The Nest
Explore
0
My system configuration via Nix flakes 
# Edit this configuration file to define what should be installed on
# your system.  Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running ‘nixos-help’).

{ pkgs, ... }:

{
  imports = [
    # Include the results of the hardware scan.
    ./hardware-configuration.nix
  ];

  # GPU driver
  hardware.graphics.enable = true;
  services.xserver.videoDrivers = [ "nvidia" ];
  hardware.nvidia.open = false;

  # Try to pass through Wii remotes
  # services.udev.packages = [ pkgs.dolphinEmu ];

  # Should avoid tmpfs running out of space, thanks to: https://discourse.nixos.org/t/run-usr-id-is-too-small/4842
  services.logind.settings.Login.RuntimeDirectorySize = "4G";

  security.sudo-rs.enable = true;

  # Lorri for development shells
  services.lorri.enable = true;

  # Set journald size limit
  # Thanks to https://bbs.archlinux.org/viewtopic.php?id=186096
  services.journald.extraConfig = "SystemMaxUse = 50M";

  # Setup binary caching
  nix.settings = {
    # add binary caches
    substituters = [
      "https://cache.lix.systems"
      "https://cache.nixos.org"
      "https://nix-community.cachix.org"
    ];

    trusted-public-keys = [
      "cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o="
      "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
      "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
    ];
  };

  # This replaces `iptables` for the firewall
  networking.nftables.enable = true;

  # Open minecraft server port
  networking.firewall.allowedTCPPorts = [ 25565 ];

  # Bluetooth
  hardware.bluetooth = {
    enable = true;
    powerOnBoot = true;
  };

  # Enabled for rr performance
  boot.kernel.sysctl."kernel.perf_event_paranoid" = -1;

  # OSX-KVM (https://nixos.wiki/wiki/OSX-KVM)
  boot.kernelModules = [ "kvm-amd" ];
  boot.extraModprobeConfig = ''
    options kvm_intel nested=1
    options kvm_intel emulate_invalid_guest_state=0
    options kvm ignore_msrs=1
  '';
  virtualisation.spiceUSBRedirection.enable = true;

  # https://nixos.wiki/wiki/Libvirt
  virtualisation.libvirtd = {
    enable = true;
    qemu = {
      package = pkgs.qemu_kvm;
      runAsRoot = true;
      swtpm.enable = true;
    };
  };

  # TRIM ssd on regular basis (weekly)
  services.fstrim.enable = true;

  # Automatically hard-link where appropriate
  nix.settings.auto-optimise-store = true;

  # Disable wifi powersaving mode
  networking.networkmanager.wifi.powersave = false;

  # Use the zen kernel
  boot.kernelPackages = pkgs.linuxPackages_zen;

  # Allow RDRAND instruction
  # Thanks to https://bbs.archlinux.org/viewtopic.php?id=249106
  boot.kernelParams = [ "random.trust_cpu=on" ];

  # Bootloader.
  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;
  boot.loader.efi.efiSysMountPoint = "/boot/efi";

  networking.hostName = "nixos"; # Define your hostname.

  # Enable networking
  networking.networkmanager.enable = true;

  # Don't wait for connection to boot
  systemd.services.NetworkManager-wait-online.enable = false;

  # Mount with `noatime` option
  fileSystems."/".options = [ "noatime" ];

  # Select internationalisation properties.
  i18n.defaultLocale = "en_AU.UTF-8";

  # Enable the COSMIC Desktop Environment.
  services.displayManager.cosmic-greeter.enable = true;
  services.desktopManager.cosmic.enable = true;

  # Enable System76 scheduler
  services.system76-scheduler.enable = true;

  # Credentials (GPG/SSH)
  programs.gnupg.agent = {
    enable = true;
    pinentryPackage = pkgs.pinentry-gnome3;
  };
  services.gnome.gnome-keyring.enable = true;

  # Fix fonts
  fonts = {
    enableDefaultPackages = true;
    fontDir.enable = true;
    packages = with pkgs; [
      intel-one-mono
      cantarell-fonts # GNOME default font
    ];
    fontconfig = {
      enable = true;
      useEmbeddedBitmaps = true;
      defaultFonts = {
        monospace = [ "Intel One Mono" ];
        sansSerif = [ "Intel One Mono" ];
      };
    };

  };
  # Configure keymap in X11
  services.xserver.xkb = {
    layout = "au";
    variant = "";
  };

  # Enable CUPS to print documents.
  services.printing.enable = true;

  # rtkit is optional but recommended
  security.rtkit.enable = true;
  services.pipewire = {
    enable = true;
    alsa.enable = true;
    alsa.support32Bit = true;
    pulse.enable = true;
  };

  # Setup nushell as the default shell
  users.defaultUserShell = pkgs.nushell;

  # Define a user account. Don't forget to set a password with ‘passwd’.
  users.users.finchie = {
    isNormalUser = true;
    description = "Finchie";
    shell = pkgs.nushell;
    extraGroups = [
      "networkmanager"
      "wheel"
      "docker"
      "libvirtd"
      "kvm"
    ];
  };

  # Allow unfree packages
  nixpkgs.config = {
    allowUnfree = true;
    nvidia.acceptLicense = true;
  };

  # Steam configuration
  nixpkgs.config.packageOverrides = pkgs: {
    steam = pkgs.steam.override { extraPkgs = pkgs: with pkgs; [ libgdiplus ]; };
  };
  programs.steam.enable = true;

  # This value determines the NixOS release from which the default
  # settings for stateful data, like file locations and database versions
  # on your system were taken. It‘s perfectly fine and recommended to leavecatenate(variables, "bootdev", bootdev)
  # this value at the release version of the first install of this system.
  # Before changing this value read the documentation for this option
  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
  system.stateVersion = "22.05"; # Did you read the comment?

  nix = {
    # package = pkgs.nixVersions.latest;
    extraOptions = ''
      experimental-features = nix-command flakes auto-allocate-uids
    '';
  };
}