Compare commits
10 Commits
01c90737fc
...
677ec570db
Author | SHA1 | Date | |
---|---|---|---|
677ec570db | |||
6eca6b0950 | |||
15283725f0 | |||
9dbe364430 | |||
582d94604e | |||
26f0996516 | |||
a9b3387db6 | |||
6dbeecbd49 | |||
4422eef64a | |||
8baffe0eae |
|
@ -3,7 +3,7 @@
|
|||
users.users.caleb = {
|
||||
packages = with pkgs;
|
||||
[
|
||||
## apps
|
||||
# apps
|
||||
firefox
|
||||
kate
|
||||
qalculate-qt
|
||||
|
@ -16,18 +16,20 @@
|
|||
monero-gui
|
||||
tor-browser-bundle-bin
|
||||
yubikey-manager-qt
|
||||
gparted
|
||||
hashcat
|
||||
|
||||
##flatpak
|
||||
flatpak
|
||||
gnome.gnome-software
|
||||
libsForQt5.kdeconnect-kde
|
||||
];
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
openjdk8
|
||||
];
|
||||
# kde connect
|
||||
networking.firewall = {
|
||||
enable = true;
|
||||
allowedTCPPortRanges = [
|
||||
{ from = 1714; to = 1764; } # KDE Connect
|
||||
];
|
||||
allowedUDPPortRanges = [
|
||||
{ from = 1714; to = 1764; } # KDE Connect
|
||||
];
|
||||
};
|
||||
|
||||
# install Steam
|
||||
programs.steam = {
|
||||
|
@ -37,8 +39,4 @@
|
|||
};
|
||||
|
||||
# yubikey
|
||||
services.pcscd.enable = true;
|
||||
|
||||
# flatpak for bluebubbles client
|
||||
services.flatpak.enable = true;
|
||||
}
|
||||
services.pcscd.enable = true;
|
|
@ -8,10 +8,7 @@
|
|||
./networking-configuration.nix
|
||||
./application-configuration.nix
|
||||
./software-development-configuration.nix
|
||||
./school-configuration.nix
|
||||
./virtualisation-configuration.nix
|
||||
./faf-linux.nix
|
||||
./winapps.nix
|
||||
];
|
||||
|
||||
# Set time zone.
|
||||
|
@ -39,7 +36,6 @@
|
|||
driSupport32Bit = true;
|
||||
};
|
||||
|
||||
# Allow unfree and insecure packages
|
||||
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
|
||||
"vista-fonts"
|
||||
"corefonts"
|
||||
|
@ -47,8 +43,6 @@
|
|||
"steam"
|
||||
"steam-original"
|
||||
"steam-run"
|
||||
"vscode-extension-ms-vscode-cpptools"
|
||||
"vscode-extension-ms-vscode-remote-remote-ssh"
|
||||
|
||||
"nvidia-x11"
|
||||
"nvidia-settings"
|
||||
|
@ -56,7 +50,8 @@
|
|||
|
||||
"vscode"
|
||||
"code"
|
||||
"Oracle_VM_VirtualBox_Extension_Pack"
|
||||
"vscode-extension-ms-vscode-cpptools"
|
||||
"vscode-extension-ms-vscode-remote-remote-ssh"
|
||||
];
|
||||
|
||||
# Enable the X11 windowing system.
|
||||
|
@ -64,14 +59,14 @@
|
|||
services.xserver.videoDrivers = [ "nvidia" ];
|
||||
|
||||
# Enable the KDE Plasma Desktop Environment.
|
||||
services.xserver.displayManager.sddm.enable = true;
|
||||
services.displayManager.sddm.enable = true;
|
||||
services.xserver.desktopManager.plasma5.enable = true;
|
||||
|
||||
# fonts
|
||||
fonts.packages = with pkgs; [
|
||||
vistafonts
|
||||
corefonts
|
||||
nerdfonts # nvcahd dependency
|
||||
nerdfonts # nvchad dependency
|
||||
];
