arnekeller/dotfiles
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
f6e5259f2f
dotfiles/.config/configuration.nix
Arne Keller c3be916f0f NixOS configuration
2021-03-23 18:38:39 +01:00

324 lines
8.0 KiB
Nix
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{ config, pkgs, ... }:
let
my-python-packages = python-packages: with python-packages; [
pip setuptools
z3
requests
beautifulsoup4
tkinter
lxml
pyside2
markdown
psutil
];
my-python2-packages = python2-packages: with python2-packages; [
pip setuptools
cython
pygame
numpy
pillow
pyopengl
pyopengl-accelerate
];
python-with-my-packages = pkgs.python3.withPackages my-python-packages;
python2-with-my-packages = pkgs.python2.withPackages my-python2-packages;
in
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
];
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.kernelPackages = pkgs.linuxPackages_5_10;
boot.extraModulePackages = [ config.boot.kernelPackages.v4l2loopback ];
boot.kernelModules = [ "v4l2loopback" ];
boot.kernelParams = [ "mitigations=off" ];
boot.kernel.sysctl = {
# enable Alt+SysRq commands
"kernel.sysrq" = 1;
"vm.swappiness" = 1;
"net.ipv4.ip_forward" = 1;
# silence kernel warning
"fs.suid_dumpable" = 0;
};
# disable coredumps
systemd.coredump.extraConfig = ''
Storage=none
'';
security.pam.loginLimits = [
{ domain = "*"; item = "core"; type = "hard"; value = "0"; }
];
# /tmp should be a tmpfs
boot.tmpOnTmpfs = true;
hardware.cpu.amd.updateMicrocode = true;
services.fstrim.enable = true;
services.journald.extraConfig = "SystemMaxUse=100M";
networking.useDHCP = false;
networking.interfaces.enp39s0.useDHCP = true;
networking.hostName = "nixOS";
networking.firewall.logRefusedConnections = false;
networking.firewall.rejectPackets = true;
networking.firewall.allowedTCPPorts = [ 12783 12975 25565 ];
networking.firewall.allowedUDPPorts = [ 12975 ];
# Or disable the firewall altogether.
#networking.firewall.enable = false;
security.sudo.extraConfig = ''
Defaults insults
Defaults timestamp_timeout=-1
'';
time.timeZone = "Europe/Berlin";
i18n.defaultLocale = "de_DE.UTF-8";
console = {
keyMap = "dvorak";
};
environment.sessionVariables = {
XDG_CONFIG_HOME = "$HOME/.config";
XDG_CACHE_HOME = "$HOME/.cache";
XDG_DATA_HOME = "$HOME/.local/share";
KDEHOME = "/home/arne/.config/kde";
KDESYCOCA = "/home/arne/.cache/kdesycoca";
KDE_HOME_READONLY = "1";
KDE_UTF8_FILENAMES = "1";
ANDROID_SDK_HOME = "/home/arne/.cache";
GRADLE_USER_HOME = "/home/arne/.cache/gradle";
MATHEMATICA_USERBASE = "/home/arne/.cache/mathematica";
XCOMPOSECACHE = "/home/arne/.cache/X11/xcompose";
};
environment.extraInit = ''
export XAUTHORITY=/tmp/Xauthority
[ -e ~/.Xauthority ] && mv -f ~/.Xauthority "$XAUTHORITY"
'';
environment.etc = {
"zshenv.local" = {
text = ''
ZDOTDIR=$HOME/.config/zsh
'';
mode = "0444";
};
"sysconfig/lm_sensors".text = ''
HWMON_MODULES="nct6775"
'';
#"adobe/mms.cfg".text = ''
# AllowListUrlPattern=*://kongregate.com
# AllowListUrlPattern=*://*.kongregate.com
#'';
};
services.xserver.enable = true;
services.xserver.enableCtrlAltBackspace = true;
services.xserver.libinput.enable = true;
services.xserver.layout = "us";
services.xserver.xkbVariant = "dvorak";
services.xserver.displayManager.sddm.enable = true;
services.xserver.desktopManager.plasma5.enable = true;
xdg.portal.enable = true;
xdg.portal.gtkUsePortal = true;
fonts.enableDefaultFonts = true;
fonts.fonts = with pkgs; [
noto-fonts-emoji
