# Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). { lib, config, pkgs, zen-browser, hyprland, inputs, ... }: let unstable = import { overlays = pkgs.overlays; }; # flake-compat = builtins.fetchTarball "https://github.com/edolstra/flake-compat/archive/master.tar.gz"; # hyprland = (import flake-compat { # src = builtins.fetchTarball "https://github.com/hyprwm/Hyprland/archive/main.tar.gz"; # sha256 = "qY6zh8gdgioEgCDOgT+SnK9QZ3OtGi+eXqqzcsYWKe8="; # }).defaultNix; in { imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix ]; # Bootloader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; networking.hostName = "launchpad"; # Define your hostname. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. # Configure network proxy if necessary # networking.proxy.default = "http://user:password@proxy:port/"; # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; networking.extraHosts = '' 192.168.12.20 router.local 192.168.12.21 switch.local 192.168.12.25 dhcpd.local 192.168.12.40 launchpad.local 192.168.12.41 xeon.local 192.168.12.80 robo.local 192.168.12.81 nas.local 192.168.12.83 homeassistant.local 192.168.12.60 toons.local 45.58.52.52 www 172.245.111.249 est 216.189.156.74 mail ''; networking.interfaces.enp4s0.ipv4.addresses = [ { address = "192.168.12.40"; prefixLength = 24; } ]; networking.defaultGateway = "192.168.12.20"; networking.nameservers = [ "192.168.12.25" ]; networking.firewall = { allowedTCPPortRanges = [ { from = 35000; to = 36000; } { from = 5000; to = 6000; } { from = 8000; to = 9000; } ]; extraCommands = ''iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns''; }; # Enable networking networking.networkmanager.enable = true; fileSystems."/mnt/share/Music" = { device = "//nas.local/Music"; fsType = "cifs"; options = let automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"; in ["${automount_opts},credentials=/etc/nixos/smb-secrets,uid=1000,gid=100"]; }; # Set your time zone. time.timeZone = "America/Los_Angeles"; # Select internationalisation properties. i18n.defaultLocale = "en_US.UTF-8"; i18n.extraLocaleSettings = { LC_ADDRESS = "en_US.UTF-8"; LC_IDENTIFICATION = "en_US.UTF-8"; LC_MEASUREMENT = "en_US.UTF-8"; LC_MONETARY = "en_US.UTF-8"; LC_NAME = "en_US.UTF-8"; LC_NUMERIC = "en_US.UTF-8"; LC_PAPER = "en_US.UTF-8"; LC_TELEPHONE = "en_US.UTF-8"; LC_TIME = "en_US.UTF-8"; }; # Enable the X11 windowing system. # You can disable this if you're only using the Wayland session. services.xserver = { enable = false; xkb = { layout = "us"; variant = ""; }; videoDrivers = [ "nvidia" ]; }; hardware.opengl = { # Renamed hardware.graphics enable = true; # Renamed package = pkgs.mesa.drivers; # Renamed # 32bit Support driSupport32Bit = true; # Renamed # package32 = pkgsi686Linux.mesa.drivers; }; # hardware.graphics = { # Only in unstable # enable = true; # package = pkgs.mesa.drivers; # enable32Bit = true; # }; hardware.nvidia = { # Modesetting is required. modesetting.enable = true; # Nvidia power management. Experimental, and can cause sleep/suspend to fail. # Enable this if you have graphical corruption issues or application crashes after waking # up from sleep. This fixes it by saving the entire VRAM memory to /tmp/ instead # of just the bare essentials. powerManagement.enable = true; # Fine-grained power management. Turns off GPU when not in use. # Experimental and only works on modern Nvidia GPUs (Turing or newer). powerManagement.finegrained = false; # Use the NVidia open source kernel module (not to be confused with the # independent third-party "nouveau" open