# This is your system's configuration file. # Use this to configure your system environment (it replaces /etc/nixos/configuration.nix) { inputs, outputs, lib, config, pkgs, ... }: { imports = [ # Import shared packages ../shared ]; nixpkgs = { # You can add overlays here overlays = [ # Add overlays your own flake exports (from overlays and pkgs dir): outputs.overlays.additions outputs.overlays.modifications #outputs.overlays.unstable-packages # You can also add overlays exported from other flakes: # neovim-nightly-overlay.overlays.default # Or define it inline, for example: # (final: prev: { # hi = final.hello.overrideAttrs (oldAttrs: { # patches = [ ./change-hello-to-hi.patch ]; # }); # }) ]; # Configure your nixpkgs instance config = { # Disable if you don't want unfree packages allowUnfree = true; }; }; nix = { gc = { automatic = true; dates = "weekly"; options = "--delete-older-than 7d"; }; # This will add each flake input as a registry # To make nix3 commands consistent with your flake registry = lib.mapAttrs (_: value: {flake = value;}) inputs; # This will additionally add your inputs to the system's legacy channels # Making legacy nix commands consistent as well, awesome! nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry; settings = { # Enable flakes and new 'nix' command experimental-features = "nix-command flakes"; # Deduplicate and optimize nix store auto-optimise-store = true; }; }; environment.systemPackages = with pkgs; [ # Custom tools dvd dvt servo # System tools direnv git-filter-repo gnupg pciutils podman podman-compose sbctl waydroid xwaylandvideobridge yubikey-personalization zsh # KDE/QT krunner-translator libsForQt5.discover libsForQt5.kcalc libsForQt5.kdepim-addons libsForQt5.kirigami2 libsForQt5.kdeconnect-kde libsForQt5.krunner-ssh libsForQt5.krunner-symbols libsForQt5.packagekit-qt libportal-qt5 # User tools noisetorch qjackctl wireplumber ]; programs.direnv = { enable = true; }; # Enable networking networking.networkmanager.enable = true; programs.steam = { enable = true; remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server }; hardware.opengl.driSupport32Bit = true; # Enables support for 32bit libs that steam uses # Set your time zone. time.timeZone = "Europe/Amsterdam"; # Enable the X11 windowing system. services.xserver.enable = true; # Enable the KDE Plasma Desktop Environment. services.xserver.displayManager.sddm.enable = true; services.xserver.desktopManager.plasma5.enable = true; services.xserver.displayManager.defaultSession = "plasmawayland"; programs.kdeconnect.enable = true; # Enable flatpak support services.flatpak.enable = true; services.packagekit.enable = true; # Configure keymap in X11 services.xserver.xkb = { layout = "us"; variant = ""; options = "terminate:ctrl_alt_bksp,compose:caps_toggle"; }; # Enable CUPS to print documents. services.printing.enable = true; # Enable bluetooth hardware hardware.bluetooth.enable = true; # Enable fwupd daemon and user space client services.fwupd.enable = true; # Enable sound with pipewire. sound.enable = true; hardware.pulseaudio.enable = false; security.rtkit.enable = true; services.pipewire = { enable = true; alsa.enable = true; alsa.support32Bit = true; pulse.enable = true; jack.enable = true; wireplumber.enable = true; }; programs.noisetorch = { enable = true; }; programs.zsh = { enable = true; }; virtualisation.podman = { enable = true; dockerCompat = true; }; sops.defaultSopsFile = ./secrets/sops.yaml; sops.age.keyFile = ../../../../../../var/secrets/keys.txt; sops.secrets."lillian-password".neededForUsers = true; users.users.lillian = { isNormalUser = true; extraGroups = ["sudo" "networkmanager" "wheel" "vboxsf" "docker"]; shell = pkgs.zsh; hashedPasswordFile = config.sops.secrets."lillian-password".path; }; users.mutableUsers = false; users.users.root = { hashedPassword = "*"; }; boot.bootspec.enable = true; boot.kernelPackages = pkgs.linuxPackages_latest; boot.supportedFilesystems = ["bcachefs"]; boot.extraModulePackages = with config.boot.kernelPackages; [v4l2loopback.out]; boot.kernelModules = [ # Virtual Camera "v4l2loopback" # Virtual Microphone, built-in "snd-aloop" ]; # Set initial kernel module settings boot.extraModprobeConfig = '' # exclusive_caps: Skype, Zoom, Teams etc. will only show device when actually streaming # card_label: Name of virtual camera, how it'll show up in Skype, Zoom, Teams # https://github.com/umlaeute/v4l2loopback options v4l2loopback exclusive_caps=1 card_label="Virtual Camera" ''; boot.loader.systemd-boot.configurationLimit = 3; boot.loader.efi.canTouchEfiVariables = true; # Enable completion of system packages by zsh environment.pathsToLink = ["/share/zsh"]; }