136 lines
3 KiB
Nix
136 lines
3 KiB
Nix
{
|
|
config,
|
|
pkgs,
|
|
inputs,
|
|
lib,
|
|
...
|
|
}:
|
|
let
|
|
unfuckWifi = pkgs.writeShellScript "unfuckWifi" ''
|
|
modprobe -r mt7921e
|
|
modprobe mt7921e
|
|
'';
|
|
in
|
|
{
|
|
# containers.podmantest = {
|
|
# privateNetwork = true;
|
|
# enableTun = true;
|
|
# additionalCapabilities = [
|
|
# "CAP_NET_ADMIN"
|
|
# "CAP_MKNOD"
|
|
# "CAP_BPF"
|
|
# "CAP_DAC_READ_SEARCH"
|
|
# "CAP_SYS_RESOURCE"
|
|
# "CAP_SYS_ADMIN"
|
|
# ];
|
|
# hostAddress = "192.168.100.10";
|
|
# localAddress = "192.168.100.11";
|
|
# config =
|
|
# { ... }:
|
|
# {
|
|
# virtualisation.oci-containers.containers.test = {
|
|
# image = "docker.io/library/nginx";
|
|
# ports = [
|
|
# "80:80"
|
|
# "443:443"
|
|
# ];
|
|
# };
|
|
# };
|
|
# };
|
|
# networking.nat.enable = true;
|
|
# networking.nat.internalInterfaces = [ "ve-+" ];
|
|
# networking.nat.externalInterface = "enp195s0f4u1u3";
|
|
|
|
nixpkgs.system = "x86_64-linux";
|
|
imports = [ ./hardware-configuration.nix ];
|
|
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
|
|
|
|
# TODO: remove when turning on impermanence
|
|
sops.gnupg.sshKeyPaths = [ "/etc/ssh/ssh_host_rsa_key" ];
|
|
|
|
home-manager.users.${config.xyno.system.user.name} = (
|
|
{ ... }:
|
|
{
|
|
xyno.borgmatic.enable = true;
|
|
}
|
|
);
|
|
nixpkgs.config.permittedInsecurePackages = [
|
|
"olm-3.2.16"
|
|
];
|
|
networking.firewall.interfaces."tailscale0".allowedTCPPorts = [ 35963 ];
|
|
security.wrappers.unfuck-wifi = {
|
|
owner = "root";
|
|
group = "root";
|
|
setuid = true;
|
|
source = unfuckWifi;
|
|
};
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
aerc
|
|
oama # required for aerc
|
|
libsecret # required for oama
|
|
easyeffects
|
|
jabref
|
|
glib # rider wants gsettings
|
|
krita
|
|
strawberry
|
|
pandoc
|
|
tectonic
|
|
rquickshare
|
|
unstable.supersonic-wayland
|
|
nheko
|
|
anki-bin
|
|
gimp3
|
|
anytype
|
|
monero-gui
|
|
pencil2d
|
|
python311Packages.brother-ql
|
|
ptouch-print
|
|
hledger
|
|
|
|
];
|
|
environment.variables."LEDGER_FILE" = "~/docs/hledger/main.journal";
|
|
|
|
time.timeZone = "Europe/Berlin";
|
|
|
|
# orcaslicer
|
|
networking.firewall.allowedTCPPorts = [
|
|
1880
|
|
2021
|
|
4711
|
|
];
|
|
networking.firewall.allowedUDPPorts = [
|
|
1880
|
|
5353
|
|
2021
|
|
];
|
|
|
|
services.tailscale.enable = true;
|
|
services.tailscale.useRoutingFeatures = "client";
|
|
xyno.common.enable = true;
|
|
xyno.desktop.common-programs.enable = true;
|
|
xyno.hardware.kmonad.enable = true;
|
|
xyno.hardware.smartcard.enable = true;
|
|
xyno.presets.cli.enable = true;
|
|
xyno.presets.gui.enable = true;
|
|
xyno.presets.development.enable = true;
|
|
xyno.presets.home-manager.enable = true;
|
|
xyno.system.user.enable = true;
|
|
services.openssh.enable = true;
|
|
xyno.user-services.syncthing = {
|
|
enable = true;
|
|
tray = true;
|
|
};
|
|
xyno.networking.networkd = {
|
|
enable = true;
|
|
enableWifi = true;
|
|
};
|
|
# xyno.desktop.easyeffects.enable = true;
|
|
# xyno.desktop.fcitx5.enable = true;
|
|
hardware.bluetooth.enable = true;
|
|
services.blueman.enable = true;
|
|
services.power-profiles-daemon.enable = true;
|
|
programs.kdeconnect.enable = true;
|
|
|
|
system.stateVersion = "24.11";
|
|
}
|