# file: configuration.nix
{ pkgs, lib, config, ... }:
let
sources = import ./npins;
proxmox-nixos = import sources.proxmox-nixos;
in
{
imports = [ proxmox-nixos.nixosModules.proxmox-ve ./hardware-configuration.nix];
services.proxmox-ve.enable = true;
nixpkgs.overlays = [
proxmox-nixos.overlays.x86_64-linux
];
# The rest of your configuration...
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running ‘nixos-help’).
# System-wide settings
system.autoUpgrade.enable = true; # Enable automatic system upgrades
system.autoUpgrade.allowReboot = true;
system.autoUpgrade.channel = "https://channels.nixos.org/nixos-24.05";
# # Bootloader settings
boot.loader = {
# systemd-boot.enable = true;
grub = {
enable = true;
zfsSupport = true;
devices = ["nodev"];
efiSupport = true;
useOSProber = true;
};
};
# Filesystem support
boot.supportedFilesystems = [ "ntfs" ];
# ZFS settings
boot.kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
boot.zfs.extraPools = [ "zpool_name" ];
services.zfs.autoScrub.enable = true;
# Networking settings
networking.hostName = "nixos"; # Define your hostname.
networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Enable networking
networking.networkmanager.enable = true;
# Set your time zone.
time.timeZone = "Asia/Kolkata";
# Select internationalisation properties.
i18n.defaultLocale = "en_IN";
i18n.extraLocaleSettings = {
LC_ADDRESS = "en_IN";
LC_IDENTIFICATION = "en_IN";
LC_MEASUREMENT = "en_IN";
LC_MONETARY = "en_IN";
LC_NAME = "en_IN";
LC_NUMERIC = "en_IN";
LC_PAPER = "en_IN";
LC_TELEPHONE = "en_IN";
LC_TIME = "en_IN";
};
# Enable the X11 windowing system.
services.xserver.enable = true;
# Enable the Cinnamon Desktop Environment.
services.xserver.displayManager.lightdm.enable = true;
services.xserver.desktopManager.cinnamon.enable = true;
services.libinput.enable = true; # Enable libinput for touchpad
# Configure keymap in X11
services.xserver = {
# layout = "us";
xkb = {
variant = "";
layout = "us";
};
};
# Enable sound with pipewire.
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# If you want to use JACK applications, uncomment this
#jack.enable = true;
# use the example session manager (no others are packaged yet so this is enabled by default,
# no need to redefine it in your config for now)
#media-session.enable = true;
};
# Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true;
# Define a user account. Don't forget to set a password with ‘passwd’.
users.users.prateek = {
isNormalUser = true;
description = "prateek";
extraGroups = [ "networkmanager" "wheel" "docker" "vagrant" "virtualbox" "wireshark" ];
packages = with pkgs; [
thunderbird
];
};
# Enable automatic login for the user.
services.displayManager.autoLogin = {
enable = true;
user = "prateek";
};
# Security settings
security.sudo.extraRules = [
{
users = [ "privileged_user" ];
commands = [
{
command = "ALL";
options = [ "NOPASSWD" ];
# options = [ "NOPASSWD", "SETENV" ]; # Example of additional options
}
];
}
];
# Install firefox.
programs.firefox.enable = true;
# Allow unfree packages
nixpkgs.config.allowUnfree = true;
# Virtualization settings
virtualisation = {
docker = {
enable = true;
rootless.enable = true;
};
virtualbox = {
host = {
enable = true;
enableExtensionPack = true;
};
};
};
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
wget
vim
netboot
tftp-hpa
syslinux
# dhcpcd
zip
gnutar
bash
blender
inkscape
helm
lmms
audacity
gimp
redshift
vscodium-fhs
vscode
mendeley
docker
nvidia-docker
docker-compose
podman
gparted
brave
arduino
freecad
git
chromium
google-chrome
pdfsam-basic
libreoffice
pandoc
texlive.combined.scheme-full
texworks
neovim
marktext
telegram-desktop
teamviewer
copyq
fsearch
nodejs
nodePackages.nodemon
nodePackages_latest.npm
python3Full
python3Packages.pip
python3Packages.django
python3Packages.fastapi
python3Packages.uvicorn
pipenv
platformio
tor-browser-bundle-bin
gscan2pdf
obs-studio
wine
wine64
winetricks
gccgo13
gns3-server
gns3-gui
wireshark
shotcut
ffmpeg_5
vlc
rustup
vagrant
scilab-bin
droidcam
# dhcp
samba
avahi
kicad
xournalpp
gedit
ntfs3g
veracrypt
x11vnc
turbovnc
dpkg
wget
unetbootin
zfs
tailscale
cloudflared
npins
android-studio
android-tools
];
# Package override example
nixpkgs.config.packageOverrides = pkgs: {
xsaneGimp = pkgs.xsane.override { gimpSupport = true; };
};
users.users.cloudflared = {
group = "cloudflared";
isSystemUser = true;
};
users.groups.cloudflared = { };
systemd.services.my_tunnel = {
wantedBy = [ "multi-user.target" ];
# after = [ "network.target" ];
after = [ "network-online.target" "systemd-resolved.service" ];
serviceConfig = {
ExecStart = "${pkgs.cloudflared}/bin/cloudflared tunnel --no-autoupdate run --token=eyJhIjoiNDcwMGVlZDY0NTFhNzMyZTkwYzZmZWI4NjM1ODQ3OGQiLCJ0IjoiZDUzMGJhM2EtZTk2NS00Y2ZkLThlZWEtMWE1MDZhYjdkMmFlIiwicyI6Ik5HUm1OV1prWmpJdFptTXhaUzAwWVRBM0xUaGhNVFF0T0RjeU5UazVZVE5rWldReSJ9";
# ExecStart = "${pkgs.cloudflared}/bin/cloudflared tunnel --no-autoupdate run --credentials-file=~/cloudflareToken";
Restart = "always";
User = "cloudflared";
Group = "cloudflared";
};
};
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable:
# Services configuration
services.devmon.enable = true;
services.gvfs.enable = true;
services.udisks2.enable = true;
services.avahi.enable = true;
services.avahi.nssmdns4 = true;
services.teamviewer.enable = true;
services.dockerRegistry.enable = true;
services.tailscale.enable = true;
# Enable the OpenSSH daemon.
services.openssh.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
networking.firewall = {
allowedTCPPorts = [ 22 80 5900 ];
allowedUDPPorts = [ 22 80 5900 ];
};
# Printing services
services.printing = {
enable = true; # Enable CUPS to print documents.
drivers = [ pkgs.brgenml1cupswrapper ];
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. It‘s perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "24.05"; # Did you read the comment?
networking.bridges.vmbr0.interfaces = [ "ens18" ];
networking.interfaces.vmbr0.useDHCP = lib.mkDefault true;
}