~ruther/nixos-config

ref: 83a8a9540adf86155220703b70c5fbdc9c6c3def nixos-config/hosts/laptop-iapetus/default.nix -rw-r--r-- 3.2 KiB
83a8a954 — Frantisek Bohacek feat: some updates 1 year, 3 days ago 
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121

#
#  Specific system configuration settings for desktop
#
#  flake.nix
#   ├─ ./hosts
#   │   └─ ./laptop
#   │        ├─ default.nix *
#   │        └─ hardware-configuration.nix
#   └─ ./modules
#       ├─ ./desktop
#       │   ├─ ./bspwm
#       │   │   └─ default.nix
#       │   └─ ./virtualisation
#       │       └─ docker.nix
#       └─ ./hardware
#           └─ default.nix
#

{ inputs, config, pkgs, lib, user, ... }:

{
  imports =                                               # For now, if applying to other system, swap files
    [(import ./hardware-configuration.nix)] ++            # Current system hardware config @ /etc/nixos/hardware-configuration.nix
    [(import ../../modules/desktop/dm/sddm.nix)] ++       # Desktop manager
    [(import ../../modules/desktop/qtile/default.nix)] ++ # Window Manager
    (import ../../modules/hardware) ++
    (import ../../modules/desktop/virtualisation) ++
    [(import ../../modules/programs/fpga/vivado {
      inherit pkgs lib config;
      vivadoPath = "/data/fpga/xilinx/Vivado/2023.1/bin/vivado";
    })];                      # Hardware devices

  networking.hostName = "laptop-iapetus";

  boot = {                                  # Boot options
    kernelPackages = pkgs.linuxPackages_latest;

    loader = {                              # EFI Boot
      efi = {
        canTouchEfiVariables = true;
      };
      systemd-boot = {
        enable = true;
        editor = false;                     # Better security, disallows passing /bin/sh to start as root
        configurationLimit = 5;
      };
      timeout = 1;                          # Grub auto select time
    };

    initrd.luks.devices = {
      crypted = {
        device = "/dev/disk/by-label/root";
        preLVM = true;
      };
    };
  };

  environment = {
    systemPackages = with pkgs; [
      xorg.xf86videointel
    ];
  };


  hardware = {                              # No xbacklight, this is the alterantive
    brillo.enable = true;
  };

  programs = {
    xss-lock = let
    xsecurelock = (pkgs.xsecurelock.overrideAttrs(attrs: {
          postInstall = attrs.postInstall or "" + ''
            wrapProgram $out/bin/xsecurelock --set XSECURELOCK_COMPOSITE_OBSCURER 0
          '';
        }));
    in {
      enable = true;
      lockerCommand = "${xsecurelock}/bin/xsecurelock";
    };
  };

  services = {
    tlp.enable = true;                      # TLP and auto-cpufreq for power management
    logind.lidSwitch = "lock";           # lock on lid close
    auto-cpufreq.enable = true;
    blueman.enable = true;

    xserver.libinput = {
      enable = true;
      touchpad = {
        naturalScrolling = true;
        tapping = true;
      };
    };

    printing = {
      enable = true;
      drivers = [
        pkgs.splix
        pkgs.samsung-unified-linux-driver
      ];
    };
  };

  networking.wireguard.interfaces = {
    wg0 = {
      ips = [ "${inputs.semi-secrets.wg.lan.laptopIp}/32" ];
    };
  };

  nix = {
    settings = {
      substituters = [
        "desktop.local"
      ];
      trusted-substituters = [
        "desktop.local:3XEsbBcVpKcx0ViXnZwcagllTUazVnc+Rzx5DKUU1Rs="
      ];
    };
  };
}
Do not follow this link