|
||||
|
||||
# Enable sound with pipewire.
|
||||
|
@ -85,7 +80,7 @@
|
|||
pulse.enable = true;
|
||||
};
|
||||
|
||||
# Define a user account. Don't forget to set a password with ‘passwd’.
|
||||
# Define a user account.
|
||||
users.users.caleb = {
|
||||
isNormalUser = true;
|
||||
description = "caleb";
|
||||
|
@ -137,14 +132,14 @@
|
|||
|
||||
# remote build
|
||||
nix.buildMachines = [
|
||||
/* {
|
||||
{
|
||||
hostName = "talos";
|
||||
system = "x86_64-linux";
|
||||
protocol = "ssh-ng";
|
||||
speedFactor = 4;
|
||||
speedFactor = 2;
|
||||
supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
|
||||
mandatoryFeatures = [ ];
|
||||
} */
|
||||
}
|
||||
{
|
||||
hostName = "january";
|
||||
system = "x86_64-linux";
|
||||
|
@ -153,14 +148,6 @@
|
|||
supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
|
||||
mandatoryFeatures = [ ];
|
||||
}
|
||||
/* {
|
||||
hostName = "pubnix";
|
||||
system = "x86_64-linux";
|
||||
protocol = "ssh-ng";
|
||||
speedFactor = 2;
|
||||
supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
|
||||
mandatoryFeatures = [ ];
|
||||
} */
|
||||
];
|
||||
nix.distributedBuilds = true;
|
||||
# optional, useful when the builder has a faster internet connection than yours
|
||||
|
|
|
@ -11,10 +11,46 @@
|
|||
systemd.services.NetworkManager-wait-online.enable = false; #disable wait online since it is broken
|
||||
hardware.bluetooth.enable = true;
|
||||
|
||||
# Enable encrypted DNS
|
||||
services.dnscrypt-proxy2 = {
|
||||
enable = true;
|
||||
settings = {
|
||||
ipv6_servers = true;
|
||||
require_dnssec = true;
|
||||
};
|
||||
};
|
||||
systemd.services.dnscrypt-proxy2.serviceConfig = {
|
||||
StateDirectory = "dnscrypt-proxy";
|
||||
};
|
||||
|
||||
# Enable mullvad vpn
|
||||
services.mullvad-vpn.package = pkgs.mullvad-vpn;
|
||||
services.mullvad-vpn.enable = true;
|
||||
|
||||
# Enable tailscale
|
||||
services.tailscale.enable = true;
|
||||
}
|
||||
|
||||
# exclude tailscale IPs from mullvad routing
|
||||
networking.nftables = {
|
||||
enable = true;
|
||||
ruleset = ''
|
||||
define TAILNET_DNS = {
|
||||
100.100.100.100,
|
||||
9.9.9.9
|
||||
}
|
||||
define TAILNET_IPV4 = {
|
||||
100.64.0.0/10
|
||||
}
|
||||
define TAILNET_IPV6 = {
|
||||
fd7a:115c:a1e0::/48
|
||||
}
|
||||
table inet excludeTraffic {
|
||||
chain excludeDns {
|
||||
type filter hook output priority -10; policy accept;
|
||||
ip daddr $TAILNET_DNS udp dport 53 ct mark set 0x00000f41 meta mark set 0x6d6f6c65;
|
||||
ip daddr $TAILNET_DNS tcp dport 53 ct mark set 0x00000f41 meta mark set 0x6d6f6c65;
|
||||
}
|
||||
}
|
||||
'';
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,30 +0,0 @@
|
|||
{ pkgs, ... }:
|
||||
{
|
||||
environment.systemPackages = with pkgs; [
|
||||
nmap
|
||||
wireshark
|
||||
libstdcxx5
|
||||
];
|
||||
|
||||
