arnekeller/dotfiles
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
622e2ee25f
dotfiles/.config/configuration.nix
Arne Keller 2f77fe642b All NixOS config changes since last commit
2022-02-04 18:59:47 +01:00

418 lines
11 KiB
Nix
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{ config, lib, pkgs, ... }:
let
my-python3-packages = python3-packages: with python3-packages; [
pip setuptools
z3
requests
beautifulsoup4
tkinter
lxml
pyside2
markdown
psutil
scipy
numpy
pillow
];
#my-python2-packages = python2-packages: with python2-packages; [
# pip setuptools
# cython
# pygame
# numpy
# pillow
# pyopengl
# pyopengl-accelerate
#];
python3-with-my-packages = pkgs.python3.withPackages my-python3-packages;
#python2-with-my-packages = pkgs.python2.withPackages my-python2-packages;
linuxPackages = pkgs.linuxPackages_5_10;
mpvPlus = pkgs.mpv-with-scripts.override {
scripts = [ pkgs.mpvScripts.mpris ];
};
microsoftErgonomicKeyboard = pkgs.callPackage /home/arne/nixpkgs/microsoft-ergonomic-keyboard { kernel = linuxPackages.kernel; };
in
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
];
nix.autoOptimiseStore = true;
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.kernelPackages = linuxPackages;
#boot.kernelPatches = [
# {
# name = "fixup MS keyboard";
# patch = /home/arne/src/linux-5.10.62/0001-change-it.patch;
# }
#];
boot.extraModulePackages = [ config.boot.kernelPackages.v4l2loopback microsoftErgonomicKeyboard ];
boot.kernelModules = [ "v4l2loopback" "nct6775" "hid_microsoft_ergonomic" ];
boot.kernelParams = [ "mitigations=off" "amdgpu.noretry=0" ];
boot.kernel.sysctl = {
# enable Alt+SysRq commands
"kernel.sysrq" = 1;
"vm.swappiness" = 1;
"net.ipv4.ip_forward" = 1;
# silence kernel warning
"fs.suid_dumpable" = 0;
};
# disable coredumps
systemd.coredump.extraConfig = ''
Storage=none
'';
security.pam.loginLimits = [
{ domain = "*"; item = "core"; type = "hard"; value = "0"; }
];
# /tmp should be a tmpfs
boot.tmpOnTmpfs = true;
hardware.cpu.amd.updateMicrocode = true;
hardware.mcelog.enable = true;
services.fstrim.enable = true;
services.journald.extraConfig = "SystemMaxUse=100M";
#hardware.bluetooth.enable = true;
networking.useDHCP = false;
networking.interfaces.enp39s0.useDHCP = true;
#networking.interfaces.enp42s0f3u2.useDHCP = false;
#networking.interfaces.enp42s0f3u2.proxyARP = true;
#networking.interfaces.enp42s0f3u2.ipv4.routes = [
# {
# address = "10.0.0.0";
# prefixLength = 24;
# }
#];
#networking.interfaces.enp42s0f3u2.ipv4.addresses = [
# {
# address = "10.0.0.1";
# prefixLength = 24;
# }
#];
networking.hostName = "nixOS";
#networking.hosts = {
# "10.0.0.2" = [ "arne-ThinkPad-T410" ];
#};
networking.firewall.logRefusedConnections = false;
networking.firewall.rejectPackets = true;
networking.firewall.allowedTCPPorts = [ 12783 12975 25565 ];
networking.firewall.allowedTCPPortRanges = [
# KDE Connect
{ from = 1714; to = 1764; }
];
networking.firewall.allowedUDPPorts = [ 12975 ];
networking.firewall.allowedUDPPortRanges = [
# KDE Connect
{ from = 1714; to = 1764; }
];
