-bundle-bin
|
||||||
mathematica
|
mathematica
|
||||||
gparted
|
gparted
|
||||||
@ -303,27 +366,25 @@ in
|
|||||||
qdirstat
|
qdirstat
|
||||||
filelight
|
filelight
|
||||||
libreoffice-fresh
|
libreoffice-fresh
|
||||||
filezilla
|
|
||||||
qbittorrent
|
qbittorrent
|
||||||
tdesktop
|
tdesktop
|
||||||
yakuake okular akregator kwalletmanager gwenview ark kcalc kcolorchooser kompare k3b kcharselect
|
alacritty
|
||||||
kdeApplications.kruler
|
okular akregator kwalletmanager gwenview ark kcalc kcolorchooser kompare k3b kcharselect kmag
|
||||||
|
plasma5Packages.kruler
|
||||||
kdeconnect
|
kdeconnect
|
||||||
plasma-vault
|
plasma-vault
|
||||||
ksshaskpass
|
ksshaskpass
|
||||||
notepadqq
|
notepadqq
|
||||||
mpv
|
mpvPlus
|
||||||
bitcoin
|
|
||||||
|
|
||||||
xorg.xkbcomp
|
#xorg.xkbcomp
|
||||||
xorg.xrandr
|
xorg.xrandr
|
||||||
|
#evtest
|
||||||
lm_sensors
|
lm_sensors
|
||||||
|
|
||||||
xclip
|
xclip
|
||||||
ntfs3g
|
ntfs3g
|
||||||
cryptsetup pinentry-qt
|
cryptsetup pinentry-qt
|
||||||
wineWowPackages.full
|
|
||||||
winetricks
|
|
||||||
cdrkit
|
cdrkit
|
||||||
vnstat
|
vnstat
|
||||||
aspellDicts.de
|
aspellDicts.de
|
||||||
@ -332,15 +393,19 @@ in
|
|||||||
linuxPackages.perf
|
linuxPackages.perf
|
||||||
perf-tools
|
perf-tools
|
||||||
smartmontools
|
smartmontools
|
||||||
libfaketime
|
#libfaketime
|
||||||
afl
|
#afl
|
||||||
|
|
||||||
# Games
|
# Games
|
||||||
multimc
|
multimc
|
||||||
minecraft
|
#minecraft
|
||||||
#logmein-hamachi
|
#logmein-hamachi
|
||||||
|
|
||||||
update-resolv-conf
|
update-resolv-conf # for OpenVPN configs
|
||||||
|
|
||||||
|
# List of packages to get on demand
|
||||||
|
#wineWowPackages.full
|
||||||
|
#winetricks
|
||||||
];
|
];
|
||||||
# This value determines the NixOS release from which the default
|
# This value determines the NixOS release from which the default
|
||||||
# settings for stateful data, like file locations and database versions
|
# settings for stateful data, like file locations and database versions
|
||||||
|
Loading…
Reference in New Issue
Block a user