users.users.caleb.packages = with pkgs; [
|
||||
uhd
|
||||
];
|
||||
|
||||
services.udev.extraRules = ''
|
||||
#USRP1
|
||||
SUBSYSTEMS=="usb", ATTRS{idVendor}=="fffe", ATTRS{idProduct}=="0002", MODE:="0666"
|
||||
|
||||
#B100
|
||||
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2500", ATTRS{idProduct}=="0002", MODE:="0666"
|
||||
|
||||
#B200
|
||||
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2500", ATTRS{idProduct}=="0020", MODE:="0666"
|
||||
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2500", ATTRS{idProduct}=="0021", MODE:="0666"
|
||||
SUBSYSTEMS=="usb", ATTRS{idVendor}=="2500", ATTRS{idProduct}=="0022", MODE:="0666"
|
||||
SUBSYSTEMS=="usb", ATTRS{idVendor}=="3923", ATTRS{idProduct}=="7813", MODE:="0666"
|
||||
SUBSYSTEMS=="usb", ATTRS{idVendor}=="3923", ATTRS{idProduct}=="7814", MODE:="0666"
|
||||
'';
|
||||
|
||||
#virtualisation.virtualbox.host.enable = true;
|
||||
#users.extraGroups.vboxusers.members = [ "caleb" ];
|
||||
}
|
|
@ -1,15 +1,4 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
|
||||
# nvidia-offload script
|
||||
let
|
||||
nvidia-offload = pkgs.writeShellScriptBin "nvidia-offload" ''
|
||||
export __NV_PRIME_RENDER_OFFLOAD=1
|
||||
export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0
|
||||
export __GLX_VENDOR_LIBRARY_NAME=nvidia
|
||||
export __VK_LAYER_NV_optimus=NVIDIA_only
|
||||
exec "$@"
|
||||
'';
|
||||
in
|
||||
{
|
||||
imports =
|
||||
[
|
||||
|
@ -25,7 +14,7 @@ in
|
|||
# Nvidia driver setup
|
||||
hardware.nvidia = {
|
||||
modesetting.enable = true;
|
||||
package = config.boot.kernelPackages.nvidiaPackages.latest;
|
||||
package = config.boot.kernelPackages.nvidiaPackages.stable;
|
||||
nvidiaSettings = true;
|
||||
powerManagement = {
|
||||
enable = true;
|
||||
|
|
|
@ -1,43 +0,0 @@
|
|||
{ pkgs, ... }:
|
||||
{
|
||||
environment.systemPackages = with pkgs; [
|
||||
podman-compose
|
||||
docker-compose
|
||||
|
||||
];
|
||||
|
||||
virtualisation = {
|
||||
podman = {
|
||||
enable = true;
|
||||
defaultNetwork.settings.dns_enabled = true;
|
||||
};
|
||||
|
||||
docker = {
|
||||
enable = true;
|
||||
rootless = {
|
||||
enable = true;
|
||||
setSocketVariable = true;
|
||||
};
|
||||
};
|
||||
|
||||
# enable libvirt
|
||||
libvirtd = {
|
||||
enable = true;
|
||||
qemu = {
|
||||
package = pkgs.qemu_kvm;
|
||||
runAsRoot = true;
|
||||
swtpm.enable = true;
|
||||
ovmf = {
|
||||
enable = true;
|
||||
packages = [(pkgs.OVMF.override {
|
||||
secureBoot = true;
|
||||
tpmSupport = true;
|
||||
}).fd];
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
users.users.caleb = {
|
||||
extraGroups = [ "libvirtd" "docker" ];
|
||||
};
|
||||
}
|
|
@ -1,7 +0,0 @@
|
|||
{ pkgs, ... }:
|
||||
{
|
||||
environment.systemPackages = with pkgs; [
|
||||
freerdp
|
||||
bc
|
||||
];
|
||||
}
|
Loading…
Reference in New Issue
Block a user