113 lines
2.4 KiB
Nix
113 lines
2.4 KiB
Nix
{ config, pkgs, ... }:
|
||
|
||
{
|
||
imports = [
|
||
# Include the results of the hardware scan.
|
||
./hardware-configuration.nix
|
||
../../shared/common.nix
|
||
../../shared/sound.nix
|
||
../../shared/window-manager.nix
|
||
../../shared/fonts.nix
|
||
../../shared/gnupg.nix
|
||
../../shared/garbage-collector.nix
|
||
../../shared/networking.secret.nix
|
||
../../shared/ipfs.nix
|
||
];
|
||
|
||
# Configure kernel
|
||
boot = {
|
||
# I cannot use rtl88x2bu driver in stable
|
||
kernelPackages = pkgs.unstable.linuxPackages_6_1;
|
||
extraModulePackages = with config.boot.kernelPackages; [
|
||
rtl88x2bu
|
||
];
|
||
};
|
||
|
||
# Use the GRUB 2 boot loader.
|
||
boot.loader.grub = {
|
||
enable = true;
|
||
device = "/dev/sdb";
|
||
};
|
||
|
||
networking = {
|
||
hostName = "home"; # Define your hostname.
|
||
|
||
useDHCP = false;
|
||
interfaces = {
|
||
enp3s0.useDHCP = true;
|
||
wlp11s0f3u2.useDHCP = true;
|
||
};
|
||
|
||
networkmanager.enable = true;
|
||
firewall.allowedTCPPortRanges = [
|
||
{ from = 1300; to = 1400; }
|
||
];
|
||
};
|
||
|
||
local.nix.allowUnfreePackages = [ "cnijfilter2" ];
|
||
|
||
services.openssh.enable = true;
|
||
|
||
services = {
|
||
avahi = {
|
||
enable = true;
|
||
nssmdns = true;
|
||
};
|
||
printing = {
|
||
enable = true;
|
||
drivers = with pkgs; [ gutenprint cnijfilter2 ];
|
||
};
|
||
};
|
||
|
||
services.xserver = {
|
||
# All monitors in the right order
|
||
# Source: https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/services/x11/xserver.nix#L83
|
||
xrandrHeads = [
|
||
{
|
||
output = "HDMI-1";
|
||
monitorConfig = ''
|
||
Option "PreferredMode" "1920x1080"
|
||
Option "Rotate" "right"
|
||
'';
|
||
}
|
||
{
|
||
output = "DP-1";
|
||
primary = true;
|
||
monitorConfig = ''
|
||
Option "PreferredMode" "2560x1440"
|
||
'';
|
||
}
|
||
];
|
||
};
|
||
|
||
services.logind.extraConfig = ''
|
||
# don’t shutdown when power button is short-pressed
|
||
HandlePowerKey=ignore
|
||
'';
|
||
|
||
# Enable the Docker
|
||
virtualisation.docker.enable = true;
|
||
|
||
# Additional nix configs
|
||
local.nix.enableMyRegistry = true;
|
||
|
||
# Wireguard client
|
||
age.secrets.wireguard-home-private = {
|
||
file = ../../../secrets/wireguard-home-private.age;
|
||
mode = "0400";
|
||
};
|
||
local.wireguard = {
|
||
enable = true;
|
||
ip = "10.20.30.3/24";
|
||
privateKeyFile = config.age.secrets.wireguard-home-private.path;
|
||
};
|
||
|
||
# Invisible internet project
|
||
services.i2pd = {
|
||
enable = true;
|
||
proto.httpProxy.enable = true;
|
||
proto.http.enable = true;
|
||
};
|
||
|
||
services.transmission.enable = true;
|
||
}
|