{ pkgs, pkgs-unstable, ... }: { # Bootloader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; # enable sysrq support for REISUB boot.kernel.sysctl."kernel.sysrq" = "1"; # Enable networking networking.networkmanager.enable = true; # setup magicdns for tailscale networking.nameservers = ["100.100.100.100" "1.1.1.1" "8.8.8.8"]; networking.search = ["hummingbird-stork.ts.net"]; networking.firewall.allowedUDPPorts = [ # tailscale magicdns 53 ]; # Set your time zone. time.timeZone = "Europe/Paris"; # Select internationalisation properties. i18n.defaultLocale = "en_US.UTF-8"; i18n.extraLocaleSettings = { LC_ADDRESS = "fr_FR.UTF-8"; LC_IDENTIFICATION = "fr_FR.UTF-8"; LC_MEASUREMENT = "fr_FR.UTF-8"; LC_MONETARY = "fr_FR.UTF-8"; LC_NAME = "fr_FR.UTF-8"; LC_NUMERIC = "fr_FR.UTF-8"; LC_PAPER = "fr_FR.UTF-8"; LC_TELEPHONE = "fr_FR.UTF-8"; LC_TIME = "fr_FR.UTF-8"; }; # Enable the X11 windowing system. # You can disable this if you're only using the Wayland session. services.xserver.enable = true; # Enable the KDE Plasma Desktop Environment. services.displayManager.sddm.enable = true; services.desktopManager.plasma6.enable = true; # does this add river to sddm menu? programs.river.enable = true; # Configure keymap in X11 services.xserver = { xkb = { layout = "us"; variant = ""; options = "ctrl:nocaps"; }; }; # Configure console keymap console.keyMap = "fr"; # Enable CUPS to print documents. services.printing.enable = true; # Enable sound with pipewire. hardware.pulseaudio.enable = false; security.rtkit.enable = true; services.pipewire = { enable = true; alsa.enable = true; alsa.support32Bit = true; pulse.enable = true; wireplumber.enable = true; # If you want to use JACK applications, uncomment this #jack.enable = true; # use the example session manager (no others are packaged yet so this is enabled by default, # no need to redefine it in your config for now) #media-session.enable = true; }; # Enable touchpad support (enabled default in most desktopManager). # services.xserver.libinput.enable = true; # Define a user account. Don't forget to set a password with ‘passwd’. users.users.khais = { createHome = true; initialPassword = "asunarovow"; isNormalUser = true; description = "Khaïs COLIN"; extraGroups = ["networkmanager" "wheel" "podman" "libvirtd" "music" "cdrom"]; shell = pkgs.zsh; }; # access to /pile/Music users.groups.music = {}; users.users.guest = { createHome = true; isNormalUser = true; description = "Guest Account"; extraGroups = ["networkmanager"]; shell = pkgs.zsh; packages = with pkgs; [ mpv vlc ]; }; # Install firefox. programs.firefox.enable = true; # chroot jail programs.firejail.enable = true; # shell programs.zsh.enable = true; programs.steam = { enable = true; remotePlay.openFirewall = true; dedicatedServer.openFirewall = true; localNetworkGameTransfers.openFirewall = true; }; # Allow unfree packages nixpkgs.config.allowUnfree = true; # allow specific insecure packages nixpkgs.config.permittedInsecurePackages = [ # needed for archivebox. Maintainer says that none of the cve are in code paths used by archivebox "python3.12-django-3.1.14" ]; # List packages installed in system profile. To search, run: # $ nix search wget environment.systemPackages = with pkgs; [ neovim home-manager git gnumake cifs-utils tailscale wluma # man pages man-pages man-pages-posix # kde kdePackages.kate kdePackages.plasma-workspace kdePackages.dolphin # fix kde apps having no icons kdePackages.qtsvg thunderbird-128 # for screen sharing xdg-desktop-portal xdg-desktop-portal-kde ]; # set user