Created
March 25, 2025 23:52
-
-
Save Tombert/fe782fcfd6887270d4f6ecd84afb9871 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { config, lib, pkgs, ... }: | |
| let | |
| user = "tombert"; | |
| hostname = "puter"; | |
| in { | |
| system.stateVersion = "24.05"; | |
| time = { timeZone = "America/New_York"; }; | |
| boot = { | |
| loader = { | |
| systemd-boot.enable = true; | |
| efi.canTouchEfiVariables = true; | |
| }; | |
| initrd = { | |
| availableKernelModules = [ | |
| "nvme" | |
| "xhci_pci" | |
| "thunderbolt" | |
| "usb_storage" | |
| "usbhid" | |
| "sd_mod" | |
| "tpm_tis" | |
| ]; | |
| luks.devices.main = { | |
| device = "/dev/disk/by-uuid/56188553-f321-4a80-b4e9-cb6212ab1244"; | |
| allowDiscards = true; | |
| }; | |
| }; | |
| kernelModules = [ | |
| "v4l2loopback" | |
| "thunderbolt" | |
| "atlantic" | |
| "st" | |
| "sg" | |
| "mpt3sas" | |
| "amdgpu" | |
| "xpad" | |
| ]; | |
| extraModulePackages = [ pkgs.linuxPackages_latest.v4l2loopback ]; | |
| kernelPackages = pkgs.linuxPackages_latest; | |
| kernelParams = [ "usbcore.autosuspend=-1" ]; | |
| }; | |
| networking = { | |
| wireless.iwd.enable = true; | |
| firewall = { | |
| enable = true; | |
| allowedUDPPorts = [ 1900 5350 5351 5353 ]; | |
| }; | |
| }; | |
| hardware = { | |
| #decklink.enable = true; | |
| xone.enable = true; | |
| graphics = { | |
| enable = true; | |
| enable32Bit = true; | |
| }; | |
| cpu.amd.updateMicrocode = true; | |
| enableAllFirmware = true; | |
| }; | |
| networking = { hostName = hostname; }; | |
| nix.extraOptions = '' | |
| experimental-features = nix-command flakes | |
| ''; | |
| powerManagement.powertop.enable = true; # powertop, auto-cpufreq, thermald | |
| programs = { | |
| system-config-printer.enable = true; | |
| zsh.enable = true; | |
| steam.enable = true; | |
| }; | |
| users = { | |
| defaultUserShell = pkgs.zsh; | |
| #defaultUserShell = pkgs.nushell; | |
| mutableUsers = false; | |
| users = { | |
| "root" = { uid = 0; }; | |
| "${user}" = { | |
| isNormalUser = true; | |
| uid = 1001; | |
| group = "users"; | |
| extraGroups = [ | |
| "audio" | |
| "docker" | |
| "i2c" | |
| "kvm" | |
| "lp" | |
| "pipewire" | |
| "podman" | |
| "scanner" | |
| "tss" | |
| "video" | |
| "wheel" | |
| ]; | |
| initialPassword = "REDACTED"; | |
| openssh.authorizedKeys.keys = [ ]; | |
| }; | |
| }; | |
| }; | |
| # xdg.portal = { | |
| # enable = true; | |
| # config.common.default = "gtk"; | |
| # extraPortals = [ pkgs.xdg-desktop-portal-gtk ]; | |
| # }; | |
| xdg = { | |
| autostart.enable = true; | |
| portal = { | |
| enable = true; | |
| config.common.default = "wlr"; | |
| extraPortals = [ pkgs.xdg-desktop-portal-wlr ]; | |
| wlr.enable = true; | |
| }; | |
| }; | |
| programs.sway = { | |
| enable = true; | |
| wrapperFeatures.gtk = false; | |
| extraSessionCommands = '' | |
| export NIXOS_OZONE_WL=1 | |
| ${pkgs.xdg-desktop-portal-wlr}/libexec/xdg-desktop-portal-wlr & | |
| pkill -f xdg-desktop-portal | |
| sleep .5 | |
| ${pkgs.xdg-desktop-portal-wlr}/libexec/xdg-desktop-portal-wlr & | |
| # Then main portal | |
| ${pkgs.xdg-desktop-portal}/libexec/xdg-desktop-portal & | |
| ''; | |
| }; | |
| # xdg = { | |
| # autostart.enable = true; | |
| # portal = { | |
| # config.common.default = "gtk"; | |
| # enable = true; | |
| # wlr.enable = true; | |
| # extraPortals = with pkgs; [ xdg-desktop-portal-gtk ]; | |
| # }; | |
| # }; | |
| environment.etc."xdg-desktop-portal/sway-portals.conf".text = '' | |
| [preferred] | |
| default=wlr | |
| ''; | |
| services = { | |
| xserver.displayManager.gdm.enable = true; | |
| open-webui = { | |
| enable = false; | |
| port = 8081; | |
| environment = { | |
| ENABLE_OPENAI_API = "True"; | |
