Compare commits
2 commits
f2445e610b
...
029a324787
Author | SHA1 | Date | |
---|---|---|---|
029a324787 | |||
cb19bffc0a |
4 changed files with 73 additions and 73 deletions
11
.gitignore
vendored
11
.gitignore
vendored
|
@ -1,11 +0,0 @@
|
||||||
# ---> Nix
|
|
||||||
# Ignore build outputs from performing a nix-build or `nix build` command
|
|
||||||
result
|
|
||||||
result-*
|
|
||||||
hardware-configuration.nix
|
|
||||||
|
|
||||||
# Ignore Emacs temp files
|
|
||||||
*~
|
|
||||||
|
|
||||||
flake.lock
|
|
||||||
|
|
|
@ -2,17 +2,23 @@
|
||||||
# your system. Help is available in the configuration.nix(5) man page
|
# your system. Help is available in the configuration.nix(5) man page
|
||||||
# and in the NixOS manual (accessible by running `nixos-help`).
|
# and in the NixOS manual (accessible by running `nixos-help`).
|
||||||
|
|
||||||
{ config, inputs, pkgs, lib, ... }:
|
{
|
||||||
|
config,
|
||||||
|
inputs,
|
||||||
|
pkgs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
|
||||||
{
|
{
|
||||||
imports =
|
imports = [
|
||||||
[ # Include the results of the hardware scan.
|
# Include the results of the hardware scan.
|
||||||
# NOTE: Required bevuta config is part of this file here, and not bevuta specific.
|
# NOTE: Required bevuta config is part of this file here, and not bevuta specific.
|
||||||
# ./bevuta-config/bevuta.nix
|
# ./bevuta-config/bevuta.nix
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
"${builtins.fetchTarball "https://github.com/nix-community/disko/archive/master.tar.gz"}/module.nix"
|
"${builtins.fetchTarball "https://github.com/nix-community/disko/archive/master.tar.gz"}/module.nix"
|
||||||
./disko-config.nix
|
./disko-config.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
# Use the systemd-boot EFI boot loader.
|
# Use the systemd-boot EFI boot loader.
|
||||||
|
|
||||||
|
@ -35,7 +41,7 @@
|
||||||
#networking.hostName = "ziltis-desktop"; # Define your hostname.
|
#networking.hostName = "ziltis-desktop"; # Define your hostname.
|
||||||
# Pick only one of the below networking options.
|
# Pick only one of the below networking options.
|
||||||
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
|
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
|
||||||
networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
|
networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
|
||||||
|
|
||||||
# Set your time zone.
|
# Set your time zone.
|
||||||
time.timeZone = "Europe/Berlin";
|
time.timeZone = "Europe/Berlin";
|
||||||
|
@ -48,7 +54,7 @@
|
||||||
# i18n.defaultLocale = "en_US.UTF-8";
|
# i18n.defaultLocale = "en_US.UTF-8";
|
||||||
console = {
|
console = {
|
||||||
font = "Lat2-Terminus16";
|
font = "Lat2-Terminus16";
|
||||||
# keyMap = "de";
|
# keyMap = "de";
|
||||||
useXkbConfig = true; # use xkbOptions in tty.
|
useXkbConfig = true; # use xkbOptions in tty.
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -87,11 +93,10 @@
|
||||||
|
|
||||||
programs.hyprland = {
|
programs.hyprland = {
|
||||||
enable = true;
|
enable = true;
|
||||||
package = inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.hyprland;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
services.flatpak.enable = true;
|
services.flatpak.enable = true;
|
||||||
nixpkgs.config.allowUnfree = true;
|
nixpkgs.config.allowUnfree = true;
