{ pkgs, config, ... }: let mkConnection = name: cfg: { connection = { id = name; type = "wifi"; }; ipv4 = { method = "auto"; }; ipv6 = { method = "auto"; }; wifi = { ssid = name; mode = "infrastructure"; }; wifi-security = { auth-alg = "open"; key-mgmt = "wpa-psk"; psk = cfg.id; }; }; connections = { "The Buttshark" = { id = "$THE_BUTTSHARK"; }; "5G Research Tower (5000 Watt)" = { id = "$RESEARCH_TOWER"; }; "5G Research Tower (2400 Watt)" = { id = "$RESEARCH_TOWER"; }; }; in { services.pcscd.enable = true; services.xserver.videoDrivers = ["nvidia"]; hardware.opengl.extraPackages = [ pkgs.intel-compute-runtime pkgs.intel-media-driver ]; services.thermald.enable = true; services.fwupd.enable = true; environment.systemPackages = with pkgs; [ wireguard-tools # Podman dive podman-tui docker-compose # CUDA pciutils file gnumake gcc cudatoolkit ]; hardware.nvidia = { package = config.boot.kernelPackages.nvidiaPackages.stable; modesetting.enable = true; powerManagement.enable = false; powerManagement.finegrained = true; open = false; nvidiaSettings = true; prime = { intelBusId = "PCI:0:2:0"; nvidiaBusId = "PCI:1:0:0"; offload = { enable = true; enableOffloadCmd = true; }; }; }; systemd.services.nvidia-control-devices = { wantedBy = [ "multi-user.target" ]; serviceConfig.ExecStart = "${pkgs.linuxPackages.nvidia_x11.bin}/bin/nvidia-smi"; }; specialisation = { docked.configuration = { system.nixos.tags = [ "docked" ]; hardware.nvidia = { powerManagement.finegrained = pkgs.lib.mkForce false; prime.offload.enable = pkgs.lib.mkForce false; prime.offload.enableOffloadCmd = pkgs.lib.mkForce false; prime.sync.enable = pkgs.lib.mkForce true; }; }; }; services.udev.packages = [ pkgs.yubikey-personalization ]; services.logind.extraConfig = ''HandlePowerKey=ignore''; # Enable common container config files in /etc/containers virtualisation.containers.enable = true; virtualisation = { podman = { enable = true; dockerCompat = true; defaultNetwork.settings.dns_enabled = true; }; }; services.ollama = { enable = true; acceleration = "cuda"; }; # Calendar programs.dconf.enable = true; services.gnome.evolution-data-server.enable = true; services.gnome.gnome-online-accounts.enable = true; services.gnome.gnome-keyring.enable = true; # Add the server using gnome-online-accounts: # nix-shell -p gnome.gnome-control-center --run "gnome-control-center" # Just add the main webdav server and gnome-calendar will automatically pick up all available calendars. # networking.nameservers = [ "1.1.1.1#one.one.one.one" "1.0.0.1#one.one.one.one" ]; # services.resolved = { # enable = true; # dnssec = "true"; # domains = [ "~." ]; # fallbackDns = [ "1.1.1.1#one.one.one.one" "1.0.0.1#one.one.one.one" ]; # dnsovertls = "true"; # }; networking.wg-quick.interfaces = { wg0 = { address = [ "10.0.0.5/24" "2a02:a03f:83ad:2101::5/128" ]; # dns = [ "10.0.0.1" "fdc9:281f:04d7:9ee9::1" ]; privateKeyFile = "/home/user/.secrets/Wireguard/Aloria.key"; listenPort = 51820; postUp = "resolvectl dns wg0 10.0.0.1; resolvectl domain wg0 ~thomasave.be;"; peers = [{ publicKey = "/9ppjm3yeD0duDvxrqgcHscHmftXko+0s2RbivNEy2c="; allowedIPs = [ "10.0.0.1/8" "192.168.1.2/32" ]; endpoint = "h.thomasave.be:13231"; persistentKeepalive = 25; }]; }; }; networking.networkmanager = { enable = true; ensureProfiles = { environmentFiles = [ "/home/user/.secrets/Wireless/Aloria.env" ]; profiles = pkgs.lib.mapAttrs mkConnection connections; }; dns = "systemd-resolved"; }; networking.networkmanager.wifi.backend = "iwd"; networking.wireless.iwd.enable = true; networking.wireless.iwd.settings = { IPv6 = { Enabled = true; }; Settings = { AutoConnect = true; }; }; services.resolved = { enable = true; fallbackDns = [ "1.1.1.1" "1.0.0.1" ]; }; hardware.bluetooth.enable = true; hardware.bluetooth.powerOnBoot = true; services.blueman.enable = true; systemd.user.services.mpris-proxy = { description = "Mpris proxy"; after = [ "network.target" "sound.target" ]; wantedBy = [ "default.target" ]; serviceConfig.ExecStart = "${pkgs.bluez}/bin/mpris-proxy"; }; hardware.bluetooth.settings = { General = { Experimental = true; }; }; fileSystems."/home/server" = { device = "10.1:/home/server"; fsType = "nfs"; options = [ "x-systemd.automount" "x-systemd.mount-timeout=1" "_netdev" "noauto" "timeo=1" ]; }; fileSystems."/home/user/Workspace" = { device = "10.1:/home/server/Workspace"; fsType = "nfs"; options = [ "x-systemd.automount" "x-systemd.mount-timeout=1" "_netdev" "noauto" "timeo=1" ]; }; fileSystems."/home/user/Documents" = { device = "10.1:/home/server/Storage/Thomas/Documents"; fsType = "nfs"; options = [ "x-systemd.automount" "x-systemd.mount-timeout=1" "_netdev" "noauto" "timeo=1" ]; }; fileSystems."/home/user/Pictures" = { device = "10.1:/home/server/Storage/Thomas/Pictures"; fsType = "nfs"; options = [ "x-systemd.automount" "x-systemd.mount-timeout=1" "_netdev" "noauto" "timeo=1" ]; }; fileSystems."/home/user/Videos" = { device = "10.1:/home/server/Storage/Thomas/Videos"; fsType = "nfs"; options = [ "x-systemd.automount" "x-systemd.mount-timeout=1" "_netdev" "noauto" "timeo=1" ]; }; }