# Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, lib, ... }: { # this allows you to access `pkgsUnstable` anywhere in your config #_module.args.pkgsUnstable = import inputs.nixpkgs-unstable { # inherit (pkgs.stdenv.hostPlatform) system; # inherit (config.nixpkgs) config; #}; imports = [ # ./hardware-configuration.nix ./configs ]; # Bootloader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; nix.settings.auto-optimise-store = true; nix.gc = { automatic = true; dates = "weekly"; options = "--delete-older-than 10d"; }; # Set your time zone. time.timeZone = "America/Los_Angeles"; # Select internationalisation properties. i18n.defaultLocale = "en_US.UTF-8"; i18n.extraLocaleSettings = { LC_ADDRESS = "en_US.UTF-8"; LC_IDENTIFICATION = "en_US.UTF-8"; LC_MEASUREMENT = "en_US.UTF-8"; LC_MONETARY = "en_US.UTF-8"; LC_NAME = "en_US.UTF-8"; LC_NUMERIC = "en_US.UTF-8"; LC_PAPER = "en_US.UTF-8"; LC_TELEPHONE = "en_US.UTF-8"; LC_TIME = "en_US.UTF-8"; }; # set by the configurator # networking.hostName = "imladris"; # Define your hostname. networking.networkmanager.enable = true; services.resolved.enable = true; services.resolved.fallbackDns = [ "1.1.1.1" "8.8.8.8" ]; # Open ports in the firewall. networking.firewall.allowedTCPPorts = [ 22 ]; # Enable the OpenSSH daemon. services.openssh = { enable = true; settings = { PermitRootLogin = "prohibit-password"; }; # passwordAuthentication = false; }; security.doas = { enable = true; extraRules = [{ users = ["kyle"]; keepEnv = true; noPass = true; }]; }; environment.variables = { SBCL_HOME = "/run/current-system/sw/lib/sbcl"; }; services.cron.enable = true; services.xserver = { displayManager = { gdm = { enable = true; wayland = false; }; }; enable = true; windowManager = { stumpwm.enable = true; }; xkb = { layout = "us"; options = "ctrl:swapcaps,compose:ralt"; }; }; # Enable touchpad support (enabled default in most desktopManager). services.libinput = { enable = true; mouse.naturalScrolling = true; touchpad.naturalScrolling = true; }; console.useXkbConfig = true; users.users.kyle = { isNormalUser = true; extraGroups = [ "wheel" "networkmanager" "dialout" "disk" "audio" "cdrom" "video" ]; }; programs.direnv.enable = true; programs.command-not-found.enable = false; programs.nix-ld.enable = true; programs.nix-ld.libraries = with pkgs; [ # Add any missing dynamic libraries for unpackaged programs # here, NOT in environment.systemPackages ]; # Enable CUPS to print documents. services.printing.enable = true; # Enable sound with pipewire. hardware.pulseaudio.enable = false; security.rtkit.enable = true; services.pipewire = { enable = true; alsa.enable = true; alsa.support32Bit = true; pulse.enable = true; # If you want to use JACK applications, uncomment this #jack.enable = true; # use the example session manager (no others are packaged yet so this is enabled by default, # no need to redefine it in your config for now) #media-session.enable = true; }; services.udisks2.enable = true; # Install firefox. programs.firefox.enable = true; # Allow unfree packages nixpkgs.config.allowUnfree = true; # Enable common container config files in /etc/containers virtualisation.containers.enable = true; virtualisation = { podman = { enable = true; # Create a `docker` alias for podman, to use it as a drop-in replacement dockerCompat = true; # Required for containers under podman-compose to be able to talk to each other. defaultNetwork.settings.dns_enabled = true; }; }; # List packages installed in system profile. To search, run: # $ nix search wget environment.systemPackages = with pkgs; [ acpitool arduino arduino-cli arduino-ide arduino-mk binutils-unwrapped bitwarden brave cloc cmake cmus cscope direnv dive dmenu doas docker-compose elinks emacs feh ffmpeg file fira-code firefox fzf gcc gdb gforth ghostty git gnome-disk-utility gnumake go go-font graphviz hexyl htop i3 i3lock imagemagick jpegoptim keychain ksshaskpass lagrange libfixposix libzip man-pages mercurial mg mutt nmap nyxt obsidian ops pavucontrol pciutils pkg-config picocom podman-compose podman-tui pwgen python3Full rlwrap rofi sbcl scdoc scrot silver-searcher sqlite-interactive stumpwm syncthing tailscale tcpdump texinfo texliveFull tmux tree udisks xfce.thunar xfce.thunar-volman xfce.xfce4-power-manager xss-lock wget woff2 ]; services.tailscale.enable = true; services.syncthing.enable = true; services.udev.extraRules = '' ACTION=="add", SUBSYSTEM=="backlight", GROUP="video", MODE="0660" ''; programs.gnupg.agent = { enable = true; enableSSHSupport = true; }; programs.ssh.askPassword = "ksshaskpass"; nix.settings.experimental-features = [ "nix-command" "flakes" ]; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "24.11"; # Did you read the comment? }