dotfiles/nixos/configuration.nix

{ config, pkgs, ... }:

let
  unstableTarball = fetchTarball https://github.com/NixOS/nixpkgs-channels/archive/nixos-unstable.tar.gz;
in
{
  imports =
    [
      /etc/nixos/hardware-configuration.nix
      ./vscode.nix
    ];

  nixpkgs.config = {
    allowUnfree = true;
    packageOverrides = pkgs: {
      vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; };
      unstable = import unstableTarball {
        config = config.nixpkgs.config;
      };
      cyplo = import "/home/cyryl/dev/nixpkgs/" {
        config = config.nixpkgs.config;
      };
    };
  };

  environment.systemPackages = with pkgs; [
    wget git zsh gnupg curl tmux python36Packages.glances
    gnomeExtensions.gsconnect
    (
      vim_configurable.override {
        python = python3;
      }
    )
  ];

  networking.hostName = "skinnyv";
  # gsconnect
  networking.firewall.allowedTCPPortRanges = [ { from = 1716; to = 1764; }  ];
  networking.firewall.allowedUDPPortRanges = [ { from = 1716; to = 1764; }  ];

  i18n.defaultLocale = "en_GB.UTF-8";

  users.users.cyryl = {
    isNormalUser = true;
    extraGroups = [ "wheel" "networkmanager" "video" "scanner" "lp" "docker" "vboxusers"];
      packages = with pkgs; [
        firefox chromium alacritty zsh keepass fontconfig go nodejs rustup gcc gdb
        binutils xclip pkgconfig veracrypt gitAndTools.diff-so-fancy
        gnome3.gnome-shell-extensions chrome-gnome-shell gnomeExtensions.clipboard-indicator
        gnomeExtensions.caffeine gnomeExtensions.no-title-bar
        openjdk11 gimp restic glxinfo discord steam
        zoom-us
        nodejs-10_x hugo mercurial terraform libreoffice
        unzip tor-browser-bundle-bin aria vlc
        jetbrains.goland jetbrains.clion
        (wine.override { wineBuild = "wineWow"; })
        yubico-piv-tool yubikey-personalization yubikey-personalization-gui yubikey-manager-qt
      ];
    uid = 1000;
    shell = pkgs.zsh;
  };

  virtualisation.virtualbox.host = {
    enable = true;
    enableExtensionPack = true;
    enableHardening = false; #needed for 3D acceleration
  };


  virtualisation.docker = {
    enable = true;
    autoPrune.enable = true;
  };

  services = {
    fwupd.enable = true;

    printing = {
      enable = true;
      drivers = [ pkgs.epson-escpr ];
    };
    avahi = {
      enable = true;
      nssmdns = true;
    };

    syncthing = {
      enable = true;
      user = "cyryl";
      dataDir = "/home/cyryl/.syncthing";
      openDefaultPorts = true;
    };

    restic.backups.home = {
      passwordFile = "/etc/nixos/secrets/restic-password";
      paths = [ "/home" ];
      repository = "sftp:fetcher@brix:/mnt/data/backup-targets";
      timerConfig = { OnCalendar = "hourly"; };
    };

    gnome3.chrome-gnome-shell.enable = true;
    gnome3.gnome-keyring.enable = true;
    xserver = {
      enable = true;
      layout = "pl";
      libinput.enable = true;

      desktopManager = {
        gnome3.enable = true;
      };
      displayManager.gdm= {
        enable = true;
        wayland = false;
      };
    };
  };

  security.pam.services.gdm.enableGnomeKeyring = true;

  time.timeZone = "Europe/London";

  sound.enable = true;
  hardware.pulseaudio.enable = true;
  hardware.u2f.enable = true;
  hardware.brightnessctl.enable = true;
  hardware.cpu.intel.updateMicrocode = true;
  hardware.opengl = {
    enable = true;
    driSupport = true;
    driSupport32Bit = true;
    extraPackages = with pkgs; [
      vaapiIntel
      vaapiVdpau
      libvdpau-va-gl
      intel-media-driver
    ];
  };
  hardware.sane.enable = true;

  fileSystems."/".options = [ "noatime" "nodiratime" "discard" ];

  boot = {
    initrd.luks.devices = [
      {
        name = "root";
        device = "/dev/disk/by-uuid/8c76bf01-59b3-4c60-b853-e9cb77f3ca14";
        preLVM = true;
        allowDiscards = true;
      }
    ];
    loader.grub = {
      enable = true;
      version = 2;
      device = "nodev";
      efiSupport = true;
    };
    loader.efi.canTouchEfiVariables = true;
    kernelParams = [
      "i915.enable_rc6=7"
    ];
  };

  nix.gc.automatic = true;
  system.autoUpgrade.enable = true;
  system.stateVersion = "18.09";
}
Add nixos system configuration 2019-03-26 10:12:24 +00:00			`{ config, pkgs, ... }:`

Add gnome shell extensions 2019-03-26 12:32:59 +00:00			`let`
Enable gnome keyring 2019-04-19 20:36:53 +01:00			`unstableTarball = fetchTarball https://github.com/NixOS/nixpkgs-channels/archive/nixos-unstable.tar.gz;`
Add gnome shell extensions 2019-03-26 12:32:59 +00:00			`in`
Add nixos system configuration 2019-03-26 10:12:24 +00:00			`{`
			`imports =`
Add gnome shell extensions 2019-03-26 12:32:59 +00:00			`[`
Add nixos system configuration 2019-03-26 10:12:24 +00:00			`/etc/nixos/hardware-configuration.nix`
Extract vscode setup 2019-04-20 22:50:58 +01:00			`./vscode.nix`
Add nixos system configuration 2019-03-26 10:12:24 +00:00			`];`

Add gnome shell extensions 2019-03-26 12:32:59 +00:00			`nixpkgs.config = {`
Add virtualbox and autoupgrade 2019-04-05 22:02:20 +01:00			`allowUnfree = true;`
Add gnome shell extensions 2019-03-26 12:32:59 +00:00			`packageOverrides = pkgs: {`
Enable 3d acceleration in virtualbox 2019-04-06 11:29:48 +01:00			`vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; };`
Add gnome shell extensions 2019-03-26 12:32:59 +00:00			`unstable = import unstableTarball {`
			`config = config.nixpkgs.config;`
			`};`
Enable gnome keyring 2019-04-19 20:36:53 +01:00			`cyplo = import "/home/cyryl/dev/nixpkgs/" {`
			`config = config.nixpkgs.config;`
			`};`
Add gnome shell extensions 2019-03-26 12:32:59 +00:00			`};`
			`};`

Add nixos system configuration 2019-03-26 10:12:24 +00:00			`environment.systemPackages = with pkgs; [`
Add tor browser and aria 2019-04-13 09:42:13 +01:00			`wget git zsh gnupg curl tmux python36Packages.glances`
Move to gdm 2019-04-20 10:21:11 +01:00			`gnomeExtensions.gsconnect`
use python3 in vim 2019-04-03 13:33:44 +01:00			`(`
			`vim_configurable.override {`
			`python = python3;`
			`}`
			`)`
Add nixos system configuration 2019-03-26 10:12:24 +00:00			`];`

			`networking.hostName = "skinnyv";`
Move to nixos 19.03 2019-04-12 10:37:23 +01:00			`# gsconnect`
			`networking.firewall.allowedTCPPortRanges = [ { from = 1716; to = 1764; } ];`
			`networking.firewall.allowedUDPPortRanges = [ { from = 1716; to = 1764; } ];`
Add tor browser and aria 2019-04-13 09:42:13 +01:00
Add discord 2019-04-06 12:55:45 +01:00			`i18n.defaultLocale = "en_GB.UTF-8";`
Add nixos system configuration 2019-03-26 10:12:24 +00:00
			`users.users.cyryl = {`
			`isNormalUser = true;`
Add tor browser and aria 2019-04-13 09:42:13 +01:00			`extraGroups = [ "wheel" "networkmanager" "video" "scanner" "lp" "docker" "vboxusers"];`
Add gnome shell extensions 2019-03-26 12:32:59 +00:00			`packages = with pkgs; [`
Add tor browser and aria 2019-04-13 09:42:13 +01:00			`firefox chromium alacritty zsh keepass fontconfig go nodejs rustup gcc gdb`
Move to nixos 19.03 2019-04-12 10:37:23 +01:00			`binutils xclip pkgconfig veracrypt gitAndTools.diff-so-fancy`
Add tor browser and aria 2019-04-13 09:42:13 +01:00			`gnome3.gnome-shell-extensions chrome-gnome-shell gnomeExtensions.clipboard-indicator`
Move to gdm 2019-04-20 10:21:11 +01:00			`gnomeExtensions.caffeine gnomeExtensions.no-title-bar`
Specify vscode extensions in nix 2019-04-20 22:40:11 +01:00			`openjdk11 gimp restic glxinfo discord steam`
Move to nixos 19.03 2019-04-12 10:37:23 +01:00			`zoom-us`
			`nodejs-10_x hugo mercurial terraform libreoffice`
Add vlc 2019-04-13 09:49:20 +01:00			`unzip tor-browser-bundle-bin aria vlc`
Add IDEs 2019-04-14 14:14:56 +01:00			`jetbrains.goland jetbrains.clion`
Add Wine 2019-04-15 09:48:22 +01:00			`(wine.override { wineBuild = "wineWow"; })`
Add more lock security 2019-04-18 10:52:40 +01:00			`yubico-piv-tool yubikey-personalization yubikey-personalization-gui yubikey-manager-qt`
Add gnome shell extensions 2019-03-26 12:32:59 +00:00			`];`
Add nixos system configuration 2019-03-26 10:12:24 +00:00			`uid = 1000;`
			`shell = pkgs.zsh;`
			`};`

Add virtualbox and autoupgrade 2019-04-05 22:02:20 +01:00			`virtualisation.virtualbox.host = {`
			`enable = true;`
			`enableExtensionPack = true;`
Enable 3d acceleration in virtualbox 2019-04-06 11:29:48 +01:00			`enableHardening = false; #needed for 3D acceleration`
Add virtualbox and autoupgrade 2019-04-05 22:02:20 +01:00			`};`

Move to nixos 19.03 2019-04-12 10:37:23 +01:00
add docker 2019-04-03 13:37:24 +01:00			`virtualisation.docker = {`
			`enable = true;`
			`autoPrune.enable = true;`
			`};`

Refactor nix config - introduce better sections 2019-03-31 13:42:59 +01:00			`services = {`
			`fwupd.enable = true;`
Add small quality of life improvements to the nixos config 2019-03-31 13:36:20 +01:00
Add tor browser and aria 2019-04-13 09:42:13 +01:00			`printing = {`
Add printer 2019-04-08 11:09:37 +01:00			`enable = true;`
			`drivers = [ pkgs.epson-escpr ];`
			`};`
			`avahi = {`
			`enable = true;`
			`nssmdns = true;`
			`};`

Refactor nix config - introduce better sections 2019-03-31 13:42:59 +01:00			`syncthing = {`
			`enable = true;`
			`user = "cyryl";`
			`dataDir = "/home/cyryl/.syncthing";`
			`openDefaultPorts = true;`
			`};`
Add nixos system configuration 2019-03-26 10:12:24 +00:00
Add restic backups for nix plus some hardware settings 2019-04-03 11:38:01 +01:00			`restic.backups.home = {`
			`passwordFile = "/etc/nixos/secrets/restic-password";`
			`paths = [ "/home" ];`
			`repository = "sftp:fetcher@brix:/mnt/data/backup-targets";`
			`timerConfig = { OnCalendar = "hourly"; };`
			`};`

Enable gnome keyring 2019-04-19 20:36:53 +01:00			`gnome3.chrome-gnome-shell.enable = true;`
			`gnome3.gnome-keyring.enable = true;`
Refactor nix config - introduce better sections 2019-03-31 13:42:59 +01:00			`xserver = {`
			`enable = true;`
			`layout = "pl";`
			`libinput.enable = true;`
Add gnome shell extensions 2019-03-26 12:32:59 +00:00
Refactor nix config - introduce better sections 2019-03-31 13:42:59 +01:00			`desktopManager = {`
			`gnome3.enable = true;`
			`};`
Move to gdm 2019-04-20 10:21:11 +01:00			`displayManager.gdm= {`
			`enable = true;`
			`wayland = false;`
			`};`
Add gnome shell extensions 2019-03-26 12:32:59 +00:00			`};`
Add nixos system configuration 2019-03-26 10:12:24 +00:00			`};`
Add gnome shell extensions 2019-03-26 12:32:59 +00:00
Move to gdm 2019-04-20 10:21:11 +01:00			`security.pam.services.gdm.enableGnomeKeyring = true;`
Enable gnome keyring 2019-04-19 20:36:53 +01:00
Refactor nix config - introduce better sections 2019-03-31 13:42:59 +01:00			`time.timeZone = "Europe/London";`

Add nixos system configuration 2019-03-26 10:12:24 +00:00			`sound.enable = true;`
			`hardware.pulseaudio.enable = true;`
Add restic backups for nix plus some hardware settings 2019-04-03 11:38:01 +01:00			`hardware.u2f.enable = true;`
			`hardware.brightnessctl.enable = true;`
			`hardware.cpu.intel.updateMicrocode = true;`
Enable 3d acceleration in virtualbox 2019-04-06 11:29:48 +01:00			`hardware.opengl = {`
			`enable = true;`
Add steam 2019-04-06 17:10:03 +01:00			`driSupport = true;`
			`driSupport32Bit = true;`
Enable 3d acceleration in virtualbox 2019-04-06 11:29:48 +01:00			`extraPackages = with pkgs; [`
			`vaapiIntel`
			`vaapiVdpau`
			`libvdpau-va-gl`
Move to nixos 19.03 2019-04-12 10:37:23 +01:00			`intel-media-driver`
Enable 3d acceleration in virtualbox 2019-04-06 11:29:48 +01:00			`];`
			`};`
Add restic backups for nix plus some hardware settings 2019-04-03 11:38:01 +01:00			`hardware.sane.enable = true;`
Add nixos system configuration 2019-03-26 10:12:24 +00:00
			`fileSystems."/".options = [ "noatime" "nodiratime" "discard" ];`

Refactor nix config - introduce better sections 2019-03-31 13:42:59 +01:00			`boot = {`
			`initrd.luks.devices = [`
			`{`
			`name = "root";`
			`device = "/dev/disk/by-uuid/8c76bf01-59b3-4c60-b853-e9cb77f3ca14";`
			`preLVM = true;`
			`allowDiscards = true;`
			`}`
			`];`
			`loader.grub = {`
			`enable = true;`
			`version = 2;`
			`device = "nodev";`
			`efiSupport = true;`
			`};`
			`loader.efi.canTouchEfiVariables = true;`
Enable 3d acceleration in virtualbox 2019-04-06 11:29:48 +01:00			`kernelParams = [`
			`"i915.enable_rc6=7"`
			`];`
Refactor nix config - introduce better sections 2019-03-31 13:42:59 +01:00			`};`
Add nixos system configuration 2019-03-26 10:12:24 +00:00
Enable automatic gc 2019-04-07 22:42:58 +01:00			`nix.gc.automatic = true;`
Add virtualbox and autoupgrade 2019-04-05 22:02:20 +01:00			`system.autoUpgrade.enable = true;`
Add nixos system configuration 2019-03-26 10:12:24 +00:00			`system.stateVersion = "18.09";`
			`}`
Add gnome shell extensions 2019-03-26 12:32:59 +00:00