liberation_ttf
];
# services.printing.enable = true;
services.boinc.enable = true;
services.vnstat.enable = true;
services.gitlab-runner.enable = true;
services.gitlab-runner.services = {
shell = {
registrationConfigFile = "/home/arne/Documents/gitlab-runner-registration";
executor = "shell";
};
shell2 = {
registrationConfigFile = "/home/arne/Documents/gitlab-runner-registration-kv";
executor = "shell";
};
};
services.openvpn.servers = {
kit-split = {
config = ''
config /home/arne/Documents/KIT/kit-split.ovpn
'';
autoStart = false;
};
kit = {
config = ''
config /home/arne/Documents/KIT/kit.ovpn
'';
autoStart = false;
};
};
# services.logmein-hamachi.enable = true;
sound.enable = true;
hardware.pulseaudio.enable = true;
hardware.pulseaudio.support32Bit = true;
hardware.opengl.enable = true;
hardware.opengl.driSupport = true;
hardware.opengl.driSupport32Bit = true;
hardware.opengl.extraPackages = with pkgs; [ amdvlk vaapiVdpau libvdpau-va-gl ];
hardware.opengl.extraPackages32 = with pkgs.pkgsi686Linux; [ libva ];
users.users.arne = {
isNormalUser = true;
extraGroups = [ "wheel" "docker" "adbusers" ];
shell = pkgs.zsh;
};
nixpkgs.config = {
allowUnfreePredicate = pkg: builtins.elem (pkgs.lib.getName pkg) [
"minecraft-launcher"
"steam"
"steam-original"
"steam-runtime"
"mathematica"
"idea-ultimate"
"android-studio-stable"
"logmein-hamachi"
];
packageOverrides = super: let self = super.pkgs; in {
# remove tesseract and ImageMagick
ripgrep-all = super.ripgrep-all.overrideDerivation (attrs: {
postInstall = ''
wrapProgram $out/bin/rga \
--prefix PATH ":" "${super.pkgs.lib.makeBinPath [ super.pkgs.pandoc super.pkgs.poppler_utils super.pkgs.ripgrep ]}"
'';
doInstallCheck = false;
});
};
};
# programs.steam.enable = true;
programs.zsh.enable = true;
programs.zsh.enableGlobalCompInit = false;
programs.adb.enable = true;
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
pinentryFlavor = "qt";
};
environment.systemPackages = with pkgs; [
# standard utilities
coreutils
gzip
gcc
manpages
dnsutils
vim htop curl wget file zsh git
tree killall
# premium utilities
jq tmux
ripgrep
ripgrep-all
p7zip
iotop
img2pdf
pdftk
fd
zoxide
fzf
entr
oxipng
ffmpeg_4
# programming environments
geckodriver
python2-with-my-packages
python-with-my-packages
jdk14 maven visualvm
rustup
jupyter
vscodium
jetbrains.idea-ultimate
androidStudioPackages.stable
# CLI applications
lynx
droidcam
sqlite
borgbackup
nix-tree
gallery-dl
youtube-dl
plantuml
# GUI applications
sqlitebrowser
gimp
firefox
thunderbird
keepassxc
josm
anki
tor-browser-bundle-bin
mathematica
gparted
trilium-desktop
qdirstat
filelight
libreoffice-fresh
filezilla
qbittorrent
tdesktop
yakuake okular akregator kwalletmanager gwenview ark kcalc kcolorchooser kompare k3b kcharselect
kdeApplications.kruler
kdeconnect
plasma-vault
ksshaskpass
notepadqq
xorg.xkbcomp
xorg.xrandr
lm_sensors
xclip
ntfs3g
cryptsetup pinentry-qt
logmein-hamachi
mpv
wineWowPackages.full
winetricks
cdrkit
vnstat
aspellDicts.de
hunspellDicts.de-de
bitcoin
qemu
docker-compose
update-resolv-conf
texlive.combined.scheme-full
tectonic
linuxPackages_5_10.perf
perf-tools
smartmontools
nodejs
libfaketime
afl
multimc
minecraft
update-resolv-conf
openssl
];
virtualisation.docker.enable = true;
virtualisation.docker.logDriver = "journald";
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "20.09"; # Did you read the comment?
}
Reference in New Issue View Git Blame Copy Permalink