2024-08-28 11:39:24 +02:00
|
|
|
{ self, config, pkgs, lib, ...}: {
|
|
|
|
imports = [ ./hardware-configuration.nix ];
|
|
|
|
|
2024-08-28 14:24:44 +02:00
|
|
|
# allow spotify
|
2024-08-28 11:39:24 +02:00
|
|
|
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ "spotify" ];
|
|
|
|
|
2024-08-28 14:24:44 +02:00
|
|
|
# boot
|
2024-08-28 11:39:24 +02:00
|
|
|
boot.loader.grub = {
|
|
|
|
enable = true;
|
|
|
|
device = "/dev/sda";
|
|
|
|
};
|
|
|
|
|
|
|
|
boot.loader.timeout = 1;
|
|
|
|
|
2024-08-28 14:24:44 +02:00
|
|
|
# network
|
2024-08-28 11:39:24 +02:00
|
|
|
networking.hostName = "stube-pc";
|
|
|
|
networking.networkmanager.enable = true;
|
|
|
|
networking.firewall.enable = true;
|
2024-09-03 12:59:04 +02:00
|
|
|
networking.interfaces.lo.ipv4.addresses = [ { address="127.0.0.3"; prefixLength=8; }];
|
2024-08-28 11:39:24 +02:00
|
|
|
|
2024-08-28 14:24:44 +02:00
|
|
|
# timezone
|
2024-08-28 11:39:24 +02:00
|
|
|
time.timeZone = "Europe/Berlin";
|
|
|
|
|
2024-08-28 14:24:44 +02:00
|
|
|
# configure users
|
2024-08-28 11:39:24 +02:00
|
|
|
users.mutableUsers = false;
|
2024-08-28 13:52:41 +02:00
|
|
|
users.users.admin = {
|
|
|
|
isNormalUser = true;
|
|
|
|
hashedPassword = "$y$j9T$sYhrjA6IDTFVsUTVrw6aY/$c4qBwMc6SBMip4BWIpHPwzkyVgnOaHdvYxJDUIyw7q1";
|
|
|
|
extraGroups = [ "wheel" "networkmanager" ];
|
|
|
|
createHome = true;
|
|
|
|
openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDbsWgnT1W25H5fDCekspaXzlIwvKh+rHygTId8xHotU admin" ];
|
2024-08-28 11:43:25 +02:00
|
|
|
};
|
2024-08-28 11:39:24 +02:00
|
|
|
users.users.stube = {
|
|
|
|
isNormalUser = true;
|
|
|
|
extraGroups = [ "networkmanager" ];
|
|
|
|
password = "stube";
|
|
|
|
};
|
|
|
|
|
2024-08-28 14:24:44 +02:00
|
|
|
# the display-manager starts the desktop environment instantaneously.
|
|
|
|
# this statement delays the display-manager until the home environment for the user is set up.
|
2024-08-28 11:39:24 +02:00
|
|
|
systemd.services."display-manager".after = [ "home-manager-stube.service" ];
|
|
|
|
|
|
|
|
console.keyMap = "de";
|
|
|
|
|
2024-08-28 14:24:44 +02:00
|
|
|
# audio configuration
|
2024-08-28 11:39:24 +02:00
|
|
|
services.pipewire = {
|
|
|
|
enable = true;
|
|
|
|
pulse.enable = true;
|
|
|
|
};
|
|
|
|
|
2024-08-28 14:24:44 +02:00
|
|
|
# gui configuration
|
2024-08-28 11:39:24 +02:00
|
|
|
services.xserver = {
|
|
|
|
enable = true;
|
|
|
|
xkb.layout = "de";
|
|
|
|
desktopManager.xfce.enable = true;
|
|
|
|
};
|
|
|
|
services.displayManager = {
|
|
|
|
enable = true;
|
|
|
|
defaultSession = "xfce";
|
|
|
|
autoLogin = {
|
|
|
|
enable = true;
|
|
|
|
user = "stube";
|
|
|
|
};
|
|
|
|
};
|