# Or disable the firewall altogether.
#networking.firewall.enable = false;
security.sudo.extraConfig = ''
Defaults insults
Defaults timestamp_timeout=10
'';
time.timeZone = "Europe/Berlin";
i18n.defaultLocale = "de_DE.UTF-8";
console = {
keyMap = "dvorak";
};
environment.sessionVariables = {
XDG_CONFIG_HOME = "$HOME/.config";
XDG_CACHE_HOME = "$HOME/.cache";
XDG_DATA_HOME = "$HOME/.local/share";
KDEHOME = "$HOME/.config/kde";
KDESYCOCA = "$HOME/.cache/kdesycoca";
KDE_HOME_READONLY = "1";
KDE_UTF8_FILENAMES = "1";
ANDROID_SDK_HOME = "$HOME/.cache";
GRADLE_USER_HOME = "$HOME/.cache/gradle";
XCOMPOSECACHE = "$HOME/.cache/X11/xcompose";
};
environment.extraInit = ''
export XAUTHORITY=/tmp/Xauthority
[ -e ~/.Xauthority ] && mv -f ~/.Xauthority "$XAUTHORITY"
'';
environment.etc = {
"zshenv.local" = {
text = ''
ZDOTDIR=$HOME/.config/zsh
'';
mode = "0444";
};
"sysconfig/lm_sensors".text = ''
HWMON_MODULES="nct6775"
'';
#"adobe/mms.cfg".text = ''
# AllowListUrlPattern=*://kongregate.com
# AllowListUrlPattern=*://*.kongregate.com
#'';
};
services.xserver.enable = true;
services.xserver.enableCtrlAltBackspace = true;
services.xserver.libinput.enable = true;
#services.xserver.libinput.accelProfile = "flat";
services.xserver.layout = "dvorak-custom";
services.xserver.extraLayouts = {
dvorak-custom = {
description = "Dvorak customized";
languages = [ "eng" ];
symbolsFile = /home/arne/.config/dvorak-custom;
};
};
services.xserver.autoRepeatDelay = 183;
services.xserver.autoRepeatInterval = 33;
services.xserver.displayManager.sddm.enable = true;
services.xserver.displayManager.job.logToJournal = true;
services.xserver.desktopManager.plasma5.enable = true;
xdg.portal.enable = true;
xdg.portal.gtkUsePortal = true;
fonts.enableDefaultFonts = true;
fonts.fonts = with pkgs; [
noto-fonts-emoji
liberation_ttf
cozette
font-awesome
];
virtualisation.docker.enable = true;
virtualisation.docker.logDriver = "journald";
#virtualisation.anbox.enable = true;
# services.printing.enable = true;
services.trilium-server.enable = true;
#services.trilium-server.dataDir = "/home/arne/.local/share/trilium-sync-server-data";
#services.trilium-server.host = "192.168.178.21";
services.trilium-server.port = 12783;
services.boinc.enable = true;
services.vnstat.enable = true;
services.gitlab-runner.enable = true;
services.gitlab-runner.services = {
shell = {
registrationConfigFile = "/home/arne/Documents/gitlab-runner-registration";
executor = "shell";
buildsDir = "/tmp/builds_dir";
};
#shell2 = {
# registrationConfigFile = "/home/arne/Documents/gitlab-runner-registration-kv";
# executor = "shell";
#};
};
services.openvpn.servers = {
kit-split = {
config = ''
config /home/arne/Documents/KIT/kit-split.ovpn
'';
autoStart = false;
};
kit = {
config = ''
config /home/arne/Documents/KIT/kit.ovpn
'';
autoStart = false;
};
};
# services.logmein-hamachi.enable = true;
sound.enable = false;
#hardware.pulseaudio.enable = false;
#hardware.pulseaudio.support32Bit = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# this does not exist (yet?)
