86 lines
2.2 KiB
Nix
86 lines
2.2 KiB
Nix
{ pkgs, ... }:
|
|
{
|
|
environment.sessionVariables.NIXOS_OZONE_WL = "1"; # hint electron apps to use wayland:
|
|
|
|
nixpkgs.config.allowUnfree = true;
|
|
security.polkit.enable = true;
|
|
security.rtkit.enable = true;
|
|
programs.zsh.enable = true;
|
|
networking.firewall.enable = false;
|
|
programs.nix-ld.enable = true;
|
|
|
|
boot.loader.systemd-boot.enable = true;
|
|
boot.loader.systemd-boot.memtest86.enable = true;
|
|
boot.loader.systemd-boot.netbootxyz.enable = true;
|
|
boot.loader.timeout = 1;
|
|
boot.loader.efi.canTouchEfiVariables = true;
|
|
systemd.settings.Manager.DefaultTimeoutStopSec = "10s";
|
|
systemd.settings.Manager.DefaultTimeoutStartSec = "10s";
|
|
systemd.settings.Manager.DefaultTimeoutAbortSec = "10s";
|
|
systemd.settings.Manager.DefaultDeviceTimeoutSec = "10s";
|
|
systemd.services.systemd-user-sessions.enable = false;
|
|
boot.tmp.cleanOnBoot = true;
|
|
|
|
powerManagement.enable = true;
|
|
services.thermald.enable = true;
|
|
services.pcscd.enable = true;
|
|
services.fwupd.enable = true;
|
|
services.gvfs.enable = true;
|
|
services.fstrim.enable = true;
|
|
services.openssh = {
|
|
enable = true;
|
|
settings = {
|
|
PermitRootLogin = "no";
|
|
PasswordAuthentication = false;
|
|
};
|
|
};
|
|
|
|
fonts.packages = with pkgs; [
|
|
noto-fonts
|
|
noto-fonts-cjk-sans
|
|
noto-fonts-emoji
|
|
iosevka
|
|
roboto
|
|
font-awesome
|
|
jetbrains-mono
|
|
nerd-fonts.fira-code
|
|
nerd-fonts.ubuntu
|
|
nerd-fonts.zed-mono
|
|
];
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
virtiofsd
|
|
wget
|
|
curl
|
|
git
|
|
lm_sensors
|
|
wireguard-tools
|
|
|
|
# Podman
|
|
dive
|
|
podman-tui
|
|
docker-compose
|
|
];
|
|
|
|
nix.gc = {
|
|
automatic = true;
|
|
dates = "daily";
|
|
options = "--delete-older-than 2d";
|
|
};
|
|
|
|
virtualisation.containers.enable = true;
|
|
virtualisation = {
|
|
podman = {
|
|
enable = true;
|
|
dockerCompat = true;
|
|
defaultNetwork.settings.dns_enabled = true;
|
|
};
|
|
};
|
|
|
|
services.resolved = {
|
|
enable = pkgs.lib.mkDefault true;
|
|
fallbackDns = [ "1.1.1.1" "1.0.0.1" ];
|
|
};
|
|
networking.nameservers = pkgs.lib.mkDefault ["1.1.1.1" "1.0.0.1"];
|
|
}
|