{ pkgs, lib, inputs, config, ... }: let serverIP = "10.0.0.1"; in { imports = [ (import ../Common/default.nix {inherit inputs pkgs config;}) (import ../Common/desktop.nix {inherit inputs pkgs config;}) (import ../Common/nfs.nix {inherit pkgs serverIP;}) (import ../Common/zfs.nix {inherit inputs pkgs config;}) ]; hardware.graphics.extraPackages = [ pkgs.intel-compute-runtime pkgs.intel-media-driver ]; zramSwap.enable = true; services.upower.enable = true; services.logind.settings.Login = { HandlePowerKey = "suspend"; }; services.throttled.enable = true; services.thinkfan.enable = true; services.thinkfan.settings = { sensors = [ # Search for 'coretemp' anywhere in /sys/class/hwmon { hwmon = "/sys/class/hwmon"; name = "coretemp"; indices = [1]; } # Search for 'acpitz' { hwmon = "/sys/class/hwmon"; name = "acpitz"; indices = [1]; } # Search for 'nvme' { hwmon = "/sys/class/hwmon"; name = "nvme"; indices = [1]; } ]; fans = [ {tpacpi = "/proc/acpi/ibm/fan";} ]; levels = [ [0 0 45] [1 42 55] [2 50 60] [3 56 68] [5 64 78] [7 76 95] ]; }; programs.steam = { enable = true; gamescopeSession.enable = true; }; networking.hostId = "4e859062"; networking.interfaces.wlan0.useDHCP = lib.mkDefault true; networking.enableIPv6 = false; networking.wireless.iwd.enable = true; networking.wireless.iwd.settings = { IPv6 = { Enabled = false; }; Settings = { AutoConnect = true; }; }; systemd.services.fprintd = { wantedBy = ["multi-user.target"]; serviceConfig.Type = "simple"; }; services.fprintd = { enable = true; # tod = { # enable = true; # }; }; security.pam.services.sudo.fprintAuth = true; # virtualisation virtualisation.libvirtd.enable = true; virtualisation.spiceUSBRedirection.enable = true; programs.virt-manager.enable = true; users.users.user.extraGroups = ["libvirtd"]; services.tlp = { enable = true; settings = { START_CHARGE_THRESH_BAT0 = 40; # 40 and bellow it starts to charge STOP_CHARGE_THRESH_BAT0 = 80; # 80 and above it stops charging }; }; systemd.network.enable = true; networking.useNetworkd = true; systemd.network.config.networkConfig = { ManageForeignRoutingPolicyRules = false; ManageForeignRoutes = false; SpeedMeter = true; }; systemd.services.systemd-networkd-wait-online.enable = lib.mkForce false; networking.wg-quick.interfaces = { Tunnel = { address = ["10.0.0.5/24"]; privateKeyFile = "/home/user/.secrets/Wireguard/Aloria.key"; listenPort = 51820; autostart = false; postUp = "resolvectl dns Tunnel 10.0.0.1; resolvectl domain Tunnel ~thomasave.be;"; dns = ["10.0.0.1"]; peers = [ { publicKey = "/9ppjm3yeD0duDvxrqgcHscHmftXko+0s2RbivNEy2c="; allowedIPs = ["0.0.0.0/0" "::/0"]; endpoint = "external.thomasave.be:13231"; persistentKeepalive = 25; } ]; }; OPNsense = { address = ["10.0.0.5/24"]; privateKeyFile = "/home/user/.secrets/Wireguard/Aloria.key"; listenPort = 51820; autostart = true; postUp = "resolvectl dns OPNsense 10.0.0.1; resolvectl domain OPNsense ~thomasave.be;"; dns = ["10.0.0.1"]; peers = [ { publicKey = "/9ppjm3yeD0duDvxrqgcHscHmftXko+0s2RbivNEy2c="; allowedIPs = ["10.0.0.1/8" "192.168.1.2/32"]; endpoint = "external.thomasave.be:13231"; persistentKeepalive = 25; } ]; }; GCP = { address = ["10.5.0.5/24"]; privateKeyFile = "/home/user/.secrets/Wireguard/GCP.key"; listenPort = 51820; autostart = false; postUp = "resolvectl dns GCP 1.1.1.1;resolvectl dns wlan0 1.1.1.1;"; peers = [ { publicKey = "NEBNE4Czf2MkZF2X5aVhmofENH1uXjDpvXjIMJvfMFA="; allowedIPs = ["0.0.0.0/0"]; endpoint = "35.201.231.151:443"; persistentKeepalive = 25; } ]; }; }; systemd.services."wg-quick-OPNsense" = { serviceConfig = { Restart = "on-failure"; RestartSec = "2s"; }; unitConfig.StartLimitIntervalSec = 0; }; services.usbmuxd.enable = true; environment.systemPackages = with pkgs; [ libcamera ifuse libimobiledevice scrcpy v4l-utils ]; boot.kernel.sysctl = { "net.ipv6.conf.all.disable_ipv6" = 1; "net.ipv6.conf.default.disable_ipv6" = 1; "net.ipv6.conf.lo.disable_ipv6" = 1; }; }