initial commit

hosts/dynamix.nix

@@ -0,0 +1,152 @@
+# Edit this configuration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ config, pkgs, ... }:
+
+{
+  imports =
+    [ # Include the results of the hardware scan.
+      ../hardware-configuration.nix
+      ../config/base.nix
+      ../config/users.nix
+      ../config/laptop.nix
+      ../config/gui.nix
+      ../config/i3.nix
+      ../config/gnome.nix
+      #../config/grsec.nix
+    ];
+  services.xserver.displayManager.defaultSession = "none+i3"; # set default WM
+  networking.hostName = "dynamix"; # Set Hostname
+
+  # https://bugzilla.kernel.org/show_bug.cgi?id=1l0941
+  boot.kernelParams = ["intel_pstate=no_hwp" ];
+
+  # Supposedly better for the SSD
+  fileSystems."/".options = [ "noatime" "nodiratime" "discard" ];
+
+  # Use the GRUB 2 boot loader.
+  boot.loader.grub.enable = true;
+  boot.loader.grub.version = 2;
+  #boot.loader.grub.efiSupport = true;
+  # boot.loader.grub.efiInstallAsRemovable = true;
+  # boot.loader.efi.efiSysMountPoint = "/boot/efi";
+  # Define on which hard drive you want to install Grub.
+  #boot.loader.grub.device = "nodev"; # or "nodev" for efi only
+  #boot.loader.efi.canTouchEfiVariables = true;
+  #boot.loader.grub.gfxmodeEfi = "1024x768";
+  #boot.loader.systemd-boot.enable = true;
+  #boot.loader.efi.canTouchEfiVariables = true;
+  #boot.cleanTmpDir = true;
+  boot.loader.grub.device = "/dev/sda";
+  boot.initrd.availableKernelModules = [ "aes_x86_64" "aesni_intel" "cryptd" ];
+
+  swapDevices = [{device = "/swapfile"; size = 10000;}];
+
+  #networking.useNetworkd = true; # Use Networkd as default Networking Daemon - suitable on static Networks e.g. PCs
+  networking.networkmanager.enable = true; # Use Networkmanager as defaukt Networking Daemon - suitable on dynamic Networks e.g. Laptops
+
+  hardware.pulseaudio.package = pkgs.pulseaudioFull; # support for bluetooth headsets
+  hardware.bluetooth.enable = true;
+
+  # Have stable and unstable Packages
+  nixpkgs.config = {
+    # Allow proprietary packages
+    allowUnfree = true;
+
+    # Create an alias for the unstable channel
+    packageOverrides = pkgs: {
+      unstable = import <nixos-unstable> {
+        # pass the nixpgs config to the unstable alias
+        # to ensure 'allowUnfree = true;' is propagated:
+        config = config.nixpkgs.config;
+      };
+     # stable = import <nixos-stable> {
+        # pass the nixpgs config to the unstable alias
+        # to ensure 'allowUnfree = true;' is propagated:
+       # config = config.nixpkgs.config;
+     # };
+    };
+
+    #firefox.enableAdobeFlash = true;
+    #chromium.enablePepperFlash = true;
+    #google-chrome-stable.enablePepperFlash = true;
+  };
+
+  # List packages installed in system profile. To search by name, run:
+  # $ nix-env -qaP | grep wget
+  environment.systemPackages = with pkgs; [
+    acpi
+    acpitool
+  ];
+
+  # Some programs need SUID wrappers, can be configured further or are
+  # started in user sessions.
+  programs.bash.enableCompletion = true;
+  # programs.mtr.enable = true;
+  programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
+
+  # List services that you want to enable:
+
+  # Enable the OpenSSH daemon.
+  services.openssh.enable = true;
+
+  # Open ports in the firewall.
+  networking.firewall.allowedTCPPorts = [ 80 443 ];
+  networking.firewall.allowedUDPPorts = [ ];
+  # Or disable the firewall altogether.
+  # networking.firewall.enable = false;
+  networking.firewall.allowPing = true;
+
+  services.journald.extraConfig = ''
+  MaxRetentionSec=4day
+  '';
+
+  # Enable CUPS to print documents.
+  services.printing.enable = true;
+
+  # Enable touchpad support.
+  services.xserver.libinput.enable = true;
+
+  # Enable the KDE Desktop Environment.
+  # services.xserver.displayManager.sddm.enable = true;
+  # services.xserver.desktopManager.plasma5.enable = true;
+
+  # This value determines the NixOS release with which your system is to be
+  # compatible, in order to avoid breaking some software such as database
+  # servers. You should change this only after NixOS release notes say you
+  # should.
+  system.stateVersion = "20.09"; # Did you read the comment?
+  
+  # Enable Autoupgrades
+  system.autoUpgrade.enable = true;
+
+  # enable pulseaudio
+  hardware.pulseaudio.enable = true;
+  hardware.pulseaudio.support32Bit = true;
+
+  # Add user to sudoers file
+  security.sudo.configFile = "templis ALL=(ALL) NOPASSWD: ALL";
+
+  programs.zsh.enable = true;
+
+  services.acpid = {
+      enable = true;
+      lidEventCommands = ''
+        if grep -q closed /proc/acpi/button/lid/LID/state; then
+          date >> /tmp/i3lock.log
+          DISPLAY=":0.0" XAUTHORITY=/home/templis/.Xauthority ${pkgs.i3lock}/bin/i3lock-fancy &>> /tmp/i3lock.log
+        fi
+      '';
+  };
+  systemd.user.services.i3lock-sleep = {
+    enable = true;
+    description = "Automatically lock screen before going to sleep";
+    wantedBy = [ "default.target" ];
+    path = with pkgs; [ xss-lock i3lock-fancy getopt fontconfig ];
+    serviceConfig = {
+      Restart = "always";
+      ExecStart = "${pkgs.xss-lock}/bin/xss-lock ${pkgs.i3lock-fancy}/bin/i3lock-fancy";
+    };
+  };
+}