arnekeller/dotfiles
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

NixOS configuration

Browse Source
This commit is contained in:
Arne Keller 2021-03-23 18:38:39 +01:00
parent dd61454703
commit c3be916f0f
1 changed files with 323 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

323
.config/configuration.nix Normal file
View File

@ -0,0 +1,323 @@
{ config, pkgs, ... }:
let
my-python-packages = python-packages: with python-packages; [
pip setuptools
z3
requests
beautifulsoup4
tkinter
lxml
pyside2
markdown
psutil
];
my-python2-packages = python2-packages: with python2-packages; [
pip setuptools
cython
pygame
numpy
pillow
pyopengl
pyopengl-accelerate
];
python-with-my-packages = pkgs.python3.withPackages my-python-packages;
python2-with-my-packages = pkgs.python2.withPackages my-python2-packages;
in
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
];
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.kernelPackages = pkgs.linuxPackages_5_10;
boot.extraModulePackages = [ config.boot.kernelPackages.v4l2loopback ];
boot.kernelModules = [ "v4l2loopback" ];
boot.kernelParams = [ "mitigations=off" ];
boot.kernel.sysctl = {
# enable Alt+SysRq commands
"kernel.sysrq" = 1;
"vm.swappiness" = 1;
"net.ipv4.ip_forward" = 1;
# silence kernel warning
"fs.suid_dumpable" = 0;
};
# disable coredumps
systemd.coredump.extraConfig = ''
Storage=none
'';
security.pam.loginLimits = [
{ domain = "*"; item = "core"; type = "hard"; value = "0"; }
];
# /tmp should be a tmpfs
boot.tmpOnTmpfs = true;
hardware.cpu.amd.updateMicrocode = true;
services.fstrim.enable = true;
services.journald.extraConfig = "SystemMaxUse=100M";
networking.useDHCP = false;
networking.interfaces.enp39s0.useDHCP = true;
networking.hostName = "nixOS";
networking.firewall.logRefusedConnections = false;
networking.firewall.rejectPackets = true;
networking.firewall.allowedTCPPorts = [ 12783 12975 25565 ];
networking.firewall.allowedUDPPorts = [ 12975 ];
# Or disable the firewall altogether.
#networking.firewall.enable = false;
security.sudo.extraConfig = ''
Defaults insults
Defaults timestamp_timeout=-1
'';
time.timeZone = "Europe/Berlin";
i18n.defaultLocale = "de_DE.UTF-8";
console = {
keyMap = "dvorak";
};
environment.sessionVariables = {
XDG_CONFIG_HOME = "$HOME/.config";
XDG_CACHE_HOME = "$HOME/.cache";
XDG_DATA_HOME = "$HOME/.local/share";
KDEHOME = "/home/arne/.config/kde";
KDESYCOCA = "/home/arne/.cache/kdesycoca";
KDE_HOME_READONLY = "1";
KDE_UTF8_FILENAMES = "1";
ANDROID_SDK_HOME = "/home/arne/.cache";
GRADLE_USER_HOME = "/home/arne/.cache/gradle";
MATHEMATICA_USERBASE = "/home/arne/.cache/mathematica";
XCOMPOSECACHE = "/home/arne/.cache/X11/xcompose";
};
environment.extraInit = ''
export XAUTHORITY=/tmp/Xauthority
[ -e ~/.Xauthority ] && mv -f ~/.Xauthority "$XAUTHORITY"
'';
environment.etc = {
"zshenv.local" = {
text = ''
ZDOTDIR=$HOME/.config/zsh
'';
mode = "0444";
};
"sysconfig/lm_sensors".text = ''
HWMON_MODULES="nct6775"
'';
#"adobe/mms.cfg".text = ''
# AllowListUrlPattern=*://kongregate.com
# AllowListUrlPattern=*://*.kongregate.com
#'';
};
services.xserver.enable = true;
services.xserver.enableCtrlAltBackspace = true;
services.xserver.libinput.enable = true;
services.xserver.layout = "us";
services.xserver.xkbVariant = "dvorak";
services.xserver.displayManager.sddm.enable = true;
services.xserver.desktopManager.plasma5.enable = true;
xdg.portal.enable = true;
xdg.portal.gtkUsePortal = true;
