Skip to content

Instantly share code, notes, and snippets.

@cosarara

cosarara/configuration.nix Secret

Last active August 21, 2020 18:25
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save cosarara/d22df0da170199a18cbcfd0144db3bbe to your computer and use it in GitHub Desktop.
Save cosarara/d22df0da170199a18cbcfd0144db3bbe to your computer and use it in GitHub Desktop.
Download ZIP
Raw
configuration.nix
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running ‘nixos-help’).
{ config, pkgs, ... }:
let
unstable = import <nixos-unstable> {};
#compiledLayout = pkgs.runCommand "keyboard-layout" {} ''
# ${pkgs.xorg.xkbcomp}/bin/xkbcomp ${./layout.xkb} $out
#'';
in {
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
#./samba.nix
#./sway.nix
./builder.nix
];
# Use the systemd-boot EFI boot loader.
#boot.loader.systemd-boot.enable = true;
#boot.loader.efi.canTouchEfiVariables = true;
boot.loader = {
efi = {
canTouchEfiVariables = true;
# assuming /boot is the mount point of the EFI partition in NixOS (as the installation section recommends).
efiSysMountPoint = "/boot";
};
grub = {
# despite what the configuration.nix manpage seems to indicate,
# as of release 17.09, setting device to "nodev" will still call
# `grub-install` if efiSupport is true
# (the devices list is not used by the EFI grub install,
# but must be set to some value in order to pass an assert in grub.nix)
devices = [ "nodev" ];
efiSupport = true;
enable = true;
# set $FS_UUID to the UUID of the EFI partition
extraEntries = ''
menuentry "Windows" {
insmod part_gpt
insmod fat
insmod search_fs_uuid
insmod chain
search --fs-uuid --set=root AC5F-2C86
chainloader /EFI/Microsoft/Boot/bootmgfw.efi
}
'';
version = 2;
};
};
boot.kernelParams = [ "pcie_aspm=off" ];
networking = {
hostName = "arcturus"; # Define your hostname.
#networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
#- You can not use networking.networkmanager with networking.wireless.
#Except if you mark some interfaces as <literal>unmanaged</literal> by NetworkManager.
# The global useDHCP flag is deprecated, therefore explicitly set to false here.
# Per-interface useDHCP will be mandatory in the future, so this generated config
# replicates the default behaviour.
useDHCP = false;
interfaces.enp1s0.useDHCP = true;
interfaces.wlp2s0.useDHCP = true;
networkmanager.enable = true;
networkmanager.dns = "dnsmasq";
wireguard.interfaces.wg0 = {
# Determines the IP address and subnet of the client's end of the tunnel interface.
ips = [ "10.0.0.6/32" ];
# Path to the private key file.
#
# Note: The private key can also be included inline via the privateKey option,
# but this makes the private key world-readable; thus, using privateKeyFile is
# recommended.
privateKeyFile = "/root/wireguard-keys/private";
peers = [
# For a client configuration, one peer entry for the server will suffice.
{
# Public key of the server (not a file path).
publicKey = "lViKxLbn+PGPaybqddEW5frFB8KtEy9qwtOUSPhASh4=";
# Forward all the traffic via VPN.
#allowedIPs = [ "0.0.0.0/0" ];
# Or forward only particular subnets
allowedIPs = [ "10.0.0.0/24" ];
# Set this to the server IP and port.
endpoint = "www.cosarara.me:51820";
# Send keepalives every 25 seconds. Important to keep NAT tables alive.
persistentKeepalive = 25;
}
];
};
# Configure network proxy if necessary
# proxy.default = "http://user:password@proxy:port/";
# proxy.noProxy = "127.0.0.1,localhost,internal.domain";
};
services.udev.packages = [ pkgs.crda ];
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "Lat2-Terminus16";
keyMap = "us";
};
# Set your time zone.
time.timeZone = "Europe/Amsterdam";
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
arandr
ark
audacious
curl
feh
firefox
fzf
git
htop
iw
kdialog
ldns
libarchive
lshw
maim
mate.mate-terminal
mercurial
mosh
mpv
ncdu
neovim
nethack
pciutils
python3
ripgrep
rofi
screenfetch
slop
transmission_gtk
unstable.qimgv
unzip
vim
wget
wireguard
xclip
xorg.xkbcomp
youtube-dl
zsh
];
fonts.fonts = with pkgs; [
noto-fonts
noto-fonts-cjk
noto-fonts-emoji
liberation_ttf
fira-code
fira-code-symbols
mplus-outline-fonts
unstable.dina-font.otb
proggyfonts
unstable.terminus_font.otb
];
