255 lines
8.4 KiB
Nix
255 lines
8.4 KiB
Nix
# Edit this configuration file to define what should be installed on
|
||
# your system. Help is available in the configuration.nix(5) man page
|
||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||
|
||
{ config, pkgs, lib, fetchpatch, ... }:
|
||
|
||
let
|
||
unstable = import <nixos-unstable> { };
|
||
in
|
||
{
|
||
imports =
|
||
[
|
||
# Include the results of the hardware scan.
|
||
./hardware-configuration.nix
|
||
./software.nix
|
||
./modules/gnome.nix
|
||
./modules/zsh.nix
|
||
./modules/vscode.nix
|
||
./vscode.nix
|
||
];
|
||
|
||
nix.trustedUsers = [ "root" "inex" ];
|
||
|
||
nixpkgs.config = {
|
||
allowUnfree = true;
|
||
android_sdk.accept_license = true;
|
||
};
|
||
|
||
nixpkgs.overlays = [
|
||
(self: super:
|
||
{
|
||
openhmd = super.openhmd.overrideAttrs (old: {
|
||
src = super.fetchFromGitHub {
|
||
owner = "OpenHMD";
|
||
repo = "OpenHMD";
|
||
rev = "dfac0203376552c5274976c42f0757b31310c483";
|
||
sha256 = "1rm8iw03glfgnhggg221p8zycm9yjw84bv9ldb0vg2ygybds9m27";
|
||
};
|
||
});
|
||
vscode-extensions = super.vscode-extensions // {
|
||
github.copilot = pkgs.vscode-utils.buildVscodeMarketplaceExtension {
|
||
mktplcRef = {
|
||
publisher = "github";
|
||
name = "copilot";
|
||
version = "1.22.5957";
|
||
sha256 = "04jak6ml7l19ryv2q6qn7qvvgw31jllgvd9g8xlac89xnndsfl6s";
|
||
};
|
||
};
|
||
};
|
||
}
|
||
)
|
||
];
|
||
|
||
# Use the systemd-boot EFI boot loader.
|
||
boot.loader = {
|
||
systemd-boot.enable = true;
|
||
efi.canTouchEfiVariables = true;
|
||
grub.useOSProber = true;
|
||
grub.memtest86.enable = true;
|
||
};
|
||
|
||
boot.supportedFilesystems = [ "btrfs" "ntfs" ];
|
||
|
||
fileSystems."/mediastorage" = {
|
||
device = "/dev/disk/by-uuid/aed202ac-7414-40b9-9d71-011b7043c850";
|
||
fsType = "ext4";
|
||
};
|
||
|
||
fileSystems."/backups" = {
|
||
device = "/dev/disk/by-uuid/63db910e-f906-4211-bac5-4330777c8283";
|
||
fsType = "ext4";
|
||
};
|
||
|
||
# fileSystems."/nvme" = {
|
||
# device = "/dev/disk/by-uuid/8c1c5508-ecaa-433d-87c0-49d131395ddd";
|
||
# fsType = "btrfs";
|
||
# };
|
||
|
||
networking = {
|
||
hostName = "inex-pc";
|
||
networkmanager.enable = true;
|
||
useDHCP = false;
|
||
interfaces = {
|
||
enp8s0 = {
|
||
useDHCP = true;
|
||
};
|
||
wlp5s0 = {
|
||
useDHCP = true;
|
||
};
|
||
};
|
||
firewall = {
|
||
enable = false;
|
||
allowedTCPPorts = [ 8437 1716 51820 24642 27036 27037 24800 ];
|
||
allowedUDPPorts = [ 8437 1716 51820 24642 27031 27036 24800 ];
|
||
checkReversePath = false;
|
||
};
|
||
wireguard.interfaces = {
|
||
wg0 = {
|
||
# Determines the IP address and subnet of the client's end of the tunnel interface.
|
||
ips = [ "10.100.0.6/24" ];
|
||
listenPort = 51820;
|
||
|
||
postSetup = "${pkgs.iproute}/bin/ip route add 135.181.97.221 via 192.168.1.1";
|
||
postShutdown = "${pkgs.iproute}/bin/ip route del 135.181.97.221 via 192.168.1.1";
