# Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). # Nix Reference Manual: # https://nixos.org/manual/nix/stable/ # NixOS Packages / Options: # https://search.nixos.org/packages? # Other things to consider: # Telegraf { lib, config, pkgs, ... }: { imports = [ # Include the results of the hardware scan. # Should be set on the machine's configuration.nix # ./hardware-configuration.nix # Home-Manager Nix configuration file. # ./home-manager.nix # Gnome configuration file. ./gnome.nix # Promtail logging ./promtail.nix ]; # Keep the system up-to-date automatically system = { autoUpgrade = { enable = true; allowReboot = false; channel = https://channels.nixos.org/nixos-23.05; }; }; # Bootloader. # boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; boot.tmp.cleanOnBoot = true; boot.resumeDevice = "/dev/disk/by-uuid/67600fc1-6d26-4d2f-b2d3-a99174654058"; # Plymouth splash screen boot.plymouth.enable = true; boot.initrd.systemd.enable = true; boot.kernelParams = ["quiet"]; # SecureBoot boot.loader.systemd-boot.enable = lib.mkForce false; boot.lanzaboote.enable = true; boot.lanzaboote.pkiBundle = "/etc/secureboot"; # Setup keyfile boot.initrd.secrets = { "/crypto_keyfile.bin" = null; }; # Enable swap on luks boot.initrd.luks.devices."luks-9704447e-6bd0-4a35-9c24-20cbab81c431".device = "/dev/disk/by-uuid/9704447e-6bd0-4a35-9c24-20cbab81c431"; boot.initrd.luks.devices."luks-9704447e-6bd0-4a35-9c24-20cbab81c431".keyFile = "/crypto_keyfile.bin"; # Enable networking networking = { hostName = "nixos-p1"; networkmanager = { enable = true; }; enableIPv6 = false; firewall = { enable = true; allowedTCPPorts = [ 22 ]; allowedUDPPorts = [ ]; }; }; # Set your time zone. time.timeZone = "Asia/Tokyo"; # Select internationalisation properties. i18n.defaultLocale = "en_US.UTF-8"; i18n.extraLocaleSettings = { LC_ADDRESS = "en_US.UTF-8"; LC_IDENTIFICATION = "en_US.UTF-8"; LC_MEASUREMENT = "en_US.UTF-8"; LC_MONETARY = "en_US.UTF-8"; LC_NAME = "en_US.UTF-8"; LC_NUMERIC = "en_US.UTF-8"; LC_PAPER = "en_US.UTF-8"; LC_TELEPHONE = "en_US.UTF-8"; LC_TIME = "en_US.UTF-8"; }; # Configure the fingerprint reader services.fprintd = { enable = true; tod.enable = true; tod.driver = pkgs.libfprint-2-tod1-vfs0090; }; # Configure keymap in X11 services.xserver = { enable = true; layout = "us"; xkbVariant = ""; libinput = { enable = true; touchpad.tapping = true; }; # Enable nVidia drivers videoDrivers = [ "nvidia" ]; autorun = true; }; # Enable nVidia PRIME Render Offload # https://github.com/NixOS/nixos-hardware/blob/master/lenovo/thinkpad/p1/3th-gen/nvidia.nix hardware.nvidia.prime = { # Bus ID of the Intel GPU. intelBusId = lib.mkDefault "PCI:0:2:0"; # Bus ID of the NVIDIA GPU. nvidiaBusId = lib.mkDefault "PCI:1:0:0"; }; # Enable sound with pipewire. sound.enable = true; hardware.pulseaudio.enable = false; security.rtkit.enable = true; services.pipewire = { enable = true; alsa.enable = true; alsa.support32Bit = true; pulse.enable = true; }; # Define a user account. Don't forget to set a password with ‘passwd’. users.users.albert = { isNormalUser = true; description = "Albert J. Copeland"; extraGroups = [ "networkmanager" "wheel" ]; packages = with pkgs; [ firefox bitwarden steam lutris vlc vscodium ]; }; # Allow unfree packages nixpkgs.config.allowUnfree = true; # Enable flakes: https://nixos.wiki/wiki/Flakes nix.settings.experimental-features = [ "nix-command" "flakes" ]; # List packages installed in system profile. To search, run: environment.systemPackages = with pkgs; [ # Secureboot sbctl # Fingerprint Reader fprintd # General packages # https://github.com/gvolpe/dconf2nix dconf2nix wget vim git curl htop iftop nload iotop glxinfo tailscale ]; # Enable the OpenSSH daemon and Tailscale. services.openssh.enable = true; services.tailscale.enable = true; # Garbage collection -- Keep the system clean nix.gc = { automatic = true; dates = "weekly"; options = "--delete-older-than 7d"; }; # Configure BASH exports programs = { bash = { enableCompletion = true; enableLsColors = true; shellAliases = { d = "docker"; dc = "docker-compose"; de = "docker exec -it"; ddate = "date +%Y.%m.%d"; dday = "date +%A"; cp = "rsync -avr"; g = "git"; ga = "git add -A"; gb = "git branch"; gc = "git commit"; gca = "git commit -a"; gco = "git checkout"; gd = "git diff"; gp = "git pull --prune"; gpu = "git push origin HEAD"; gs = "git status -sb"; hs = "home-manager switch"; ll = "ls -lah"; rm = "rm -i"; tdate = "date +%Y.%m.%d..%H.%M"; ttime = "date +%H.%M"; nr = "nixos-rebuild"; }; }; }; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "23.05"; # Did you read the comment? }