nixos/stube-pc/system.nix

132 lines
3.4 KiB
Nix
Raw Normal View History

2024-08-28 11:39:24 +02:00
{ self, config, pkgs, lib, ...}: {
imports = [ ./hardware-configuration.nix ];
2024-08-28 14:24:44 +02:00
# allow spotify
2024-08-28 11:39:24 +02:00
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ "spotify" ];
2024-08-28 14:24:44 +02:00
# boot
2024-08-28 11:39:24 +02:00
boot.loader.grub = {
enable = true;
device = "/dev/sda";
};
boot.loader.timeout = 1;
2024-08-28 14:24:44 +02:00
# network
2024-08-28 11:39:24 +02:00
networking.hostName = "stube-pc";
networking.networkmanager.enable = true;
networking.firewall.enable = true;
2024-09-03 12:59:04 +02:00
networking.interfaces.lo.ipv4.addresses = [ { address="127.0.0.3"; prefixLength=8; }];
2024-08-28 11:39:24 +02:00
2024-08-28 14:24:44 +02:00
# timezone
2024-08-28 11:39:24 +02:00
time.timeZone = "Europe/Berlin";
2024-08-28 14:24:44 +02:00
# configure users
2024-08-28 11:39:24 +02:00
users.mutableUsers = false;
2024-08-28 13:52:41 +02:00
users.users.admin = {
isNormalUser = true;
hashedPassword = "$y$j9T$sYhrjA6IDTFVsUTVrw6aY/$c4qBwMc6SBMip4BWIpHPwzkyVgnOaHdvYxJDUIyw7q1";
extraGroups = [ "wheel" "networkmanager" ];
createHome = true;
openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDbsWgnT1W25H5fDCekspaXzlIwvKh+rHygTId8xHotU admin" ];
2024-08-28 11:43:25 +02:00
};
2024-08-28 11:39:24 +02:00
users.users.stube = {
isNormalUser = true;
extraGroups = [ "networkmanager" ];
password = "stube";
};
2024-08-28 14:24:44 +02:00
# the display-manager starts the desktop environment instantaneously.
# this statement delays the display-manager until the home environment for the user is set up.
2024-08-28 11:39:24 +02:00
systemd.services."display-manager".after = [ "home-manager-stube.service" ];
console.keyMap = "de";
2024-08-28 14:24:44 +02:00
# audio configuration
2024-08-28 11:39:24 +02:00
services.pipewire = {
enable = true;
pulse.enable = true;
};
2024-08-28 14:24:44 +02:00
# gui configuration
2024-08-28 11:39:24 +02:00
services.xserver = {
enable = true;
xkb.layout = "de";
desktopManager.xfce.enable = true;
};
services.displayManager = {
enable = true;
defaultSession = "xfce";
autoLogin = {
enable = true;
user = "stube";
};
};
2024-08-28 14:24:44 +02:00
# remove all multi-user / displayManager functionality from lightDM (basically a kiosk setup)
2024-08-28 11:39:24 +02:00
services.xserver.displayManager.lightdm.greeter.enable = false;
services.xserver.displayManager.lightdm.autoLogin.timeout = 0;
services.xserver.desktopManager.xfce.enableScreensaver = false;
2024-08-28 23:20:58 +02:00
services.thekenlicht-daemon = {
enable = true;
2024-09-03 12:59:04 +02:00
serialPort = "/dev/serial/by-id/usb-Arduino__www.arduino.cc__Arduino_Uno_856333434393513111C0-if00";
2024-08-28 23:20:58 +02:00
};
2024-08-28 14:24:44 +02:00
# enable gpu support
2024-08-28 11:39:24 +02:00
hardware.opengl = {
enable = true;
driSupport = true;
driSupport32Bit = true;
};
2024-08-28 14:24:44 +02:00
# load additional applications
2024-08-28 11:39:24 +02:00
environment.systemPackages = with pkgs; [
2024-08-28 14:24:44 +02:00
vim # text editor
git # source code management for nixos-rebuild from flake
xfce.xfce4-pulseaudio-plugin # pulseaudio-plugin in top panel
pavucontrol # audio control panel
2024-08-28 23:20:58 +02:00
qlcplus
];
services.udev.packages = with pkgs; [
qlcplus
2024-08-28 11:39:24 +02:00
];
2024-08-29 09:45:23 +02:00
services.logind.extraConfig = "HandlePowerKey=poweroff";
2024-08-28 14:24:44 +02:00
# link current system configuration to /etc/current-nixos
2024-08-28 11:39:24 +02:00
environment.etc."current-nixos".source = self;
2024-08-28 14:24:44 +02:00
# persistent files
2024-08-28 11:39:24 +02:00
environment.persistence."/persist" = {
enable = true;
hideMounts = true;
directories = [
"/var/log"
"/var/lib/nixos"
];
files = [
"/etc/machine-id"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
];
};
security.polkit.enable = true;
2024-08-28 14:24:44 +02:00
# enable ssh access for admin user
2024-08-28 11:43:25 +02:00
services.openssh = {
enable = true;
openFirewall = true;
2024-08-28 13:52:41 +02:00
settings = {
PasswordAuthentication = false;
AllowUsers = [ "admin" ];
};
2024-08-28 11:43:25 +02:00
};
2024-08-28 11:39:24 +02:00
system.stateVersion = "24.05";
}