|
||
|
||
# Path to the private key file.
|
||
#
|
||
# Note: The private key can also be included inline via the privateKey option,
|
||
# but this makes the private key world-readable; thus, using privateKeyFile is
|
||
# recommended.
|
||
privateKeyFile = "/home/inex/wireguard-keys/private";
|
||
|
||
peers = [
|
||
# For a client configuration, one peer entry for the server will suffice.
|
||
{
|
||
# Public key of the server (not a file path).
|
||
publicKey = "8sEAHYhydEGKTVecXcOb28zeGHGLGCsri5evbSQV8mY=";
|
||
|
||
# Forward all the traffic via VPN.
|
||
#allowedIPs = [ "0.0.0.0/0" ];
|
||
# Or forward only particular subnets
|
||
allowedIPs = [ "10.100.0.0/24" ];
|
||
|
||
# Set this to the server IP and port.
|
||
endpoint = "135.181.97.221:51820";
|
||
|
||
# Send keepalives every 25 seconds. Important to keep NAT tables alive.
|
||
persistentKeepalive = 25;
|
||
}
|
||
];
|
||
};
|
||
};
|
||
};
|
||
|
||
|
||
# Select internationalisation properties.
|
||
# i18n.defaultLocale = "en_US.UTF-8";
|
||
console = {
|
||
font = "Lat2-Terminus16";
|
||
keyMap = "us";
|
||
};
|
||
|
||
# Set your time zone.
|
||
time.timeZone = "Europe/Moscow";
|
||
|
||
services = {
|
||
printing.enable = true;
|
||
xserver = {
|
||
enable = true;
|
||
layout = "us";
|
||
xkbVariant = "colemak";
|
||
videoDrivers = [ "amdgpu" ];
|
||
libinput.enable = true;
|
||
exportConfiguration = true;
|
||
wacom.enable = true;
|
||
};
|
||
openssh = {
|
||
enable = true;
|
||
passwordAuthentication = false;
|
||
forwardX11 = true;
|
||
};
|
||
flatpak.enable = true;
|
||
udev.packages = [
|
||
(pkgs.writeTextFile {
|
||
name = "wacom_udev";
|
||
text = ''
|
||
KERNEL!="event[0-9]*", GOTO="wacom_end"
|
||
DRIVERS=="wacom", ATTRS{bInterfaceNumber}=="00", ENV{WACOM_TYPE}="stylus"
|
||
DRIVERS=="wacom", ATTRS{bInterfaceNumber}=="01", ENV{WACOM_TYPE}="touch"
|
||
ATTRS{idVendor}=="056a", ENV{WACOM_TYPE}!="touch", SYMLINK+="input/wacom"
|
||
ATTRS{idVendor}=="056a", ENV{WACOM_TYPE}=="touch", SYMLINK+="input/wacom-touch"
|
||
#ATTRS{idVendor}=="056a", ACTION=="add", RUN+="check_driver wacom $devpath $env{ID_BUS}"
|
||
LABEL="wacom_end"
|
||
'';
|
||
destination = "/etc/udev/rules.d/50-wacom.rules";
|
||
|
||
})
|
||
];
|
||
};
|
||
|
||
|
||
sound.enable = true;
|
||
|
||
# Video driver
|
||
hardware = {
|
||
opengl = {
|
||
enable = true;
|
||
driSupport32Bit = true;
|
||
extraPackages = [ pkgs.amdvlk pkgs.rocm-opencl-icd pkgs.rocm-runtime pkgs.rocm-opencl-runtime ];
|
||
};
|
||
steam-hardware.enable = true;
|
||
bluetooth = {
|
||
enable = true;
|
||
package = pkgs.bluezFull;
|
||
};
|
||
pulseaudio = {
|
||
package = pkgs.pulseaudioFull;
|
||
support32Bit = true;
|
||
extraModules = [ pkgs.pulseaudio-modules-bt ];
|
||
};
|
||
};
|
||
|
||
environment.variables.VK_ICD_FILENAMES = "${pkgs.amdvlk}/share/vulkan/icd.d/amd_icd64.json";
|
||
|
||
programs = {
|
||
adb.enable = true;
|
||
java = {
|
||
enable = true;
|
||
};
|
||
};
|
||
|
||
virtualisation = {
|
||
docker = {
|
||
enable = true;
|
||
enableOnBoot = false;
|
||
};
|
||
waydroid.enable = true;
|
||
virtualbox.host = {
|
||
enable = false;
|
||
};
|
||
};
