nixos/hosts/dynamix.nix

# Edit this configuration file to define what should be installed on
# your system.  Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running ‘nixos-help’).

{ config, pkgs, ... }:

{
  imports =
    [ # Include the results of the hardware scan.
      ../hardware-configuration.nix
      ../config/base.nix
      ../config/users.nix
      ../config/laptop.nix
      ../config/gui.nix
      ../config/i3.nix
      ../config/gnome.nix
      #../config/grsec.nix
    ];
  services.xserver.displayManager.defaultSession = "none+i3"; # set default WM
  networking.hostName = "dynamix"; # Set Hostname

  # https://bugzilla.kernel.org/show_bug.cgi?id=1l0941
  boot.kernelParams = ["intel_pstate=no_hwp" ];

  # Supposedly better for the SSD
  fileSystems."/".options = [ "noatime" "nodiratime" "discard" ];

  # Use the GRUB 2 boot loader.
  boot.loader.grub.enable = true;
  boot.loader.grub.version = 2;
  #boot.loader.grub.efiSupport = true;
  # boot.loader.grub.efiInstallAsRemovable = true;
  # boot.loader.efi.efiSysMountPoint = "/boot/efi";
  # Define on which hard drive you want to install Grub.
  #boot.loader.grub.device = "nodev"; # or "nodev" for efi only
  #boot.loader.efi.canTouchEfiVariables = true;
  #boot.loader.grub.gfxmodeEfi = "1024x768";
  #boot.loader.systemd-boot.enable = true;
  #boot.loader.efi.canTouchEfiVariables = true;
  #boot.cleanTmpDir = true;
  boot.loader.grub.device = "/dev/sda";
  boot.initrd.availableKernelModules = [ "aes_x86_64" "aesni_intel" "cryptd" ];

  swapDevices = [{device = "/swapfile"; size = 10000;}];

  #networking.useNetworkd = true; # Use Networkd as default Networking Daemon - suitable on static Networks e.g. PCs
  networking.networkmanager.enable = true; # Use Networkmanager as defaukt Networking Daemon - suitable on dynamic Networks e.g. Laptops

  hardware.pulseaudio.package = pkgs.pulseaudioFull; # support for bluetooth headsets
  hardware.bluetooth.enable = true;

  # Have stable and unstable Packages
  nixpkgs.config = {
    # Allow proprietary packages
    allowUnfree = true;

    # Create an alias for the unstable channel
    packageOverrides = pkgs: {
      unstable = import <nixos-unstable> {
        # pass the nixpgs config to the unstable alias
        # to ensure 'allowUnfree = true;' is propagated:
        config = config.nixpkgs.config;
      };
     # stable = import <nixos-stable> {
        # pass the nixpgs config to the unstable alias
        # to ensure 'allowUnfree = true;' is propagated:
       # config = config.nixpkgs.config;
     # };
    };

    #firefox.enableAdobeFlash = true;
    #chromium.enablePepperFlash = true;
    #google-chrome-stable.enablePepperFlash = true;
  };

  # List packages installed in system profile. To search by name, run:
  # $ nix-env -qaP | grep wget
  environment.systemPackages = with pkgs; [
    acpi
    acpitool
  ];

  # Some programs need SUID wrappers, can be configured further or are
  # started in user sessions.
  programs.bash.enableCompletion = true;
  # programs.mtr.enable = true;
  programs.gnupg.agent = { enable = true; enableSSHSupport = true; };

  # List services that you want to enable:

  # Enable the OpenSSH daemon.
  services.openssh.enable = true;

  # Open ports in the firewall.
  networking.firewall.allowedTCPPorts = [ 80 443 ];
  networking.firewall.allowedUDPPorts = [ ];
  # Or disable the firewall altogether.
  # networking.firewall.enable = false;
  networking.firewall.allowPing = true;

  services.journald.extraConfig = ''
  MaxRetentionSec=4day
  '';

  # Enable CUPS to print documents.
  services.printing.enable = true;

  # Enable touchpad support.
  services.xserver.libinput.enable = true;

  # Enable the KDE Desktop Environment.
  # services.xserver.displayManager.sddm.enable = true;
  # services.xserver.desktopManager.plasma5.enable = true;

  # This value determines the NixOS release with which your system is to be
  # compatible, in order to avoid breaking some software such as database
  # servers. You should change this only after NixOS release notes say you
  # should.
  system.stateVersion = "20.09"; # Did you read the comment?
  
  # Enable Autoupgrades
  system.autoUpgrade.enable = true;

  # enable pulseaudio
  hardware.pulseaudio.enable = true;
  hardware.pulseaudio.support32Bit = true;

  # Add user to sudoers file
  security.sudo.configFile = "templis ALL=(ALL) NOPASSWD: ALL";

  programs.zsh.enable = true;

  services.acpid = {
      enable = true;
      lidEventCommands = ''
        if grep -q closed /proc/acpi/button/lid/LID/state; then
          date >> /tmp/i3lock.log
          DISPLAY=":0.0" XAUTHORITY=/home/templis/.Xauthority ${pkgs.i3lock}/bin/i3lock-fancy &>> /tmp/i3lock.log
        fi
      '';
  };
  systemd.user.services.i3lock-sleep = {
    enable = true;
    description = "Automatically lock screen before going to sleep";
    wantedBy = [ "default.target" ];
    path = with pkgs; [ xss-lock i3lock-fancy getopt fontconfig ];
    serviceConfig = {
      Restart = "always";
      ExecStart = "${pkgs.xss-lock}/bin/xss-lock ${pkgs.i3lock-fancy}/bin/i3lock-fancy";
    };
  };
}