211 lines
4.9 KiB
Nix
211 lines
4.9 KiB
Nix
{ config, pkgs, ... }:
|
|
|
|
{
|
|
|
|
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
|
nix.gc = {
|
|
automatic = true;
|
|
dates = "weekly";
|
|
options = "--delete-older-than 30d";
|
|
};
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
cargo
|
|
chromium
|
|
claude-code
|
|
curl
|
|
docker-compose
|
|
gcc
|
|
git
|
|
gnupg
|
|
imv
|
|
keepassxc
|
|
mdbook
|
|
mpv
|
|
neovim
|
|
openssl
|
|
# Alias vi even with sudo.
|
|
(pkgs.writeShellScriptBin "vi" ''
|
|
exec ${pkgs.neovim}/bin/nvim "$@"
|
|
'')
|
|
pinentry-curses
|
|
python3
|
|
rsync
|
|
rustc
|
|
tldr
|
|
tor # Tor anonymity network
|
|
vscodium
|
|
|
|
# Hyprland essentials
|
|
hyprpaper # Wallpaper daemon
|
|
hypridle # Idle daemon
|
|
hyprlock # Lock screen
|
|
xdg-utils # XDG utilities
|
|
#polkit-kde-agent # Polkit authentication agent
|
|
];
|
|
|
|
boot.loader.systemd-boot.enable = true;
|
|
boot.loader.efi.canTouchEfiVariables = true;
|
|
|
|
# Enables wireless support via wpa_supplicant.
|
|
# networking.wireless.enable = true;
|
|
|
|
# Configure network proxy if necessary
|
|
# networking.proxy.default = "http://user:password@proxy:port/";
|
|
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
|
|
|
|
networking.networkmanager.enable = true;
|
|
|
|
time.timeZone = "America/Los_Angeles";
|
|
|
|
i18n.defaultLocale = "en_US.UTF-8";
|
|
|
|
i18n.extraLocaleSettings = {
|
|
LC_ADDRESS = "en_US.UTF-8";
|
|
LC_IDENTIFICATION = "en_US.UTF-8";
|
|
LC_MEASUREMENT = "en_US.UTF-8";
|
|
LC_MONETARY = "en_US.UTF-8";
|
|
LC_NAME = "en_US.UTF-8";
|
|
LC_NUMERIC = "en_US.UTF-8";
|
|
LC_PAPER = "en_US.UTF-8";
|
|
LC_TELEPHONE = "en_US.UTF-8";
|
|
LC_TIME = "en_US.UTF-8";
|
|
};
|
|
|
|
programs.gnupg.agent = {
|
|
enable = true;
|
|
pinentryPackage = pkgs.pinentry-curses;
|
|
};
|
|
|
|
# Hyprland configuration
|
|
programs.hyprland = {
|
|
enable = true;
|
|
xwayland.enable = true;
|
|
};
|
|
|
|
# Display manager for Hyprland
|
|
services.displayManager.sddm = {
|
|
enable = true;
|
|
wayland.enable = true;
|
|
};
|
|
|
|
# XDG portal for screen sharing and other desktop features
|
|
xdg.portal = {
|
|
enable = true;
|
|
extraPortals = [ pkgs.xdg-desktop-portal-hyprland ];
|
|
};
|
|
|
|
services.xserver = {
|
|
enable = true;
|
|
xkb = {
|
|
layout = "us";
|
|
variant = "";
|
|
};
|
|
};
|
|
|
|
# Enable CUPS to print documents.
|
|
services.printing.enable = true;
|
|
|
|
security.rtkit.enable = true;
|
|
services.pipewire = {
|
|
enable = true;
|
|
alsa.enable = true;
|
|
alsa.support32Bit = true;
|
|
pulse.enable = true;
|
|
# If you want to use JACK applications, uncomment this
|
|
#jack.enable = true;
|
|
};
|
|
|
|
# Define a user account. Don't forget to set a password with 'passwd'.
|
|
users.users.brimlock = {
|
|
isNormalUser = true;
|
|
home = "/home/brimlock";
|
|
description = "brimlock";
|
|
extraGroups = [ "docker" "networkmanager" "wheel" "video" "render" ];
|
|
packages = with pkgs; [
|
|
# Hyprland utilities and applications
|
|
waybar # Status bar
|
|
wofi # Application launcher
|
|
kitty # Terminal emulator
|
|
dunst # Notification daemon
|
|
swaylock # Screen locker
|
|
swayidle # Idle management daemon
|
|
wlogout # Logout menu
|
|
grim # Screenshot tool
|
|
slurp # Screen area selector
|
|
wl-clipboard # Clipboard utilities
|
|
brightnessctl # Brightness control
|
|
pavucontrol # Audio control
|
|
networkmanagerapplet # Network manager applet
|
|
|
|
# File manager and utilities
|
|
nautilus
|
|
gnome-themes-extra
|
|
|
|
# Additional tools
|
|
libreoffice
|
|
grub2_efi
|
|
exfatprogs
|
|
tor-browser # Tor Browser
|
|
];
|
|
};
|
|
|
|
programs.firefox.enable = true;
|
|
|
|
# Enable Tor service
|
|
services.tor = {
|
|
enable = true;
|
|
client.enable = true;
|
|
};
|
|
|
|
# Allow unfree packages
|
|
nixpkgs.config.allowUnfree = true;
|
|
|
|
# Add cachix for faster builds
|
|
nix.settings = {
|
|
substituters = [
|
|
"https://cache.nixos.org/"
|
|
"https://nix-community.cachix.org"
|
|
];
|
|
trusted-public-keys = [
|
|
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
|
|
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
|
];
|
|
};
|
|
|
|
environment.variables.EDITOR = "nvim";
|
|
# Polkit for privilege escalation
|
|
#security.polkit.enable = true;
|
|
|
|
environment.shellAliases = {
|
|
vi = "nvim";
|
|
vim = "nvim";
|
|
};
|
|
|
|
security.sudo = {
|
|
enable = true;
|
|
extraRules = [
|
|
{
|
|
users = [ "brimlock" ];
|
|
commands = [
|
|
{
|
|
command = "ALL";
|
|
options = [ "NOPASSWD" ];
|
|
}
|
|
];
|
|
}
|
|
];
|
|
};
|
|
|
|
programs.steam = {
|
|
enable = true;
|
|
remotePlay.openFirewall = true;
|
|
dedicatedServer.openFirewall = true;
|
|
};
|
|
|
|
# Disable automatic suspend for SystemD.
|
|
systemd.targets.sleep.enable = false;
|
|
systemd.targets.suspend.enable = false;
|
|
systemd.targets.hibernate.enable = false;
|
|
systemd.targets.hybrid-sleep.enable = false;
|
|
}
|