96 lines
2.2 KiB
Nix
96 lines
2.2 KiB
Nix
{ config, lib, modulesPath, inputs, stable_pkgs, unstable_pkgs, ... }:
|
|
|
|
{
|
|
imports =
|
|
[ # Include the results of the hardware scan.
|
|
(modulesPath + "/installer/scan/not-detected.nix")
|
|
#./hardware-configuration.nix
|
|
../../nixos
|
|
../../../users/blake
|
|
../../../modules/desktop
|
|
../../../modules/system
|
|
];
|
|
|
|
home-manager.users.blake.imports = [
|
|
../../../users/blake/hosts/yveltal.nix
|
|
];
|
|
|
|
system = {
|
|
ssh.enable = true;
|
|
sops.enable = true;
|
|
yubikey.enable = true;
|
|
tailscale.enable = true;
|
|
syncthing.enable = true;
|
|
graphics = {
|
|
enable = true;
|
|
vendor = "intel";
|
|
};
|
|
};
|
|
|
|
desktop = {
|
|
hypr.enable = true;
|
|
greetd.enable = true;
|
|
};
|
|
|
|
# fix power buttons
|
|
services.logind.settings.Login = {
|
|
HandlePowerKey = "suspend";
|
|
HandleLidSwitch = "suspend";
|
|
#HibernateDelaySec = "30min";
|
|
};
|
|
|
|
# boot (systemd is growing on me)
|
|
boot = {
|
|
kernelModules = [ "kvm-intel" ];
|
|
extraModulePackages = [ ];
|
|
loader = {
|
|
systemd-boot.enable = true; # systemd your pretty cool ya know
|
|
efi.canTouchEfiVariables = true;
|
|
};
|
|
initrd = {
|
|
systemd.enable = true; # better logging
|
|
availableKernelModules = [ "xhci_pci" "thunderbolt" "vmd" "nvme" "usb_storage" "sd_mod" ];
|
|
kernelModules = [ ];
|
|
};
|
|
};
|
|
|
|
# setup hostname and networking stack
|
|
services.resolved = {
|
|
enable = true;
|
|
fallbackDns = [ "1.1.1.1" "9.9.9.9" ];
|
|
dnsovertls = "opportunistic";
|
|
};
|
|
networking = {
|
|
hostName = "yveltal"; # hostname
|
|
useDHCP = lib.mkDefault true;
|
|
interfaces = {
|
|
wlp0s20f3.useDHCP = lib.mkDefault true;
|
|
};
|
|
networkmanager = {
|
|
enable = true; # the goat
|
|
dns = "systemd-resolved"; # the backup dancer!
|
|
};
|
|
};
|
|
|
|
hardware.bluetooth.enable = true;
|
|
|
|
# Open ports in the firewall.
|
|
networking.firewall.allowedTCPPorts = [
|
|
22
|
|
];
|
|
|
|
networking.firewall.allowedUDPPorts = [ 51820 ];
|
|
# Or disable the firewall altogether.
|
|
networking.firewall.enable = true;
|
|
|
|
system.stateVersion = "25.05"; # stays here : )
|
|
|
|
|
|
# hardware shit
|
|
|
|
|
|
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
|
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
|
}
|
|
|