fonts.enableDefaultFonts = true;
fonts.fonts = with pkgs; [
noto-fonts-emoji
liberation_ttf
];
# services.printing.enable = true;
services.boinc.enable = true;
services.vnstat.enable = true;
services.gitlab-runner.enable = true;
services.gitlab-runner.services = {
shell = {
registrationConfigFile = "/home/arne/Documents/gitlab-runner-registration";
executor = "shell";
};
shell2 = {
registrationConfigFile = "/home/arne/Documents/gitlab-runner-registration-kv";
executor = "shell";
};
};
services.openvpn.servers = {
kit-split = {
config = ''
config /home/arne/Documents/KIT/kit-split.ovpn
'';
autoStart = false;
};
kit = {
config = ''
config /home/arne/Documents/KIT/kit.ovpn
'';
autoStart = false;
};
};
# services.logmein-hamachi.enable = true;
sound.enable = true;
hardware.pulseaudio.enable = true;
hardware.pulseaudio.support32Bit = true;
hardware.opengl.enable = true;
hardware.opengl.driSupport = true;
hardware.opengl.driSupport32Bit = true;
hardware.opengl.extraPackages = with pkgs; [ amdvlk vaapiVdpau libvdpau-va-gl ];
hardware.opengl.extraPackages32 = with pkgs.pkgsi686Linux; [ libva ];
users.users.arne = {
isNormalUser = true;
extraGroups = [ "wheel" "docker" "adbusers" ];
shell = pkgs.zsh;
};
nixpkgs.config = {
allowUnfreePredicate = pkg: builtins.elem (pkgs.lib.getName pkg) [
"minecraft-launcher"
"steam"
"steam-original"
"steam-runtime"
"mathematica"
"idea-ultimate"
"android-studio-stable"
"logmein-hamachi"
];
packageOverrides = super: let self = super.pkgs; in {
# remove tesseract and ImageMagick
ripgrep-all = super.ripgrep-all.overrideDerivation (attrs: {
postInstall = ''
wrapProgram $out/bin/rga \
--prefix PATH ":" "${super.pkgs.lib.makeBinPath [ super.pkgs.pandoc super.pkgs.poppler_utils super.pkgs.ripgrep ]}"
'';
doInstallCheck = false;
});
};
};
# programs.steam.enable = true;
programs.zsh.enable = true;
programs.zsh.enableGlobalCompInit = false;
programs.adb.enable = true;
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
pinentryFlavor = "qt";
};
environment.systemPackages = with pkgs; [
# standard utilities
coreutils
gzip
gcc
manpages
dnsutils
vim htop curl wget file zsh git
tree killall
# premium utilities
jq tmux
ripgrep
ripgrep-all
p7zip
iotop
img2pdf
pdftk
fd
zoxide
fzf
entr
oxipng
ffmpeg_4
# programming environments
geckodriver
python2-with-my-packages
python-with-my-packages
jdk14 maven visualvm
rustup
jupyter
vscodium
jetbrains.idea-ultimate
androidStudioPackages.stable
# CLI applications
lynx
droidcam
sqlite
borgbackup
nix-tree
gallery-dl
youtube-dl
plantuml
# GUI applications
sqlitebrowser
gimp
firefox
thunderbird
keepassxc
josm
anki
tor-browser-bundle-bin
mathematica
gparted
trilium-desktop
qdirstat
filelight
libreoffice-fresh
filezilla
qbittorrent
tdesktop
yakuake okular akregator kwalletmanager gwenview ark kcalc kcolorchooser kompare k3b kcharselect
kdeApplications.kruler
kdeconnect
plasma-vault
ksshaskpass
notepadqq
xorg.xkbcomp
xorg.xrandr
lm_sensors
xclip
ntfs3g
cryptsetup pinentry-qt
logmein-hamachi
mpv
wineWowPackages.full
winetricks
cdrkit
vnstat
aspellDicts.de
hunspellDicts.de-de
bitcoin
qemu
docker-compose
update-resolv-conf
texlive.combined.scheme-full
tectonic
linuxPackages_5_10.perf
perf-tools
smartmontools
nodejs
libfaketime
afl
multimc
minecraft
update-resolv-conf
openssl
];
virtualisation.docker.enable = true;
virtualisation.docker.logDriver = "journald";
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "20.09"; # Did you read the comment?
}