wrapping up changes in surface
This commit is contained in:
parent
57e365db33
commit
d7706ac3fd
|
@ -7,7 +7,6 @@
|
||||||
firefox
|
firefox
|
||||||
kate
|
kate
|
||||||
qalculate-qt
|
qalculate-qt
|
||||||
keepassxc
|
|
||||||
libsForQt5.krdc
|
libsForQt5.krdc
|
||||||
libreoffice-qt
|
libreoffice-qt
|
||||||
isoimagewriter
|
isoimagewriter
|
||||||
|
@ -16,23 +15,11 @@
|
||||||
monero-gui
|
monero-gui
|
||||||
tor-browser-bundle-bin
|
tor-browser-bundle-bin
|
||||||
yubikey-manager-qt
|
yubikey-manager-qt
|
||||||
libsForQt5.kdeconnect-kde
|
|
||||||
|
|
||||||
docker-compose
|
docker-compose
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
# kde connect
|
|
||||||
networking.firewall = {
|
|
||||||
enable = true;
|
|
||||||
allowedTCPPortRanges = [
|
|
||||||
{ from = 1714; to = 1764; } # KDE Connect
|
|
||||||
];
|
|
||||||
allowedUDPPortRanges = [
|
|
||||||
{ from = 1714; to = 1764; } # KDE Connect
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
# install Steam
|
# install Steam
|
||||||
programs.steam = {
|
programs.steam = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -30,10 +30,9 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
# Enable opengl
|
# Enable opengl
|
||||||
hardware.opengl = {
|
hardware.graphics = {
|
||||||
enable = true;
|
enable = true;
|
||||||
driSupport = true;
|
enable32Bit = true;
|
||||||
driSupport32Bit = true;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
|
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
|
||||||
|
@ -60,7 +59,7 @@
|
||||||
|
|
||||||
# Enable the KDE Plasma Desktop Environment.
|
# Enable the KDE Plasma Desktop Environment.
|
||||||
services.displayManager.sddm.enable = true;
|
services.displayManager.sddm.enable = true;
|
||||||
services.xserver.desktopManager.plasma5.enable = true;
|
services.desktopManager.plasma6.enable = true;
|
||||||
|
|
||||||
# fonts
|
# fonts
|
||||||
fonts.packages = with pkgs; [
|
fonts.packages = with pkgs; [
|
||||||
|
|
|
@ -11,46 +11,10 @@
|
||||||
systemd.services.NetworkManager-wait-online.enable = false; #disable wait online since it is broken
|
systemd.services.NetworkManager-wait-online.enable = false; #disable wait online since it is broken
|
||||||
hardware.bluetooth.enable = true;
|
hardware.bluetooth.enable = true;
|
||||||
|
|
||||||
# Enable encrypted DNS
|
|
||||||
services.dnscrypt-proxy2 = {
|
|
||||||
enable = true;
|
|
||||||
settings = {
|
|
||||||
ipv6_servers = true;
|
|
||||||
require_dnssec = true;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
systemd.services.dnscrypt-proxy2.serviceConfig = {
|
|
||||||
StateDirectory = "dnscrypt-proxy";
|
|
||||||
};
|
|
||||||
|
|
||||||
# Enable mullvad vpn
|
# Enable mullvad vpn
|
||||||
services.mullvad-vpn.package = pkgs.mullvad-vpn;
|
services.mullvad-vpn.package = pkgs.mullvad-vpn;
|
||||||
services.mullvad-vpn.enable = true;
|
services.mullvad-vpn.enable = true;
|
||||||
|
|
||||||
# Enable tailscale
|
# Enable tailscale
|
||||||
services.tailscale.enable = true;
|
services.tailscale.enable = true;
|
||||||
|
|
||||||
# exclude tailscale IPs from mullvad routing
|
|
||||||
/* networking.nftables = {
|
|
||||||
enable = true;
|
|
||||||
ruleset = ''
|
|
||||||
define TAILNET_DNS = {
|
|
||||||
100.100.100.100,
|
|
||||||
9.9.9.9
|
|
||||||
}
|
|
||||||
define TAILNET_IPV4 = {
|
|
||||||
100.64.0.0/10
|
|
||||||
}
|
|
||||||
define TAILNET_IPV6 = {
|
|
||||||
fd7a:115c:a1e0::/48
|
|
||||||
}
|
|
||||||
table inet excludeTraffic {
|
|
||||||
chain excludeDns {
|
|
||||||
type filter hook output priority -10; policy accept;
|
|
||||||
ip daddr $TAILNET_DNS udp dport 53 ct mark set 0x00000f41 meta mark set 0x6d6f6c65;
|
|
||||||
ip daddr $TAILNET_DNS tcp dport 53 ct mark set 0x00000f41 meta mark set 0x6d6f6c65;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
'';
|
|
||||||
}; */
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -8,7 +8,7 @@
|
||||||
##### SB3 Hardware #####
|
##### SB3 Hardware #####
|
||||||
# surface kernel config
|
# surface kernel config
|
||||||
users.users.caleb.extraGroups = [ "surface-control" ];
|
users.users.caleb.extraGroups = [ "surface-control" ];
|
||||||
microsoft-surface.surface-control.enable = true;
|
#microsoft-surface.surface-control.enable = true;
|
||||||
hardware.cpu.intel.updateMicrocode = true;
|
hardware.cpu.intel.updateMicrocode = true;
|
||||||
|
|
||||||
# Nvidia driver setup
|
# Nvidia driver setup
|
||||||
|
@ -20,7 +20,6 @@
|
||||||
enable = true;
|
enable = true;
|
||||||
finegrained = true;
|
finegrained = true;
|
||||||
};
|
};
|
||||||
nvidiaPersistenced = true;
|
|
||||||
prime = {
|
prime = {
|
||||||
offload = {
|
offload = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -31,12 +30,4 @@
|
||||||
nvidiaBusId = "PCI:2:0:0";
|
nvidiaBusId = "PCI:2:0:0";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
# preserve video memory after suspend https://wiki.archlinux.org/title/NVIDIA/Tips_and_tricks#Preserve_video_memory_after_suspend
|
|
||||||
boot.extraModprobeConfig = ''
|
|
||||||
options nvidia NVreg_PreserveVideoMemoryAllocations=1 NVreg_TemporaryFilePath=/var/tmp
|
|
||||||
'';
|
|
||||||
|
|
||||||
# change backlight agent
|
|
||||||
boot.kernelParams = [ "acpi_osi=!" "acpi_osi=\"Windows 2015\""];
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue
Block a user