|
||
|
||
|
||
# Define a user account. Don't forget to set a password with ‘passwd’.
|
||
users.users.inex = {
|
||
isNormalUser = true;
|
||
home = "/home/inex";
|
||
description = "Inex Code";
|
||
extraGroups = [ "wheel" "networkmanager" "jackaudio" "audio" "video" "adbusers" "docker" "cdrom" ]; # Enable ‘sudo’ for the user.
|
||
openssh.authorizedKeys.keys = [
|
||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCzL0gmvpMOZbijqZOlTuNqtVHZGoNrxCiWJXIDcUwr1cx8M2o61qK/wNMZmyYGROpJbpsFERAjXIXBpwg2KQ3ONRL6q44nPrOSbHm3zL8pnFEvzM0BUKV1Mq2T1dM+geMhQnLrwZhOxvp3+9uhFSTPP/dVzWQ19pEiK5hHpXlD3eyO+LIaS/wkTJvBy/wCKz+O/coLyBQ+Mn5hGQaJAyDec/ovu8OhBkJbbvWp03F2zcWUCxwVfZ1VnLQxn7tk9L4iTw1+rDt0kaRQvVISV3KdqLJnPODku6eC38LcMfHIFXAWBdSUslGUl9Qkd1c+6Gorzt3BrfYL/HDW2Xk3UTQF inex-envy"
|
||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCbUS/AblfzZcfr/iMxHJ5pubzCuriVTu12TKt1iRQFDjQDo+/j0/Ga07zqyB9VUhpJg/IOcJ6o2T4PBixNuHQQX5z4sb/tqzbx3buBz0HIp8VHRC3TtLAmsFj24AldxlADlQpGnlt+g3p200m2dwu/Yoe4+GD8Twwg6FCsyiRjstbfo89Kmwi9yVbXx5aBssscEkXBQODTpwOB05nCz3oUuvQ5ex+yH+o02cTlYyBoglgfzM6HzR0GkmCRDlx613nqa1+ICxwWY0cXMbhnUwDoJASk5eJovtmEqC29qJKABxZaKRYsaW3sMJiMOvPHf9BkVKp4uPINhLc5vopwZI10xsNOn75AXRptkHzenn7ymC+qwJr53Z1tAAfMb5ypJ+u+SE8wazd4x2CIFHH+LbaputqxyfUxNoMbFMGNXICDAOCCQ0nkax7Ifr1NlTp07zTYH6VP0kzqqYiAlBu5qo3qIi5dRsLvb6/McerDNhRmYh25Ww7zpEY4Q9uTWDZkCP8= u0_a122@localhost"
|
||
];
|
||
};
|
||
|
||
# This value determines the NixOS release from which the default
|
||
# settings for stateful data, like file locations and database versions
|
||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||
# this value at the release version of the first install of this system.
|
||
# Before changing this value read the documentation for this option
|
||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||
system.stateVersion = "20.03"; # Did you read the comment?
|
||
system.autoUpgrade.enable = true;
|
||
|
||
environment.shellInit = ''
|
||
export VST_PATH=/nix/var/nix/profiles/default/lib/vst:/var/run/current-system/sw/lib/vst:~/.vst
|
||
export LXVST_PATH=/nix/var/nix/profiles/default/lib/lxvst:/var/run/current-system/sw/lib/lxvst:~/.lxvst
|
||
export LADSPA_PATH=/nix/var/nix/profiles/default/lib/ladspa:/var/run/current-system/sw/lib/ladspa:~/.ladspa
|
||
export LV2_PATH=/nix/var/nix/profiles/default/lib/lv2:/var/run/current-system/sw/lib/lv2:~/.lv2
|
||
export DSSI_PATH=/nix/var/nix/profiles/default/lib/dssi:/var/run/current-system/sw/lib/dssi:~/.dssi
|
||
export VST3_PATH=/nix/var/nix/profiles/default/lib/vst3:/var/run/current-system/sw/lib/vst3:~/.vst3
|
||
'';
|
||
|
||
}
|