unexplrd/nixos-blueprint
2
2
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
441c7ea119d681a1633eb28e511fe2e010c5b612
nixos-blueprint/hosts/dunamis/configuration.nix
unexplrd 8464dc0084 yeah 
Signed-off-by: unexplrd <unexplrd@linerds.us>
2025-03-25 14:42:38 +02:00

109 lines
2.2 KiB
Nix
Raw Blame History

{
pkgs,
config,
inputs,
...
}: {
imports = with inputs; [
chaotic.nixosModules.default
lix.nixosModules.default
self.nixosModules.desktop
self.nixosModules.system
./hardware.nix
./programs.nix
./stylix.nix
# ./stylix-light.nix
./disko.nix
./users.nix
./sops.nix
];
desktop = {
niri.enable = true;
};
nix = {
channel.enable = false;
settings.experimental-features = ["nix-command" "flakes"];
daemonCPUSchedPolicy = "idle";
sshServe.enable = true;
sshServe.keys = let
s = inputs.mysecrets;
in [
(builtins.readFile
"${s}/ssh/id_ed25519_sarien_user.pub")
];
};
system.stateVersion = "25.05";
time.timeZone = "Europe/Kyiv";
locale.ukrainian.enable = true;
networking = {
networkmanager.enable = true;
hostName = "dunamis";
};
boot = {
kernelPackages = pkgs.linuxPackages_cachyos;
# kernelPackages = pkgs.linuxPackages_latest;
plymouth.enable = true;
loader.efi.canTouchEfiVariables = true;
loader.systemd-boot = {
enable = true;
consoleMode = "auto";
};
};
console = {
earlySetup = true;
packages = [pkgs.terminus_font];
font = "${pkgs.terminus_font}/share/consolefonts/ter-c18n.psf.gz";
};
environment.memoryAllocator.provider = "mimalloc";
services = {
# hardware.openrgb.enable = true;
flatpak.enable = true;
fstrim.enable = true;
fwupd.enable = true;
openssh.enable = true;
syncthing.openDefaultPorts = true;
dnscrypt-proxy2 = {
enable = true;
settings = {
require_dnssec = true;
server_names = ["mullvad-doh"];
bootstrap_resolvers = ["9.9.9.11:53" "9.9.9.9:53"];
};
};
opensnitch = {
enable = false;
settings = {
DefaultAaction = "deny";
Firewall = "iptables";
InterceptUnknown = true;
ProcMonitorMethod = "ebpf";
};
};
};
services.scx = {
enable = true;
scheduler = "scx_flash";
};
security.basic.enable = true;
virtual = {
libvirt.enable = true;
podman.enable = false;
};
wireless.bluetooth.enableBlueman = false;
opentabletdriver.enable = false;
qmk-vial.enable = true;
}
Reference in New Issue View Git Blame Copy Permalink