160 lines
3.4 KiB
Nix
160 lines
3.4 KiB
Nix
{ tree, config, pkgs, lib, ... }:
|
|
let usb_data = import ./hardware/usb_data.nix { };
|
|
in {
|
|
imports = with tree; [
|
|
users.root
|
|
users.chaos
|
|
profiles.tailscale
|
|
#profiles.dnscrypt
|
|
#profiles.printing
|
|
profiles.sshd
|
|
|
|
hosts.lappy.profiles.usb-automount
|
|
hosts.lappy.profiles.harry-vpn
|
|
|
|
# required for dualsense controller
|
|
profiles.kernels.latest
|
|
|
|
profiles.laptop
|
|
|
|
# Bluetooth
|
|
#profiles.connectivity.bluetooth
|
|
|
|
profiles.connectivity.network_manager
|
|
profiles.connectivity.ios
|
|
|
|
profiles.sound.pipewire
|
|
|
|
profiles.gui.base
|
|
profiles.gui.environments.gnome
|
|
|
|
profiles.gaming.steam
|
|
|
|
# for sci-hub and whenever websites break
|
|
profiles.tor
|
|
|
|
# For cross compiling and deploying to raspberry
|
|
profiles.cross.arm64
|
|
|
|
profiles.force_dns
|
|
#extras.shenanigans-hotspot
|
|
];
|
|
|
|
services.mullvad-vpn.enable = true;
|
|
|
|
home-manager.users.root = {
|
|
imports = with tree; [ home.base ];
|
|
home.stateVersion = "22.05";
|
|
};
|
|
home-manager.users.chaos = {
|
|
programs.ssh.matchBlocks."*".identityFile = "${usb_data.ssh_priv_path}";
|
|
programs.git.extraConfig = {
|
|
gpg.format = "ssh";
|
|
commit.gpgsign = "true";
|
|
tag.gpgsign = "true";
|
|
user = { signingKey = "${usb_data.ssh_priv_path}"; };
|
|
};
|
|
imports = with tree; [
|
|
home.base
|
|
home.dev.all
|
|
#home.reversing
|
|
|
|
home.gui.base
|
|
home.gui.environments.gnome
|
|
|
|
#home.gaming.emulators.ds
|
|
#home.gaming.games.minecraft
|
|
#home.gaming.games.osu
|
|
home.gaming.platforms.steam
|
|
|
|
#home.bluetooth
|
|
#home.network_manager
|
|
|
|
home.apps.vivaldi
|
|
home.apps.telegram
|
|
home.apps.quassel
|
|
home.apps.mpv
|
|
home.apps.strawberry
|
|
home.apps.file-roller
|
|
home.apps.nautilus
|
|
home.apps.nicotine-plus
|
|
home.apps.musicutil
|
|
home.apps.pavucontrol
|
|
home.apps.mullvad
|
|
home.apps.aria2
|
|
home.apps.rclone
|
|
home.apps.restic
|
|
|
|
home.programming.editors.vscode
|
|
home.programming.languages.go
|
|
home.programming.languages.nix
|
|
];
|
|
home.stateVersion = "22.05";
|
|
};
|
|
|
|
hardware.opengl.extraPackages = with pkgs; [
|
|
vaapiIntel
|
|
vaapiVdpau
|
|
libvdpau-va-gl
|
|
intel-media-driver
|
|
];
|
|
|
|
#services.getty.extraArgs = [ "--skip-login" "--login-options" "chaos" ];
|
|
|
|
networking.firewall.enable = true;
|
|
networking.firewall.allowPing = true;
|
|
|
|
# Allow Soulseek
|
|
networking.firewall.allowedTCPPorts = [ 8080 2235 ];
|
|
networking.firewall.allowedTCPPortRanges = [
|
|
# Allow aria2 to work
|
|
{
|
|
from = 6881;
|
|
to = 6999;
|
|
}
|
|
{
|
|
from = 50101;
|
|
to = 50109;
|
|
}
|
|
];
|
|
networking.firewall.allowedUDPPortRanges = [
|
|
# Allow aria2 to work
|
|
{
|
|
from = 6881;
|
|
to = 6999;
|
|
}
|
|
{
|
|
from = 50101;
|
|
to = 50109;
|
|
}
|
|
];
|
|
|
|
networking.enableIPv6 = true;
|
|
systemd.services.NetworkManager-wait-online.enable = false;
|
|
|
|
# let vscode, vivaldi, etc work.
|
|
security.unprivilegedUsernsClone = true;
|
|
|
|
nix.settings.auto-optimise-store = true;
|
|
nix.gc = {
|
|
automatic = true;
|
|
dates = "daily";
|
|
options = "--delete-older-than 30d";
|
|
};
|
|
|
|
nix.extraOptions = ''
|
|
keep-outputs = true
|
|
keep-derivations = true
|
|
builders-use-substitutes = true
|
|
'';
|
|
|
|
networking.hostName = "lappy";
|
|
time.timeZone = "Europe/London";
|
|
powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
|
|
|
|
services.fstrim.enable = true;
|
|
|
|
system.stateVersion = "21.11";
|
|
}
|
|
|