janis/nixos-config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
nixos-config/system/default.nix
janis bce366abdc
syncthing?
2025-09-03 17:18:15 +02:00

187 lines
4 KiB
Nix
Raw Blame History

{inputs, pkgs, config, ...}: {
imports = [
../options.nix
];
environment.systemPackages = with pkgs; [
# Basic utilities
zsh
wget
curl
git
vim
htop
linux-firmware
linuxHeaders
];
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
system.stateVersion = "25.05";
boot = {
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true;
# kernelModules = [];
kernelPackages = pkgs.linuxPackages_zen;
};
hardware = {
enableAllFirmware = true;
amdgpu.initrd.enable = true;
graphics = {
enable = true;
enable32Bit = true;
};
};
security = {
polkit.enable = true;
rtkit.enable = true;
sudo.wheelNeedsPassword = false; # Allow sudo without password
};
fonts = {
enableDefaultPackages = true;
packages = with pkgs; [
noto-fonts
noto-fonts-cjk-sans
noto-fonts-emoji
liberation_ttf
roboto
roboto-mono
twitter-color-emoji
nerd-fonts.fira-code
nerd-fonts.fira-mono
unicode-emoji
fira-sans
font-awesome
fira-mono
fira-code
material-icons
source-sans
source-code-pro
pkgs.nur.repos.redpz.sf-mono
inputs.apple-fonts.packages.${pkgs.system}.sf-pro-nerd
inputs.apple-fonts.packages.${pkgs.system}.sf-mono-nerd
inputs.apple-fonts.packages.${pkgs.system}.sf-compact-nerd
inputs.apple-fonts.packages.${pkgs.system}.ny-nerd
];
fontconfig = {
defaultFonts = {
monospace = ["SF Mono" "Fira Mono" "Noto Mono"];
serif = ["Noto Serif"];
sansSerif = ["SF Pro Text" "Noto Sans" "Roboto"];
emoji = ["Twitter Color Emoji" "Noto Emoji"];
};
};
};
networking = {
nameservers = [ "9.9.9.9#dns.quad9.net" "1.1.1.1#one.one.one.one" ];
# networkmanager.wifi.backend = "iwd";
# networkmanager.enable = true;
wireless.iwd = {
enable = true;
settings = {
Settings ={
AutoConnect = true;
};
};
};
firewall = {
enable = true;
# ssh: 22 TCP
# cups: 631 TCP
# syncthing:
# 22000 TCP and/or UDP for sync traffic
# 21027/UDP for discovery
allowedTCPPorts = [ 22 22000 631 ];
allowedUDPPorts = [ 22000 21027 ];
};
};
time.timeZone = "Europe/Amsterdam";
i18n.defaultLocale = "en_GB.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "uk";
};
services = {
qemuGuest.enable = config.vmGuest;
spice-vdagentd.enable = config.vmGuest;
dbus.implementation = "broker";
connman = {
enable = true;
wifi.backend = "iwd"; # Use iwd for Wi-Fi management.
extraFlags = [ "--nodnsproxy" ];
};
resolved = {
enable = true;
dnssec = "true";
domains = ["~."];
fallbackDns = [ "9.9.9.9#dns.quad9.net" "149.112.112.112#dns.quad9.net" "1.1.1.1#one.one.one.one" "1.0.0.1#one.one.one.one" ];
dnsovertls = "true";
};
thermald.enable = true;
tlp = {
enable = true;
settings = {
START_CHARGE_THRESH_BAT0 = 50;
STOP_CHARGE_THRESH_BAT0 = 85;
};
};
auto-cpufreq = {
enable = true;
settings = {
battery = {
governor = "powersave"; # Set the CPU governor to powersave.
energy_performance_preference = "powersave";
turbo = "never";
# enable_thresholds = true;
# start_threshold = 50;
# stop_threshold = 90;
};
charger = {
governor = "performance"; # Set the CPU governor to performance when charging.
turbo = "auto";
};
};
};
pipewire = {
enable = true;
pulse.enable = true;
alsa.enable = true;
alsa.support32Bit = true;
};
openssh = {
enable = true;
settings = {
PasswordAuthentication = true; # Enable password authentication.
PermitRootLogin = "yes"; # Allow root login (not recommended for production).
};
};
libinput.enable = true;
};
}
Reference in a new issue View git blame Copy permalink