2024-08-28 14:24:44 +02:00
|
|
|
|
|
|
|
# remove all multi-user / displayManager functionality from lightDM (basically a kiosk setup)
|
2024-08-28 11:39:24 +02:00
|
|
|
services.xserver.displayManager.lightdm.greeter.enable = false;
|
|
|
|
services.xserver.displayManager.lightdm.autoLogin.timeout = 0;
|
|
|
|
services.xserver.desktopManager.xfce.enableScreensaver = false;
|
|
|
|
|
2024-08-28 23:20:58 +02:00
|
|
|
services.thekenlicht-daemon = {
|
|
|
|
enable = true;
|
2024-09-03 12:59:04 +02:00
|
|
|
serialPort = "/dev/serial/by-id/usb-Arduino__www.arduino.cc__Arduino_Uno_856333434393513111C0-if00";
|
2024-08-28 23:20:58 +02:00
|
|
|
};
|
|
|
|
|
2024-08-28 14:24:44 +02:00
|
|
|
# enable gpu support
|
2024-08-28 11:39:24 +02:00
|
|
|
hardware.opengl = {
|
|
|
|
enable = true;
|
|
|
|
driSupport = true;
|
|
|
|
driSupport32Bit = true;
|
|
|
|
};
|
|
|
|
|
2024-08-28 14:24:44 +02:00
|
|
|
# load additional applications
|
2024-08-28 11:39:24 +02:00
|
|
|
environment.systemPackages = with pkgs; [
|
2024-08-28 14:24:44 +02:00
|
|
|
vim # text editor
|
|
|
|
git # source code management for nixos-rebuild from flake
|
|
|
|
xfce.xfce4-pulseaudio-plugin # pulseaudio-plugin in top panel
|
|
|
|
pavucontrol # audio control panel
|
2024-08-28 23:20:58 +02:00
|
|
|
qlcplus
|
|
|
|
];
|
|
|
|
|
|
|
|
services.udev.packages = with pkgs; [
|
|
|
|
qlcplus
|
2024-08-28 11:39:24 +02:00
|
|
|
];
|
|
|
|
|
2024-08-29 09:45:23 +02:00
|
|
|
services.logind.extraConfig = "HandlePowerKey=poweroff";
|
|
|
|
|
2024-08-28 14:24:44 +02:00
|
|
|
# link current system configuration to /etc/current-nixos
|
2024-08-28 11:39:24 +02:00
|
|
|
environment.etc."current-nixos".source = self;
|
|
|
|
|
2024-08-28 14:24:44 +02:00
|
|
|
# persistent files
|
2024-08-28 11:39:24 +02:00
|
|
|
environment.persistence."/persist" = {
|
|
|
|
enable = true;
|
|
|
|
hideMounts = true;
|
|
|
|
directories = [
|
|
|
|
"/var/log"
|
|
|
|
"/var/lib/nixos"
|
|
|
|
];
|
|
|
|
files = [
|
|
|
|
"/etc/machine-id"
|
|
|
|
"/etc/ssh/ssh_host_rsa_key"
|
|
|
|
"/etc/ssh/ssh_host_rsa_key.pub"
|
|
|
|
"/etc/ssh/ssh_host_ed25519_key"
|
|
|
|
"/etc/ssh/ssh_host_ed25519_key.pub"
|
|
|
|
];
|
|
|
|
};
|
|
|
|
|
|
|
|
security.polkit.enable = true;
|
|
|
|
|
2024-08-28 14:24:44 +02:00
|
|
|
# enable ssh access for admin user
|
2024-08-28 11:43:25 +02:00
|
|
|
services.openssh = {
|
|
|
|
enable = true;
|
|
|
|
openFirewall = true;
|
2024-08-28 13:52:41 +02:00
|
|
|
settings = {
|
|
|
|
PasswordAuthentication = false;
|
|
|
|
AllowUsers = [ "admin" ];
|
|
|
|
};
|
2024-08-28 11:43:25 +02:00
|
|
|
};
|
|
|
|
|
2024-08-28 11:39:24 +02:00
|
|
|
system.stateVersion = "24.05";
|
|
|
|
}
|