|
||||||
|
|
||||||
# Enable CUPS to print documents.
|
# Enable CUPS to print documents.
|
||||||
# services.printing.enable = true;
|
# services.printing.enable = true;
|
||||||
|
@ -105,27 +110,27 @@
|
||||||
apparmor = {
|
apparmor = {
|
||||||
enable = true;
|
enable = true;
|
||||||
policies.dummy.profile = ''
|
policies.dummy.profile = ''
|
||||||
/dummy {
|
/dummy {
|
||||||
}
|
}
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
# This blacklist is from bevuta
|
# This blacklist is from bevuta
|
||||||
pki.caCertificateBlacklist = [
|
pki.caCertificateBlacklist = [
|
||||||
"certSIGN ROOT CA"
|
"certSIGN ROOT CA"
|
||||||
"certSIGN Root CA G2"
|
"certSIGN Root CA G2"
|
||||||
"CFCA EV ROOT"
|
"CFCA EV ROOT"
|
||||||
"ePKI Root Certification Authority"
|
"ePKI Root Certification Authority"
|
||||||
"SecureSign RootCA11"
|
"SecureSign RootCA11"
|
||||||
"GDCA TrustAUTH R5 ROOT"
|
"GDCA TrustAUTH R5 ROOT"
|
||||||
"Hongkong Post Root CA 3"
|
"Hongkong Post Root CA 3"
|
||||||
"TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1"
|
"TUBITAK Kamu SM SSL Kok Sertifikasi - Surum 1"
|
||||||
"Hellenic Academic and Research Institutions ECC RootCA 2015"
|
"Hellenic Academic and Research Institutions ECC RootCA 2015"
|
||||||
"Hellenic Academic and Research Institutions RootCA 2015"
|
"Hellenic Academic and Research Institutions RootCA 2015"
|
||||||
"NAVER Global Root Certification Authority"
|
"NAVER Global Root Certification Authority"
|
||||||
"UCA Extended Validation Root"
|
"UCA Extended Validation Root"
|
||||||
"UCA Global G2 Root"
|
"UCA Global G2 Root"
|
||||||
"TWCA Global Root CA"
|
"TWCA Global Root CA"
|
||||||
"TWCA Root Certification Authority"
|
"TWCA Root Certification Authority"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -150,7 +155,12 @@
|
||||||
|
|
||||||
users.users.zilti = {
|
users.users.zilti = {
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
extraGroups = [ "wheel" "libvirtd" "kvm" "qemu" ];
|
extraGroups = [
|
||||||
|
"wheel"
|
||||||
|
"libvirtd"
|
||||||
|
"kvm"
|
||||||
|
"qemu"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
services.fprintd = {
|
services.fprintd = {
|
||||||
|
@ -182,22 +192,23 @@
|
||||||
libvirtd = {
|
libvirtd = {
|
||||||
enable = true;
|
enable = true;
|
||||||
qemu = {
|
qemu = {
|
||||||
package = pkgs.qemu_kvm;
|
package = pkgs.qemu_full;
|
||||||
runAsRoot = true;
|
runAsRoot = true;
|
||||||
swtpm.enable = true;
|
swtpm.enable = true;
|
||||||
vhostUserPackages = [ pkgs.virtiofsd ];
|
vhostUserPackages = [ pkgs.virtiofsd ];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
# podman = {
|
|
||||||
# enable = true;
|
# podman = {
|
||||||
# dockerCompat = true;
|
# enable = true;
|
||||||
# defaultNetwork.settings.dns_enabled = true;
|
# dockerCompat = true;
|
||||||
# };
|
# defaultNetwork.settings.dns_enabled = true;
|
||||||
# containers.storage.settings = {
|
# };
|
||||||
# storage = {
|
# containers.storage.settings = {
|
||||||
# driver = "btrfs";
|
# storage = {
|
||||||
# };
|
# driver = "btrfs";
|
||||||
# };
|
# };
|
||||||
|
# };
|
||||||
};
|
};
|
||||||
|
|
||||||
