{ pkgs, lib, inputs, config, ... }: let serverIP = "10.0.0.1"; in { imports = [ (import ../Common/default.nix { inherit inputs pkgs config; }) (import ../Common/desktop.nix { inherit inputs pkgs config; }) (import ../Common/nfs.nix { inherit pkgs serverIP; }) (import ../Common/zfs.nix {inherit inputs pkgs config; }) (import ../Common/android.nix { inherit pkgs serverIP; }) ]; hardware.graphics.extraPackages = [ pkgs.intel-compute-runtime pkgs.intel-media-driver ]; zramSwap.enable = true; services.upower.enable = true; services.logind.extraConfig = ''HandlePowerKey=ignore''; services.throttled.enable = true; networking.hostId = "4e859062"; networking.interfaces.wlan0.useDHCP = lib.mkDefault false; networking.wireless.iwd.enable = true; networking.wireless.iwd.settings = { IPv6 = { Enabled = true; }; Settings = { AutoConnect = true; }; General = { EnableNetworkConfiguration = true; }; }; # systemd.services.fprintd = { # wantedBy = [ "multi-user.target" ]; # serviceConfig.Type = "simple"; # }; # services.fprintd = { # enable = true; # tod = { # enable = true; # driver = pkgs.libfprint-2-tod1-broadcom; # }; # }; # security.pam.services.sudo.fprintAuth = true; # virtualisation virtualisation.libvirtd.enable = true; virtualisation.libvirtd.qemu.ovmf.enable = true; virtualisation.spiceUSBRedirection.enable = true; programs.virt-manager.enable = true; users.users.user.extraGroups = [ "libvirtd" ]; services.tlp = { enable = true; settings = { CPU_SCALING_GOVERNOR_ON_AC = "performance"; CPU_SCALING_GOVERNOR_ON_BAT = "powersave"; CPU_ENERGY_PERF_POLICY_ON_BAT = "power"; CPU_ENERGY_PERF_POLICY_ON_AC = "performance"; CPU_MIN_PERF_ON_AC = 0; CPU_MAX_PERF_ON_AC = 100; CPU_MIN_PERF_ON_BAT = 0; CPU_MAX_PERF_ON_BAT = 20; #Optional helps save long term battery health START_CHARGE_THRESH_BAT0 = 40; # 40 and bellow it starts to charge STOP_CHARGE_THRESH_BAT0 = 80; # 80 and above it stops charging }; }; systemd.network.enable = true; networking.useNetworkd = true; systemd.network.config.networkConfig = { ManageForeignRoutingPolicyRules = false; ManageForeignRoutes = false; SpeedMeter = true; }; systemd.services.systemd-networkd-wait-online.enable = lib.mkForce false; networking.wg-quick.interfaces = { Tunnel = { address = [ "10.0.0.5/24" "2a02:a03f:83ad:2101::5/128" ]; privateKeyFile = "/home/user/.secrets/Wireguard/Aloria.key"; listenPort = 51820; autostart = false; postUp = "resolvectl dns Tunnel 10.0.0.1; resolvectl domain Tunnel ~thomasave.be;"; dns = ["10.0.0.1"]; peers = [{ publicKey = "/9ppjm3yeD0duDvxrqgcHscHmftXko+0s2RbivNEy2c="; allowedIPs = [ "0.0.0.0/0" "::/0" ]; endpoint = "h.thomasave.be:13231"; persistentKeepalive = 25; }]; }; OPNsense = { address = [ "10.0.0.5/24" "2a02:a03f:83ad:2101::5/128" ]; privateKeyFile = "/home/user/.secrets/Wireguard/Aloria.key"; listenPort = 51820; autostart = true; postUp = "resolvectl dns OPNsense 10.0.0.1; resolvectl domain OPNsense ~thomasave.be;"; dns = ["10.0.0.1"]; peers = [{ publicKey = "/9ppjm3yeD0duDvxrqgcHscHmftXko+0s2RbivNEy2c="; allowedIPs = [ "10.0.0.1/8" "192.168.1.2/32" ]; endpoint = "h.thomasave.be:13231"; persistentKeepalive = 25; }]; }; }; systemd.services."wg-quick-OPNsense" = { serviceConfig = { Restart = "on-failure"; RestartSec = "2s"; }; unitConfig.StartLimitIntervalSec = 0; }; }