#pulse.support32Bit = true;
# If you want to use JACK applications, uncomment this
#jack.enable = true;
# use the example session manager (no others are packaged yet so this is enabled by default,
# no need to redefine it in your config for now)
#media-session.enable = true;
};
hardware.opengl.enable = true;
hardware.opengl.driSupport = true;
hardware.opengl.driSupport32Bit = true;
hardware.opengl.extraPackages = with pkgs; [ amdvlk vaapiVdpau libvdpau-va-gl ];
hardware.opengl.extraPackages32 = with pkgs.pkgsi686Linux; [ libva ];
users.users.arne = {
isNormalUser = true;
extraGroups = [ "wheel" "docker" "adbusers" "wireshark" "audio" ];
shell = pkgs.zsh;
};
nixpkgs.config = {
allowUnfreePredicate = pkg: builtins.elem (pkgs.lib.getName pkg) [
"minecraft-launcher"
"steam"
"steam-original"
"steam-runtime"
"mathematica"
"idea-ultimate"
"android-studio-stable"
];
packageOverrides = super: let self = super.pkgs; in {
maven = super.maven.override {
jdk = super.pkgs.jdk11;
};
# remove openssl/curl
rustup = super.rustup.overrideAttrs (attrs: rec {
buildInputs = [ super.pkgs.zlib ];
cargoBuildFlags = [ "--no-default-features --features no-self-update,reqwest-backend,reqwest-rustls-tls" ];
doCheck = false;
});
};
};
programs.steam.enable = true;
programs.zsh.enable = true;
programs.zsh.enableGlobalCompInit = false;
programs.zsh.interactiveShellInit = ''
source ${pkgs.nix-index}/etc/profile.d/command-not-found.sh
'';
programs.command-not-found.enable = false;
programs.adb.enable = true;
programs.wireshark.enable = true;
programs.wireshark.package = pkgs.wireshark;
programs.gnupg.agent = {
enable = true;
enableSSHSupport = false;
pinentryFlavor = "qt";
};
# do not show unlock prompt on login
security.pam.services.sddm.enableKwallet = lib.mkOverride 0 false;
environment.systemPackages = with pkgs; [
# standard utilities
coreutils
gzip
manpages
dnsutils
vim htop curl wget file zsh git git-branchless
tree killall
# premium utilities
jq tmux
ripgrep
ripgrep-all
p7zip
iotop
img2pdf
pdftk
exa
fd
zoxide
fzf
entr
oxipng
ffmpeg_4
# programming environments
#geckodriver
#python2-with-my-packages
python3-with-my-packages
jdk8
#visualvm
rustup
cargo-outdated cargo-edit
#jupyter
vscodium
jetbrains.idea-ultimate
#androidStudioPackages.stable
#nodejs
gcc10 gnumake cmake
llvmPackages_11.bintools
# cplex
key
# CLI applications
lynx
droidcam
sqlite
borgbackup
nix-tree rnix-hashes
#gallery-dl
yt-dlp
#plantuml
#tectonic
docker-compose
qemu
graphviz
# GUI applications
sqlitebrowser
(gimp-with-plugins.override { plugins = [ gimpPlugins.gmic ]; })
firefox
thunderbird
ungoogled-chromium
keepassxc
josm
#anki
tor-browser-bundle-bin
mathematica
gparted
trilium-desktop
qdirstat
filelight
libreoffice-fresh
qbittorrent
tdesktop
alacritty
okular akregator kwalletmanager gwenview ark kcalc kcolorchooser kompare k3b kcharselect kmag
plasma5Packages.kruler
kdeconnect
plasma-vault
ksshaskpass
notepadqq
mpvPlus
#xorg.xkbcomp
xorg.xrandr
#evtest
lm_sensors
xclip
ntfs3g
cryptsetup pinentry-qt
cdrkit
vnstat
aspellDicts.de
hunspellDicts.de-de
#texlive.combined.scheme-full
linuxPackages.perf
perf-tools
smartmontools
#libfaketime
#afl
# Games
multimc
#minecraft
#logmein-hamachi
update-resolv-conf # for OpenVPN configs
# List of packages to get on demand
#wineWowPackages.full
#winetricks
];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "20.09"; # Did you read the comment?
}
Reference in New Issue View Git Blame Copy Permalink