# Some programs need SUID wrappers, can be configured further or are
|
# Some programs need SUID wrappers, can be configured further or are
|
||||||
|
@ -236,19 +247,25 @@
|
||||||
networking.firewall = {
|
networking.firewall = {
|
||||||
enable = true;
|
enable = true;
|
||||||
allowedTCPPortRanges = [
|
allowedTCPPortRanges = [
|
||||||
{ from = 1714; to = 1764; }
|
{
|
||||||
|
from = 1714;
|
||||||
|
to = 1764;
|
||||||
|
}
|
||||||
];
|
];
|
||||||
allowedUDPPortRanges = [
|
allowedUDPPortRanges = [
|
||||||
{ from = 1714; to = 1764; }
|
{
|
||||||
|
from = 1714;
|
||||||
|
to = 1764;
|
||||||
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
# networking.extraHosts = ''
|
# networking.extraHosts = ''
|
||||||
# 127.0.0.1 l.redsky.io
|
# 127.0.0.1 l.redsky.io
|
||||||
# ::1 l.redsky.io
|
# ::1 l.redsky.io
|
||||||
# '';
|
# '';
|
||||||
|
|
||||||
# security.pam.services.swaylock = {};
|
# security.pam.services.swaylock = {};
|
||||||
|
|
||||||
services.btrfs = {
|
services.btrfs = {
|
||||||
autoScrub = {
|
autoScrub = {
|
||||||
|
@ -287,4 +304,3 @@
|
||||||
# the idiocy of all the people who keep recommending it online.
|
# the idiocy of all the people who keep recommending it online.
|
||||||
nix.settings.experimental-features = "nix-command flakes";
|
nix.settings.experimental-features = "nix-command flakes";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -25,11 +25,6 @@
|
||||||
};
|
};
|
||||||
# flatpaks.url = "github:GermanBread/declarative-flatpak/stable-v3";
|
# flatpaks.url = "github:GermanBread/declarative-flatpak/stable-v3";
|
||||||
nix-flatpak.url = "github:gmodena/nix-flatpak/?ref=v0.4.1";
|
nix-flatpak.url = "github:gmodena/nix-flatpak/?ref=v0.4.1";
|
||||||
hyprland.url = "git+https://github.com/hyprwm/Hyprland?submodules=1&ref=refs/tags/v0.43.0";
|
|
||||||
hyprsplit = {
|
|
||||||
url = "github:shezdy/hyprsplit";
|
|
||||||
inputs.hyprland.follows = "hyprland";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs = inputs@{ nixpkgs, home-manager, nix-flatpak, ... }: {
|
outputs = inputs@{ nixpkgs, home-manager, nix-flatpak, ... }: {
|
||||||
|
|
|
@ -17,8 +17,8 @@ args@{ config, lib, inputs, pkgs, wayland, ... }:
|
||||||
wayland.windowManager.hyprland = {
|
wayland.windowManager.hyprland = {
|
||||||
enable = true;
|
enable = true;
|
||||||
systemd.enable = true;
|
systemd.enable = true;
|
||||||
plugins = [
|
plugins = with pkgs.hyprlandPlugins; [
|
||||||
inputs.hyprsplit.packages.${pkgs.stdenv.hostPlatform.system}.hyprsplit
|
hyprsplit
|
||||||
];
|
];
|
||||||
settings = {
|
settings = {
|
||||||
source =
|
source =
|
||||||
|
@ -175,7 +175,7 @@ args@{ config, lib, inputs, pkgs, wayland, ... }:
|
||||||
exec-once = [
|
exec-once = [
|
||||||
"[workspace special] ${pkgs.kitty}/bin/kitty"
|
"[workspace special] ${pkgs.kitty}/bin/kitty"
|
||||||
# "sleep 1; hyprctl dispatch layoutmsg orientationleft; hyprctl dispatch togglespecialworkspace"
|
# "sleep 1; hyprctl dispatch layoutmsg orientationleft; hyprctl dispatch togglespecialworkspace"
|
||||||
"blueman-applet &"
|
"sleep 5 && blueman-applet &"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
Loading…
Reference in a new issue