| #OPENAI_API_KEY = "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"; | |
| OPENAI_API_KEY = | |
| "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"; | |
| DEFAULT_MODELS = "gpt4"; | |
| }; | |
| }; | |
| pulseaudio.enable = false; | |
| hardware = { bolt.enable = true; }; | |
| resolved.enable = true; | |
| printing = { | |
| logLevel = "debug"; | |
| stateless = true; | |
| enable = true; | |
| drivers = [ pkgs.gutenprint pkgs.splix ]; | |
| }; | |
| consul = { | |
| enable = true; | |
| webUi = true; | |
| }; | |
| avahi = { | |
| enable = true; | |
| nssmdns4 = true; | |
| openFirewall = true; | |
| }; | |
| system-config-printer.enable = true; | |
| gnome.gnome-keyring.enable = true; | |
| # enable sway window manager | |
| #xserver = { | |
| # enable = true; | |
| # displayManager = { | |
| # gdm.enable = true; | |
| # }; | |
| # desktopManager.gnome.enable = true; | |
| #}; | |
| openssh = { | |
| enable = false; | |
| openFirewall = true; | |
| settings = { | |
| PermitRootLogin = "no"; | |
| PasswordAuthentication = false; | |
| KbdInteractiveAuthentication = false; | |
| }; | |
| hostKeys = [{ | |
| path = "/persist/ssh/ssh_host_ed25519_key"; | |
| type = "ed25519"; | |
| }]; | |
| }; | |
| pipewire = { | |
| enable = true; | |
| pulse.enable = true; | |
| }; | |
| snapper = { | |
| configs = { | |
| home = { | |
| SUBVOLUME = "/home"; | |
| ALLOW_USERS = [ user ]; | |
| TIMELINE_CREATE = true; | |
| TIMELINE_CLEANUP = true; | |
| }; | |
| persist = { | |
| SUBVOLUME = "/persist"; | |
| ALLOW_USERS = [ user ]; | |
| TIMELINE_CREATE = true; | |
| TIMELINE_CLEANUP = true; | |
| }; | |
| }; | |
| }; | |
| thermald = { enable = true; }; | |
| }; | |
| systemd = { | |
| user.services.xdg-desktop-portal-wlr = { | |
| enable = true; | |
| description = "xdg-desktop-portal-wlr"; | |
| wantedBy = [ "default.target" ]; | |
| after = [ "graphical-session.target" ]; | |
| partOf = [ "graphical-session.target" ]; | |
| serviceConfig = { | |
| ExecStart = | |
| "${pkgs.xdg-desktop-portal-wlr}/libexec/xdg-desktop-portal-wlr"; | |
| Restart = "on-failure"; | |
| Environment = [ | |
| "XDG_SESSION_TYPE=wayland" | |
| "XDG_SESSION_DESKTOP=sway" | |
| "WAYLAND_DISPLAY=wayland-1" | |
| ]; | |
| }; | |
| }; | |
| services = { | |
| iwd.serviceConfig.BindPaths = "/persist/iwd:/var/lib/iwd"; | |
| nix-daemon.serviceConfig.Environment = "TMPDIR=/swap/build"; | |
| }; | |
| }; | |
| environment = { | |
| variables = { | |
| PKG_CONFIG_PATH = "${pkgs.openssl.dev}/lib/pkgconfig"; | |
| XCURSOR_SIZE = "96"; | |
| XCURSOR_THEME = "Adwaita"; | |
| XDG_CURRENT_DESKTOP = "sway"; | |
| NIXOS_OZONE_WL = "1"; | |
| }; | |
| systemPackages = with pkgs; | |
| lib.mkMerge [ | |
| # custom | |
| [ | |
| # console stuff | |
| bat | |
| parallel | |
| unzip | |
| tmux | |
| openssl | |
| foot | |
| dconf-editor | |
| waybar | |
| jq | |
| iw | |
| ] | |
| [ | |
| # Development | |
| neovim | |
| iwgtk | |
| evince | |
| imv | |
| zsh-fzf-history-search | |
| galculator | |
| gcc | |
| libgcc | |
| octaveFull | |
| fzf | |
| silver-searcher | |
| gnumake | |
| clang | |
| curlFull | |
| cmake | |
| jetbrains.idea-community | |
| graalvm-ce | |
| #temurin-bin | |
| #jdk21 | |
| clojure | |
| gradle | |
| vscode | |
| texliveFull | |
| #okular | |
| adobe-reader | |
| nfs-utils | |
| filezilla | |
| transmission-remote-gtk | |
| qemu | |
| wget | |
| kdePackages.calligra | |
| ] | |
| [ | |
| # Fonts | |
| comic-mono | |
| adwaita-icon-theme | |
| ] | |
| [ | |
| # math stuff | |
| tlaplusToolbox | |
| alloy6 | |
| workcraft | |
| ] | |
| [ | |
| # Games | |
| r2modman | |
| _86Box-with-roms | |
| aisleriot | |
| protonplus | |
| wine | |
| winetricks | |
| itch | |
| lutris | |