environment variables environment.sessionVariables = { # I don't know what this does, but it is needed for wluma to work correctly. # It will also slightly increase cpu usage (on wayland compositors), but shouldn't be too bad. WLR_DRM_NO_MODIFIERS = 1; # fix dolphin file associations not working XDG_MENU_PREFIX = "plasma-"; # fix cursor size for some apps XCURSOR_SIZE = 24; # fix screen sharing XDG_CURRENT_DESKTOP = "river"; }; # Some programs need SUID wrappers, can be configured further or are # started in user sessions. # programs.mtr.enable = true; # programs.gnupg.agent = { # enable = true; # enableSSHSupport = true; # }; # font configuration fonts = { packages = with pkgs; [ nerdfonts ibm-plex cm_unicode ]; fontconfig = { defaultFonts = { monospace = ["VictorMono NF Medium"]; sansSerif = ["IBM Plex Sans"]; serif = ["CMU Serif"]; }; }; }; services.tailscale = { enable = true; useRoutingFeatures = "both"; extraUpFlags = ["--ssh"]; }; # enable wluma for automatic brightness adjustment systemd.user.services.wluma = { enable = true; description = "Adjusting screen brightness based on screen contents and amount of ambient light"; after = ["graphical-session.target"]; partOf = ["graphical-session.target"]; serviceConfig = { ExecStart = "${pkgs.wluma}/bin/wluma"; Restart = "always"; }; wantedBy = ["graphical-session.target"]; }; programs.gnupg.agent = { enable = true; enableSSHSupport = true; }; # Enable the OpenSSH daemon. services.openssh.enable = true; # enable manpages documentation documentation = { man = { enable = true; generateCaches = true; }; info.enable = true; dev.enable = true; # linux man-pages project, dev documenation }; # enable docker virtualization virtualisation.podman = { enable = true; # create alias mapping docker to podman dockerCompat = true; dockerSocket.enable = true; }; # enable VAAPI and intel QSV # enable vaapi nixpkgs.config.packageOverrides = pkgs: { vaapiIntel = pkgs.vaapiIntel.override {enableHybridCodec = true;}; }; hardware.graphics = { enable = true; extraPackages = with pkgs; [ intel-media-driver intel-vaapi-driver libvdpau-va-gl vaapiVdpau intel-compute-runtime pkgs-unstable.vpl-gpu-rt intel-media-sdk ]; }; # enable hardware acceleration for qemu virtualisation.libvirtd.enable = true; programs.virt-manager.enable = true; services.syncthing = { enable = true; user = "khais"; configDir = "/home/khais/.config/syncthing"; }; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "24.05"; # Did you read the comment? # flakes nix.settings.experimental-features = ["nix-command" "flakes"]; # automatically collect garbage nix.gc = { automatic = true; dates = "weekly"; options = "--delete-older-than 60d"; }; # enable support for non-nix executables programs.nix-ld.enable = true; programs.nix-ld.libraries = [ pkgs.libjpeg8 pkgs.libGL pkgs.freetype pkgs.libvorbis pkgs.libogg pkgs.libpulseaudio pkgs.vulkan-loader pkgs.xorg.libX11 pkgs.xorg.libxcb pkgs.xorg.libXrandr ]; # bluetooth hardware.bluetooth.enable = true; hardware.bluetooth.powerOnBoot = true; # gui for configuration services.blueman.enable = true; hardware.bluetooth.settings = { General = { # support for modern headsetes Enable = "Source,Sink,Media,Socket"; # show battery level Experimental = true; }; }; # bluetooth mpris play-pause media control systemd.user.services.mpris-proxy = { description = "Mpris proxy"; after = [ "network.target" "sound.target" ]; wantedBy = [ "default.target" ]; serviceConfig.ExecStart = "${pkgs.bluez}/bin/mpris-proxy"; }; home-manager.backupFileExtension = "backup"; }