source driver). # Support is limited to the Turing and later architectures. Full list of # supported GPUs is at: # https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus # Only available from driver 515.43.04+ # Currently alpha-quality/buggy, so false is currently the recommended setting. open = false; # Enable the Nvidia settings menu, # accessible via `nvidia-settings`. nvidiaSettings = true; # Optionally, you may need to select the appropriate driver version for your specific GPU. package = config.boot.kernelPackages.nvidiaPackages.stable; }; # xdg.portal = { # enable = false; # xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk ]; # extraPortals = [ inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.xdg-desktop-portal-hyprland pkgs.kdePackages.xdg-desktop-portal-kde ]; # }; # Enable the KDE Plasma Desktop Environment. services.displayManager.sddm = { enable = true; autoNumlock = true; enableHidpi = true; settings = { X11 = { MinimumVT = 7; DisplayCommand="/etc/sddm/Xsetup"; }; }; wayland = { enable = true; }; }; # services.pentablet.enable = true; # environment.etc."ssdm.conf.d/10-wayland.conf".text = '' # [General] # DisplayServer=wayland # GreeterEnvironment=QT_WAYLAND_SHELL_INTEGRATION=layer-shell # [Wayland] # CompositorCommand=kwin_wayland --drm --no-lockscreen --no-global-shortcuts --locale1 # ''; # environment.etc."sddm/Xsetup".text = '' # #!/usr/bin/env bash # xrandr --output DP-5 --auto --primary # xrandr --output DP-4 --left-of DP-5 --noprimary # xrandr --output DP-2 --right-of DP-5 --rotate left --noprimary # ''; environment.sessionVariables.NIXOS_OZONE_WL = "1"; environment.sessionVariables.SDDM_INITIAL_VT = "VT 7"; services.desktopManager.plasma6.enable = true; programs.hyprland = { enable = true; xwayland.enable = true; # package = pkgs.hyprland; # package = hyprland.packages.${pkgs.stdenv.hostPlatform.system}.hyprland; # portalPackage = pkgs.xdg-desktop-portal-hyprland; # portalPackage = inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.xdg-desktop-portal-hyprland; }; # programs.uwsm = { # enable = true; # You must configure waylandCompositors suboptions # waylandCompositors = { # hyprland = { # prettyName = "Hyprland"; # comment = "Hyprland compositor managed by UWSM"; # binPath = "/run/current-system/sw/bin/Hyprland"; # }; # }; # }; hardware.bluetooth.enable = true; # enables support for Bluetooth hardware.bluetooth.powerOnBoot = true; # powers up the default Bluetooth controller on boot security.polkit = { enable = true; extraConfig = '' polkit.addRule(function (action, subject) { if ( subject.isInGroup("users") && [ "org.freedesktop.login1.reboot", "org.freedesktop.login1.reboot-multiple-sessions", "org.freedesktop.login1.power-off", "org.freedesktop.login1.power-off-multiple-sessions", ].indexOf(action.id) !== -1 ) { return polkit.Result.YES; } }); polkit.addRule(function(action, subject) { var YES = polkit.Result.YES; var permission = { // required for udisks1: "org.freedesktop.udisks.filesystem-mount": YES, "org.freedesktop.udisks.luks-unlock": YES, "org.freedesktop.udisks.drive-eject": YES, "org.freedesktop.udisks.drive-detach": YES, // required for udisks2: "org.freedesktop.udisks2.filesystem-mount": YES, "org.freedesktop.udisks2.encrypted-unlock": YES, "org.freedesktop.udisks2.eject-media": YES, "org.freedesktop.udisks2.power-off-drive": YES, // required for udisks2 if using udiskie from another seat (e.g. systemd): "org.freedesktop.udisks2.filesystem-mount-other-seat": YES, "org.freedesktop.udisks2.filesystem-unmount-others": YES, "org.freedesktop.udisks2.encrypted-unlock-other-seat": YES, "org.freedesktop.udisks2.encrypted-unlock-system": YES, "org.freedesktop.udisks2.eject-media-other-seat": YES, "org.freedesktop.udisks2.power-off-drive-other-seat": YES }; if (subject.isInGroup("storage")) { return permission[action.id]; } }); ''; }; # security.pam.services = { # login.enableKwallet = false; # login.kwallet = { # enable = true; # package = pkgs.plasma5Packages.kwallet-pam; # }; # sddm = { # enableKwallet = true; # text = '' # # Enable pam_kwallet5 for sddm # auth optional pam_kwallet5.so # session optional pam_kwallet5.so auto_start # ''; # }; # }; # security.pam.services.wayne.kwallet.enable = true; # security.pam.services.wayne.kwallet.package = pkgs.plasma5Packages.kwallet-pam; # Redirect syslog to TTY12 systemd.services."systemd-journald-tty12" = { description = "Forward syslog to TTY12"; serviceConfig = { ExecStart = "/bin/sh -c 'journalctl -f > /dev/tty12'"; }; wantedBy = [ "multi-user.target" ]; }; # Enable sound with pipewire. hardware.pulseaudio.enable = false; security.rtkit.enable = true; # Enable touchpad support (enabled default in most desktopManager). # services.xserver.libinput.enable = true; # Enable Flakes nix.settings = { experimental-features = [ "nix-command" "flakes" ]; substituters = ["https://hyprland.cachix.org"]; trusted-public-keys = ["hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="]; max-jobs = 12; # Adjust this to your CPU core count or slightly below }; # Define a user account. Don't forget to set a password with ‘passwd’. users = { groups = { wayne.gid = 1000; vmail.gid = 2000; storage.gid = 2010; dialout = {}; plugdev = {}; uinput = {}; }; users = { wayne = { isNormalUser = true; description = "Wayne Hayes"; extraGroups = [ "networkmanager" "wheel" "docker" "wayne" "vmail" "uinput" "storage" ]; openssh.authorizedKeys.keys = []; packages = with pkgs; [ kdePackages.kate ]; shell = pkgs.zsh; }; }; }; security.sudo = { enable = true; extraConfig = '' %wheel ALL=(ALL) NOPASSWD: ${pkgs.input-remapper}/bin/input-remapper-service %wheel ALL=(ALL) NOPASSWD: ${pkgs.input-remapper}/bin/input-remapper-control ''; }; systemd.services.StartInputRemapperDaemonAtLogin = { enable = false; description = "Start input-remapper daemon after login"; unitConfig = { Type = "simple"; }; script = lib.getExe(pkgs.writeShellApplication { name = "start-input-mapper-daemon"; runtimeInputs = with pkgs; [input-remapper procps su]; text = '' until pgrep -u wayne; do sleep 1 done sleep 2 until [ $(pgrep -c -u root "input-remapper") -eq 4 ]; do input-remapper-service& sleep 1 input-remapper-helper& sleep 1 done su wayne -c "input-remapper-control --command stop-all" su wayne -c "input-remapper-control --command autoload" sleep infinity ''; }); wantedBy = [ "default.target" ]; }; # Possible weird bug # systemd.services.ReloadInputRemapperAfterSleep = { # enable = true; # description = "Reload input-remapper config after sleep"; # after = [ "suspend.target" ]; # unitConfig = { # Type = "forking"; # }; # serviceConfig.User = "wayne"; # script = lib.getExe(pkgs.writeShellApplication { # name = "reload-input-mapper-config"; # runtimeInputs = with pkgs; [input-remapper ps gawk]; # text = '' # until [[ $(ps aux | awk '$11~"input-remapper" && $12="" {print $0}' | wc -l) -eq 0 ]]; do # input-remapper-control --command stop-all # input-remapper-control --command autoload # sleep 1 # done # ''; # }); # wantedBy = [ "suspend.target" ]; # }; # Install firefox. programs.firefox.enable = true; programs.zsh.enable = true; # Allow unfree packages nixpkgs.config = { allowUnfree = true; cudaSupport = true; acceptedLicenses = [ "unfree" "unfreeRedistributable" ]; }; programs.nix-ld.enable = true; # programs.nix-ld.libraries = with pkgs; [ # libusb # kdePackages.qt5compat kdePackages.full # libsForQt5.full # libGL # gcc glib xorg.libXext # ]; nixpkgs.config.permittedInsecurePackages = [ "freeimage-unstable-2021-11-01" ]; virtualisation.docker = { enable = true; rootless = { enable = true; setSocketVariable = true; }; daemon.settings = { userland-proxy = false; ipv6 = false; }; }; services = { printing.enable = true; ollama = { enable = true; acceleration = "cuda"; models = "/var/lib/ollama/models"; environmentVariables = {}; }; input-remapper = { enable = true; enableUdevRules = true; package = pkgs.input-remapper; serviceWantedBy = [ "graphical.target" ]; }; # dbus.implementation = "dbus"; # The option `services.dbus.implementation' has conflicting definition values: - In `/nix/store/60sn02zhawl3kwn0r515zff3h6hg6ydz-source/nixos/modules/programs/wayland/uwsm.nix': "broker" udisks2.enable = true; logrotate.enable = true; openssh = { enable = true; ports = [ 22 ]; settings = { PasswordAuthentication = true; AllowUsers = [ "wayne" ]; # Allows all users by default. Can be [ "user1" "user2" ] UseDns = true; X11Forwarding = false; PermitRootLogin = "no"; # "yes", "without-password", "prohibit-password", "forced-commands-only", "no" }; }; # kmonad = { # enable = true; # keyboards = { # myKMonadOutput = { # device = "/dev/input/by-id/usb-Hanvon_Ugee_Shortcut_Remote_000000000000000-event-kbd"; # config = builtins.readFile /home/wayne/.config/kmonad/hanvon-ugee.kbd; # }; # }; # }; avahi = { enable = true; nssmdns4 = true; openFirewall = true; }; pipewire = { enable = true; alsa.enable = true; alsa.support32Bit = true; pulse.enable = true; # If you want to use JACK applications, uncomment this #jack.enable = true; # use the example session manager (no others are packaged yet so this is enabled by default, # no need to redefine it in your config for now) #media-session.enable = true; }; }; # List packages installed in system profile. To search, run: # $ nix search wget environment.systemPackages = with pkgs; [ vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. wget git sshfs pciutils zsh cryptsetup home-manager wpa_supplicant lynx nix-index nix-prefetch-scripts nix-prefetch docker_27 docker-compose direnv nix-direnv # xdg-desktop-portal-hyprland clinfo glxinfo vulkan-tools wayland-utils wl-clipboard kdePackages.kdeplasma-addons kdePackages.qtstyleplugin-kvantum kdePackages.full kdePackages.qtwebengine kdePackages.qtpositioning kdePackages.qtlocation kdePackages.ark plasma5Packages.kwallet-pam kdePackages.dolphin kdePackages.kwallet kdePackages.kwalletmanager kdePackages.konsole evtest input-remapper dbus uwsm # keyd cudaPackages.cudatoolkit # cudaPackages.cuda-samples cifs-utils mesa libGL udiskie # steam-run ]; fonts.packages = with pkgs; [ nerdfonts garamond-libre liberation_ttf ubuntu_font_family libre-baskerville libre-bodoni ]; fonts.fontDir.enable = true; # Some programs need SUID wrappers, can be configured further or are # started in user sessions. # programs.mtr.enable = true; # programs.gnupg.agent = { # enable = true; # enableSSHSupport = true; # }; # List services that you want to enable: nix.settings.auto-optimise-store = true; nix.settings.access-tokens = "nas.local/git=PAT:glpat-bfbAJxv_4tmgySBZcPSZ"; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "24.05"; # Did you read the comment? }