| heroic | |
| gamescope | |
| bigpemu | |
| mgba | |
| gdevelop | |
| ] | |
| [ | |
| # encryption | |
| pass | |
| git | |
| gnupg | |
| pinentry | |
| ] | |
| [ | |
| # Configuration | |
| gnome-tweaks | |
| ] | |
| [ | |
| # media | |
| openscad | |
| vlc | |
| drawio | |
| obs-studio | |
| linuxPackages.v4l2loopback | |
| v4l-utils | |
| pavucontrol | |
| blackmagic-desktop-video | |
| opentoonz | |
| lightworks | |
| bitwig-studio | |
| krita | |
| ] | |
| [ | |
| # communication stuff | |
| skypeforlinux | |
| teams-for-linux | |
| discord | |
| signal-desktop | |
| protonvpn-gui | |
| ] | |
| [ | |
| # web stuff | |
| firefox | |
| google-chrome | |
| chromium | |
| ] | |
| [ | |
| # Bureaucratic | |
| obsidian | |
| djview | |
| mutt | |
| protonmail-bridge | |
| libreoffice | |
| onlyoffice-bin | |
| ] | |
| [ | |
| # utilities | |
| wl-clipboard | |
| gnome-system-monitor | |
| swaybg | |
| gnome-calculator | |
| calc | |
| ulauncher | |
| slurp | |
| cups | |
| system-config-printer | |
| virtualbox | |
| asunder | |
| makemkv | |
| rocmPackages.clr | |
| nautilus | |
| xfce.thunar | |
| xdg-desktop-portal | |
| xfce.tumbler # for thumbnails | |
| dbus | |
| gvfs | |
| ] | |
| [ | |
| # Tape | |
| hpe-ltfs | |
| mt-st | |
| mtx | |
| linuxKernel.packages.linux_zen.xone | |
| ] | |
| [ | |
| # network | |
| ethtool | |
| ] | |
| [ | |
| # group of programs 3 | |
| fx | |
| black | |
| ] | |
| ]; | |
| }; | |
| zramSwap = { | |
| enable = true; | |
| memoryPercent = 20; | |
| algorithm = "zstd"; | |
| }; | |
| fileSystems = let | |
| dev = "/dev/mapper/main"; | |
| fsDisk = "btrfs"; | |
| fsTmp = "tmpfs"; | |
| fsBind = "none"; | |
| atime = "noatime"; | |
| comp = "compress-force=zstd:3"; | |
| bindOpts = [ "bind" ]; | |
| in { | |
| "/" = { | |
| device = "none"; | |
| fsType = fsTmp; | |
| options = [ "defaults" "size=16G" "mode=755" ]; | |
| }; | |
| "/boot" = { | |
| device = "/dev/disk/by-label/boot"; | |
| fsType = "vfat"; | |
| }; | |
| "/persist" = { | |
| device = dev; | |
| fsType = fsDisk; | |
| options = [ "subvol=persist" ]; | |
| }; | |
| "/home" = { | |
| device = dev; | |
| fsType = fsDisk; | |
| options = [ "subvol=home" ]; | |
| }; | |
| "/swap" = { | |
| device = dev; | |
| fsType = fsDisk; | |
| options = [ "subvol=swap" ]; | |
| }; | |
| "/data" = { | |
| device = dev; | |
| fsType = fsDisk; | |
| options = [ "subvol=data" ]; | |
| }; | |
| "/cache" = { | |
| device = dev; | |
| fsType = fsDisk; | |
| options = [ "subvol=cache" ]; | |
| }; | |
| "/nix" = { | |
| device = dev; | |
| fsType = fsDisk; | |
| options = [ "subvol=nix" atime comp ]; | |
| }; | |
| "/etc/nixos" = { | |
| device = "/persist/nixos"; | |
| fsType = fsBind; | |
| options = bindOpts; | |
| }; | |
| "/var/log/journal" = { | |
| device = "/persist/journal"; | |
| fsType = fsBind; | |
| options = bindOpts; | |
| }; | |
| "/root/.cache" = { | |
| device = "/cache/rootcache"; | |
| fsType = fsBind; | |
| options = bindOpts; | |
| }; | |
| "/var/cache" = { | |
| device = "/cache/varcache"; | |
| fsType = fsBind; | |
| options = bindOpts; | |
| }; | |
| "/var/lib/bluetooth" = { | |
| device = "/persist/bluetooth"; | |
| fsType = fsBind; | |
| options = bindOpts; | |
| }; | |
| }; | |
| swapDevices = [{ device = "/swap/swapfile"; }]; | |
| networking.useDHCP = lib.mkDefault true; | |
| nixpkgs = { | |
| config = { | |
| permittedInsecurePackages = [ | |
| "python-2.7.18.8" | |
| "adobe-reader-9.5.5" | |
| "electron-27.3.11" | |
| "libtiff-4.0.3-opentoonz" | |
| ]; | |
| allowUnfree = true; | |
| }; | |
| hostPlatform = lib.mkDefault "x86_64-linux"; | |
| }; | |
| #[ { device = "/swap/swapfile"; } ]; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment