dotfiles/nixos/configuration.nix
2019-04-20 22:40:11 +01:00

310 lines
8.9 KiB
Nix

{ config, pkgs, ... }:
let
unstableTarball = fetchTarball https://github.com/NixOS/nixpkgs-channels/archive/nixos-unstable.tar.gz;
in
{
imports =
[
/etc/nixos/hardware-configuration.nix
];
nixpkgs.config = {
allowUnfree = true;
packageOverrides = pkgs: {
vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; };
unstable = import unstableTarball {
config = config.nixpkgs.config;
};
cyplo = import "/home/cyryl/dev/nixpkgs/" {
config = config.nixpkgs.config;
};
};
};
environment.systemPackages = with pkgs; [
wget git zsh gnupg curl tmux python36Packages.glances
gnomeExtensions.gsconnect
(
vim_configurable.override {
python = python3;
}
)
];
networking.hostName = "skinnyv";
# gsconnect
networking.firewall.allowedTCPPortRanges = [ { from = 1716; to = 1764; } ];
networking.firewall.allowedUDPPortRanges = [ { from = 1716; to = 1764; } ];
i18n.defaultLocale = "en_GB.UTF-8";
users.users.cyryl = {
isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" "video" "scanner" "lp" "docker" "vboxusers"];
packages = with pkgs; [
firefox chromium alacritty zsh keepass fontconfig go nodejs rustup gcc gdb
binutils xclip pkgconfig veracrypt gitAndTools.diff-so-fancy
gnome3.gnome-shell-extensions chrome-gnome-shell gnomeExtensions.clipboard-indicator
gnomeExtensions.caffeine gnomeExtensions.no-title-bar
openjdk11 gimp restic glxinfo discord steam
(unstable.vscode-with-extensions.override {
vscodeExtensions = with vscode-extensions; [ bbenoist.Nix ms-python.python ]
++ vscode-utils.extensionsFromVscodeMarketplace [
{
publisher = "2gua";
name = "rainbow-brackets";
version = "0.0.6";
sha256 = "1m5c7jjxphawh7dmbzmrwf60dz4swn8c31svbzb5nhaazqbnyl2d";
}
{
publisher = "vscodevim";
name = "vim";
version = "1.4.0";
sha256 = "0vfhvsp485rgik3pjzbpnc4jxrjpiykynl563a16rlz8h85x2m4f";
}
{
publisher = "swyphcosmo";
name = "spellchecker";
version = "1.2.13";
sha256 = "1lr33lf01afgi74c1a9gylk92li4hyq24l8bki4l6ggl4z4c2h3w";
}
{
publisher = "asabil";
name = "meson";
version = "1.1.1";
sha256 = "00cc28a2nb325f54bx51wf5q15x1pmsn0j9z6rnxxqxwii1dm5cl";
}
{
publisher = "bungcip";
name = "better-toml";
version = "0.3.2";
sha256 = "08lhzhrn6p0xwi0hcyp6lj9bvpfj87vr99klzsiy8ji7621dzql3";
}
{
publisher = "codezombiech";
name = "gitignore";
version = "0.6.0";
sha256 = "0gnc0691pwkd9s8ldqabmpfvj0236rw7bxvkf0bvmww32kv1ia0b";
}
{
publisher = "DavidAnson";
name = "vscode-markdownlint";
version = "0.26.0";
sha256 = "0g4pssvajn7d8p2547v7313gjyqx4pzs7cbjws2s3v2fk1sw7vbj";
}
{
publisher = "esbenp";
name = "prettier-vscode";
version = "1.8.1";
sha256 = "0qcm2784n9qc4p77my1kwqrswpji7bp895ay17yzs5g84cj010ln";
}
{
publisher = "hbenl";
name = "vscode-test-explorer";
version = "2.9.3";
sha256 = "1yf85hgvganxq5n5jff9ckn3smxd6xi79cgn6k53qi5w1r5rahy0";
}
{
publisher = "hbenl";
name = "vscode-test-explorer-liveshare";
version = "1.0.4";
sha256 = "0a57cm8bjfvz2whkr6krjv3whv9c7sdzlrjwdr5zaz78nxn9dfy7";
}
{
publisher = "lextudio";
name = "restructuredtext";
version = "106.0.0";
sha256 = "096r8071202nxi1is6z7dghcmpsh0f0mm3mp3cfh1yj2mnyzlaxa";
}
{
publisher = "lostintangent";
name = "vsls-pomodoro";
version = "0.1.0";
sha256 = "1b73zbkhlhacvi18cx4g3n6randy3hw9cab1gkw5gzb3375w7w3p";
}
{
publisher = "lostintangent";
name = "vsls-whiteboard";
version = "0.0.8";
sha256 = "13fcay9bs861msb5y694casbw66dmhl504xm5cvprssx1qka186p";
}
{
publisher = "mauve";
name = "terraform";
version = "1.3.9";
sha256 = "0hnarr21rivvv41y5x1sp0skdmzwz7zi9aya3n5z1b13ir7lyy42";
}
{
publisher = "mechatroner";
name = "rainbow-csv";
version = "1.0.0";
sha256 = "1fyamgm7zq31r3c00cn6pcb66rrkfhwfmp72qnhrajydmnvcnbg6";
}
{
publisher = "ms-vscode";
name = "Go";
version = "0.9.2";
sha256 = "0yxnsby8zz1dvnx8nqrhi4xx316mpjf2hs2c5r6fkzh8zhjccwqz";
}
{
publisher = "ms-vsliveshare";
name = "vsliveshare";
version = "1.0.67";
sha256 = "1shy9xaqz1wsyzzz5z8g409ma5h5kaic0y7bc1q2nxy60gbq828n";
}
{
publisher = "ms-vsliveshare";
name = "vsliveshare-audio";
version = "0.1.48";
sha256 = "1lccsyhj3mgbacw76hikgml85hi82zipaza1194nqnj1inhci80b";
}
{
publisher = "PeterJausovec";
name = "vscode-docker";
version = "0.6.1";
sha256 = "0clxy66qi5c3k5di5xsjm3vjib525xq89z1q2h3a5x5qwvbvd0mj";
}
{
publisher = "ritwickdey";
name = "LiveServer";
version = "5.6.1";
sha256 = "077arf3hsn1yb8xdhlrax5gf93ljww78irv4gm8ffmsqvcr1kws0";
}
{
publisher = "ronnidc";
name = "nunjucks";
version = "0.2.3";
sha256 = "119xgyn1dggw2rcqkn2mnz364iw5jlrxg7pcydbijsqj5d3zdfsf";
}
{
publisher = "rust-lang";
name = "rust";
version = "0.6.1";
sha256 = "0f66z6b374nvnrn7802dg0xz9f8wq6sjw3sb9ca533gn5jd7n297";
}
{
publisher = "serayuzgur";
name = "crates";
version = "0.4.2";
sha256 = "1knspsc98cfw4mhc0yaz0f2185sxdf9kn9qsysfs6c82g9wjaqcj";
}
];})
zoom-us
nodejs-10_x hugo mercurial terraform libreoffice
unzip tor-browser-bundle-bin aria vlc
jetbrains.goland jetbrains.clion
(wine.override { wineBuild = "wineWow"; })
yubico-piv-tool yubikey-personalization yubikey-personalization-gui yubikey-manager-qt
];
uid = 1000;
shell = pkgs.zsh;
};
virtualisation.virtualbox.host = {
enable = true;
enableExtensionPack = true;
enableHardening = false; #needed for 3D acceleration
};
virtualisation.docker = {
enable = true;
autoPrune.enable = true;
};
services = {
fwupd.enable = true;
printing = {
enable = true;
drivers = [ pkgs.epson-escpr ];
};
avahi = {
enable = true;
nssmdns = true;
};
syncthing = {
enable = true;
user = "cyryl";
dataDir = "/home/cyryl/.syncthing";
openDefaultPorts = true;
};
restic.backups.home = {
passwordFile = "/etc/nixos/secrets/restic-password";
paths = [ "/home" ];
repository = "sftp:fetcher@brix:/mnt/data/backup-targets";
timerConfig = { OnCalendar = "hourly"; };
};
gnome3.chrome-gnome-shell.enable = true;
gnome3.gnome-keyring.enable = true;
xserver = {
enable = true;
layout = "pl";
libinput.enable = true;
desktopManager = {
gnome3.enable = true;
};
displayManager.gdm= {
enable = true;
wayland = false;
};
};
};
security.pam.services.gdm.enableGnomeKeyring = true;
time.timeZone = "Europe/London";
sound.enable = true;
hardware.pulseaudio.enable = true;
hardware.u2f.enable = true;
hardware.brightnessctl.enable = true;
hardware.cpu.intel.updateMicrocode = true;
hardware.opengl = {
enable = true;
driSupport = true;
driSupport32Bit = true;
extraPackages = with pkgs; [
vaapiIntel
vaapiVdpau
libvdpau-va-gl
intel-media-driver
];
};
hardware.sane.enable = true;
fileSystems."/".options = [ "noatime" "nodiratime" "discard" ];
boot = {
initrd.luks.devices = [
{
name = "root";
device = "/dev/disk/by-uuid/8c76bf01-59b3-4c60-b853-e9cb77f3ca14";
preLVM = true;
allowDiscards = true;
}
];
loader.grub = {
enable = true;
version = 2;
device = "nodev";
efiSupport = true;
};
loader.efi.canTouchEfiVariables = true;
kernelParams = [
"i915.enable_rc6=7"
];
};
nix.gc.automatic = true;
system.autoUpgrade.enable = true;
system.stateVersion = "18.09";
}