fonts.fontconfig = {
allowBitmaps = true;
allowType1 = true;
defaultFonts = {
serif = [ "Noto Serif" ];
sansSerif = [ "Noto Sans" ];
monospace = [ "Hack" ];
};
penultimate.enable = true;
};
nixpkgs.config.firefox.enablePlasmaBrowserIntegration = true;
i18n.inputMethod = {
enabled = "ibus";
ibus.engines = with pkgs.ibus-engines; [ anthy ];
};
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# pinentryFlavor = "gnome3";
# };
# List services that you want to enable:
# Enable the OpenSSH daemon.
services.openssh = {
enable = true;
permitRootLogin = "no";
passwordAuthentication = false;
};
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# Enable CUPS to print documents.
# services.printing.enable = true;
# Enable the X11 windowing system.
services.xserver = {
enable = true;
extraLayouts.jaume = {
description = "English (Jaume)";
languages = [ "eng" ];
symbolsFile = ./jaume-symbols;
};
#layout = "us";
#xkbOptions = "eurosign:e";
#xkbVariant = "norman";
layout = "jaume";
# Enable touchpad support.
libinput.enable = true;
# Enable the KDE Desktop Environment.
displayManager.sddm.enable = true;
desktopManager.plasma5.enable = true;
#displayManager.sessionCommands = "${pkgs.xorg.xkbcomp}/bin/xkbcomp ${compiledLayout} $DISPLAY";
};
# Enable sound.
sound.enable = true;
hardware.pulseaudio.enable = true;
programs.zsh.enable = true;
# Define a user account. Don't forget to set a password with ‘passwd’.
users.users.jaume = {
isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" ];
shell = pkgs.zsh;
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. It‘s perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "20.03"; # Did you read the comment?
}
Raw
why-depends.log
> nix why-depends /nix/store/*-nixos-system-arcturus-20.03.*.drv /nix/store/pkdy0kvq3jdsh8kcx8n91qamfdw8fz4l-xkeyboard-config-2.27.drv
/nix/store/gxshyp2ahp44zsqh173n78g7n82qfy4x-nixos-system-arcturus-20.03.2824.de3780b937d.drv
╚═══/: …33.2.drv",["bin"]),("/nix/store/54rim792px8w3i4ghda5rwqdq5y31jdd-kwin-5.17.5.drv",["bin"]),("/ni…
=> /nix/store/54rim792px8w3i4ghda5rwqdq5y31jdd-kwin-5.17.5.drv
╚═══/: …66.0.drv",["dev"]),("/nix/store/bc5acmpffj704i954v9ibp77qhhivq4a-libxkbcommon-0.10.0.drv",["dev"…
=> /nix/store/bc5acmpffj704i954v9ibp77qhhivq4a-libxkbcommon-0.10.0.drv
╚═══/: ….5.1.drv",["out"]),("/nix/store/pkdy0kvq3jdsh8kcx8n91qamfdw8fz4l-xkeyboard-config-2.27.drv",["ou…
=> /nix/store/pkdy0kvq3jdsh8kcx8n91qamfdw8fz4l-xkeyboard-config-2.27.drv
~ 20:24:00
> nix why-depends /nix/store/*-nixos-system-arcturus-20.03.*.drv /nix/store/wfpdrhgk9d37kwzi9m0xsabdh1hg3ac1-xkeyboard-config-2.27.drv
/nix/store/gxshyp2ahp44zsqh173n78g7n82qfy4x-nixos-system-arcturus-20.03.2824.de3780b937d.drv
╚═══/: …drv",["out","su"]),("/nix/store/z6c50mip8gr2l9bqzqq8h6a1ksanjcz8-system-path.drv",["out"]),("/ni…
=> /nix/store/z6c50mip8gr2l9bqzqq8h6a1ksanjcz8-system-path.drv
╚═══/: …66.0.drv",["out"]),("/nix/store/3dg2anrnj07f6140wdlv7csa9wmd2p08-qimgv-0.9.1.drv",["out"]),("/ni…
=> /nix/store/3dg2anrnj07f6140wdlv7csa9wmd2p08-qimgv-0.9.1.drv
╚═══/: ….3.0.drv",["out"]),("/nix/store/v5bvdsi83lji6cinxmi2hjq1n85vbbcd-qtbase-5.12.7.drv",["dev"]),("/…
=> /nix/store/v5bvdsi83lji6cinxmi2hjq1n85vbbcd-qtbase-5.12.7.drv
╚═══/: ….1.8.drv",["out"]),("/nix/store/yh7srcdaz3dzpyp1pgxy9yd832c7iv18-libxkbcommon-0.10.0.drv",["dev"…
=> /nix/store/yh7srcdaz3dzpyp1pgxy9yd832c7iv18-libxkbcommon-0.10.0.drv
╚═══/: ….6.8.drv",["out"]),("/nix/store/wfpdrhgk9d37kwzi9m0xsabdh1hg3ac1-xkeyboard-config-2.27.drv",["ou…
=> /nix/store/wfpdrhgk9d37kwzi9m0xsabdh1hg3ac1-xkeyboard-config-2.27.drv
~ 20:24:10
> nix why-depends /nix/store/*-nixos-system-arcturus-20.03.*.drv /nix/store/ycc3gn3skkyxhvj0z6jxbr0iq30f90sx-xkeyboard-config-2.27.drv
/nix/store/gxshyp2ahp44zsqh173n78g7n82qfy4x-nixos-system-arcturus-20.03.2824.de3780b937d.drv
╚═══/: …2.30.drv",["out"]),("/nix/store/yi7pagkxvspq4vfy8xmzp1y007jjs3r3-etc.drv",["out"]),("/nix/store/…
=> /nix/store/yi7pagkxvspq4vfy8xmzp1y007jjs3r3-etc.drv
╚═══/: …conf.drv",["out"]),("/nix/store/ycc3gn3skkyxhvj0z6jxbr0iq30f90sx-xkeyboard-config-2.27.drv",["ou…
=> /nix/store/ycc3gn3skkyxhvj0z6jxbr0iq30f90sx-xkeyboard-config-2.27.drv
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment