system/nixos/hosts/home/default.nix

113 lines
2.4 KiB
Nix
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{ config, pkgs, ... }:
{
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
../../shared/common.nix
../../shared/sound.nix
../../shared/window-manager.nix
../../shared/fonts.nix
../../shared/gnupg.nix
../../shared/garbage-collector.nix
../../shared/networking.secret.nix
../../shared/ipfs.nix
];
# Configure kernel
boot = {
# I cannot use rtl88x2bu driver in stable
kernelPackages = pkgs.unstable.linuxPackages_6_1;
extraModulePackages = with config.boot.kernelPackages; [
rtl88x2bu
];
};
# Use the GRUB 2 boot loader.
boot.loader.grub = {
enable = true;
device = "/dev/sdb";
};
networking = {
hostName = "home"; # Define your hostname.
useDHCP = false;
interfaces = {
enp3s0.useDHCP = true;
wlp11s0f3u2.useDHCP = true;
};
networkmanager.enable = true;
firewall.allowedTCPPortRanges = [
{ from = 1300; to = 1400; }
];
};
local.nix.allowUnfreePackages = [ "cnijfilter2" ];
services.openssh.enable = true;
services = {
avahi = {
enable = true;
nssmdns = true;
};
printing = {
enable = true;
drivers = with pkgs; [ gutenprint cnijfilter2 ];
};
};
services.xserver = {
# All monitors in the right order
# Source: https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/services/x11/xserver.nix#L83
xrandrHeads = [
{
output = "HDMI-1";
monitorConfig = ''
Option "PreferredMode" "1920x1080"
Option "Rotate" "right"
'';
}
{
output = "DP-1";
primary = true;
monitorConfig = ''
Option "PreferredMode" "2560x1440"
'';
}
];
};
services.logind.extraConfig = ''
# dont shutdown when power button is short-pressed
HandlePowerKey=ignore
'';
# Enable the Docker
virtualisation.docker.enable = true;
# Additional nix configs
local.nix.enableMyRegistry = true;
# Wireguard client
age.secrets.wireguard-home-private = {
file = ../../../secrets/wireguard-home-private.age;
mode = "0400";
};
local.wireguard = {
enable = true;
ip = "10.20.30.3/24";
privateKeyFile = config.age.secrets.wireguard-home-private.path;
};
# Invisible internet project
services.i2pd = {
enable = true;
proto.httpProxy.enable = true;
proto.http.enable = true;
};
services.transmission.enable = true;
}