{ config, pkgs, lib, ... }: { imports = [ ./bnc.nix ]; boot.supportedFilesystems = [ "ntfs" ]; boot.tmp.cleanOnBoot = true; time.timeZone = "Europe/Paris"; i18n.defaultLocale = "en_US.UTF-8"; i18n.extraLocaleSettings = { LC_ADDRESS = "fr_FR.utf8"; LC_IDENTIFICATION = "fr_FR.utf8"; LC_MEASUREMENT = "fr_FR.utf8"; LC_MONETARY = "fr_FR.utf8"; LC_NAME = "fr_FR.utf8"; LC_NUMERIC = "fr_FR.utf8"; LC_PAPER = "fr_FR.utf8"; LC_TELEPHONE = "fr_FR.utf8"; LC_TIME = "fr_FR.utf8"; }; console = { font = "sun12x22"; keyMap = "fr"; }; # ---- network config ---- networking.networkmanager.enable = true; # Open ports in the firewall. networking.firewall.allowedTCPPorts = [ 2022 # openssh 22000 # syncthing ]; networking.firewall.allowedUDPPorts = [ 22000 # syncthing ]; # Or disable the firewall altogether. # networking.firewall.enable = false; # ---- apps config ---- # Enable the X11 windowing system. services.xserver.enable = true; # Configure keymap in X11 services.xserver.layout = "fr-custom-lx"; services.xserver.xkbOptions = "terminate:ctrl_alt_bksp,caps:escape"; services.xserver.extraLayouts."fr-custom-lx" = { description = "French (LX custom azerty)"; languages = ["fre"]; symbolsFile = ../xkb/symbols/fr-custom-lx; }; # Input method for japanese i18n.inputMethod.enabled = "fcitx5"; i18n.inputMethod.fcitx5.addons = [ pkgs.fcitx5-mozc ]; # Enable CUPS to print documents. services.printing.enable = true; # Enable sound. sound.enable = true; hardware.pulseaudio.enable = false; services.pipewire = { enable = true; alsa.enable = true; alsa.support32Bit = true; pulse.enable = true; jack.enable = true; }; # Enable RTL-SDR hardware.rtl-sdr.enable = true; # Enable touchpad support (enabled default in most desktopManager). services.xserver.libinput.enable = true; # Enable libvirt virtualisation.libvirtd.enable = true; # -------------------- users --------------------- # Define a user account. Don't forget to set a password with ‘passwd’. users.users.lx = { isNormalUser = true; description = "Alex"; extraGroups = [ "networkmanager" "wheel" "yggdrasil" "plugdev" "dialout" "kvm" "libvirtd" ]; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJpaBZdYxHqMxhv2RExAOa7nkKhPBOHupMP3mYaZ73w9" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIw+IIX8+lZX9RrHAbwi/bncLYStXpI4EmK3AUcqPY2O" ]; }; # -------------------- yea openssh --------------------- services.openssh = { enable = true; ports = [ 2022 ]; settings = { PermitRootLogin = "no"; PasswordAuthentication = false; }; }; # -------------------- packages --------------------- nixpkgs.config.allowUnfree = true; nix.gc.automatic = pkgs.lib.mkDefault true; nix.gc.options = "--delete-older-than 30d"; nix.settings.experimental-features = [ "nix-command" "flakes" ]; nix.settings.substituters = [ "https://nix.web.deuxfleurs.fr" ]; nix.settings.trusted-public-keys = [ "nix.web.deuxfleurs.fr:eTGL6kvaQn6cDR/F9lDYUIP9nCVR/kkshYfLDJf1yKs=" ]; nix.extraOptions = '' keep-outputs = true keep-derivations = true ''; nixpkgs.overlays = [ # fix jellyfin media player to not try to use wayland-egl backend (self: super: { jellyfin-media-player = pkgs.symlinkJoin { name = "jellyfin-media-player"; paths = [ super.jellyfin-media-player ]; buildInputs = [ pkgs.makeWrapper ]; postBuild = '' wrapProgram $out/bin/jellyfinmediaplayer --set QT_QPA_PLATFORM xcb ''; }; }) ]; # ---- config for japanese (thx functor.tokyo) fonts.packages = with pkgs; [ profont symbola font-awesome inconsolata ipafont kochi-substitute ]; fonts.fontconfig.defaultFonts = { monospace = [ "DejaVu Sans Mono" "IPAGothic" ]; sansSerif = [ "DejaVu Sans" "IPAPGothic" ]; serif = [ "DejaVu Serif" "IPAPMincho" ]; }; # ---- environment.systemPackages = with pkgs; [ home-manager vim nixpkgs-fmt nix-index aspell hunspell aspellDicts.fr aspellDicts.en hunspellDicts.fr-any hunspellDicts.en-us-large hunspellDicts.en-gb-large tmux git git-lfs pass openssl pkg-config htop i7z zip unzip unrar powertop iotop jnettop nethogs mtr moreutils nvme-cli smartmontools speedtest-cli socat mc ncdu dfc wget gcc gnumake clang rustc rustfmt rust-analyzer cargo clippy sqlite virtualenv scc rclone restic borgbackup nomad consul drone-cli hugo zola jq python3Full ffmpeg gnupg dig netcat inetutils pciutils file distrobox killall gomuks beets alacritty firefox qutebrowser tor-browser-bundle-bin lagrange thunderbird qbittorrent transmission-remote-gtk keepassxc vlc mpv spotify sonixd supersonic jellyfin-media-player element-desktop dino signal-desktop gimp inkscape krita ghostscript mupdf llpp xournalpp pdfarranger homebank nicotine-plus gnome.seahorse gqrx sdrpp virt-manager tagainijisho anki (st.overrideAttrs (oldAttrs: rec { patches = [ #../st/st-colorschemes-0.8.5.diff #../st/st-copyurl-0.8.4.diff ]; configFile = writeText "config.def.h" (builtins.readFile ../st/config.h); postPatch = "${oldAttrs.postPatch}\n cp ${configFile} config.def.h"; })) ]; programs.dconf.enable = true; # virt-manager requires dconf to remember settings programs.vim.defaultEditor = true; programs.steam = { enable = true; remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server }; programs.mtr.enable = true; # Enable the OpenSSH daemon. # services.openssh.enable = true; # ---- fancy networks and stuff ---- services.yggdrasil = { enable = true; persistentKeys = true; settings = { Peers = [ "tls://37.187.118.206:53103" "tls://ygg.mkg20001.io:443" "tls://54.36.100.60:34219" ]; }; }; services.tor = { enable = true; client.enable = true; }; # Copy the NixOS configuration file and link it from the resulting system # (/run/current-system/configuration.nix). This is useful in case you # accidentally delete configuration.nix. system.copySystemConfiguration = true; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "22.11"; # Did you read the comment? }