summary refs log tree commit diff
diff options
context:
space:
mode:
authorTheArcaneBrony <myrainbowdash949@gmail.com>2023-09-20 13:10:30 +0200
committerTheArcaneBrony <myrainbowdash949@gmail.com>2023-09-20 13:19:25 +0200
commit2047d59bb24262966adaec04669c4604453f9d79 (patch)
treeccebf7271572789b170dd1dabe6c4d0c414a96cf
parentChanges (diff)
downloadRory-Open-Architecture-2047d59bb24262966adaec04669c4604453f9d79.tar.xz
Add changes in preparation of setting up desktop
-rw-r--r--host/Rory-desktop/configuration.nix174
-rwxr-xr-xmodules/base.nix29
2 files changed, 203 insertions, 0 deletions
diff --git a/host/Rory-desktop/configuration.nix b/host/Rory-desktop/configuration.nix
new file mode 100644
index 0000000..ae30435
--- /dev/null
+++ b/host/Rory-desktop/configuration.nix
@@ -0,0 +1,174 @@
+{ config, pkgs, lib, ... }:
+
+{
+  imports =
+    [
+      ../../modules/base-client.nix
+      ../../modules/packages/vim.nix
+      ../../modules/environments/home.nix
+    ];
+
+    boot = {
+      kernelPackages = pkgs.linuxPackages_latest;
+      loader = {
+        grub = {
+          enable = true;
+          device = "nodev"; # nodev for EFI only
+          # EFI
+          efiSupport = true;
+          efiInstallAsRemovable = true;
+        };
+    };
+    #readOnlyNixStore = false;
+  };
+
+  networking = {
+    hostName = "Rory-desktop";
+    networkmanager.enable = true;
+    wireless.enable = false;
+    firewall = {
+      enable = false;
+      # allowedTCPPorts = [ ... ];
+      # allowedUDPPorts = [ ... ];
+    };
+
+    interfaces.enp34s0.ipv4.addresses = [ { 
+      address = "192.168.0.3";
+      prefixLength = 24;
+    } ];
+
+    useDHCP = true;
+  };
+
+  time.timeZone = "Europe/Brussels";
+  i18n.defaultLocale = "en_US.UTF-8";
+
+  services = {
+    xserver = {
+      enable = true;
+      videoDrivers = [ "intel" ];
+      desktopManager.gnome.enable = true;
+      libinput.enable = true;
+      layout = "us";
+      modules = [ pkgs.xorg.xf86videointel ];
+    };
+    gnome = {
+      core-developer-tools.enable = false;
+      core-utilities.enable = false;
+      tracker-miners.enable = false;
+      tracker.enable = false;
+      sushi.enable = false;
+      rygel.enable = false;
+      gnome-user-share.enable = false;
+      gnome-remote-desktop.enable = false;
+      gnome-online-miners.enable = lib.mkForce false;
+      gnome-online-accounts.enable = false;
+      gnome-initial-setup.enable = false;
+      gnome-browser-connector.enable = false;
+      games.enable = false;
+      evolution-data-server.enable = lib.mkForce false;
+      at-spi2-core.enable = lib.mkForce false;
+    };
+    printing.enable = false;
+    openssh = {
+      enable = true;
+      extraConfig = ''
+        MaxAuthTries 32
+        '';
+    };	
+    pipewire = {
+      enable = true;
+      audio.enable = true;
+      pulse.enable = true;
+      wireplumber.enable = true;
+      jack.enable = true;
+      alsa.enable = true;
+    };
+  };
+
+
+  sound.enable = true;
+  hardware.pulseaudio.enable = false;
+
+  users.users = {
+    Rory = {
+      isNormalUser = true;
+      extraGroups = [ "wheel" ];
+      packages = with pkgs; [
+        #gimp-with-plugins
+
+        #xterm
+        gnomeExtensions.vitals
+        gnomeExtensions.runcat
+      ];
+      initialPassword = "password";
+    };
+  };
+
+  environment.systemPackages = with pkgs; [
+    wget
+    neofetch
+    lnav
+    pciutils
+    git
+    lsd
+    duf
+    htop
+    btop
+    udisks
+    gparted
+    kitty.terminfo
+    glxinfo
+    jq
+    yq
+    pv
+    dig
+    cloud-utils
+    sshfs
+    cinnamon.nemo
+    firefox-bin
+
+    #epiphany
+    gnome-console
+    feh
+    # Various extensions...
+    # - Gnome
+    #gnomeExtensions.vitals
+    #gnomeExtensions.runcat
+    #  - Dont work on gnome 43:
+    #gnomeExtensions.undecorate
+    #gnomeExtensions.inactivity
+    #gnomeExtensions.left-clock
+    # - Vim
+    vimPlugins.vim-nix
+    # - zsh
+    zsh
+    zsh-powerlevel10k
+    zsh-nix-shell
+    zsh-you-should-use
+    zsh-syntax-highlighting
+    zsh-completions
+    
+  ];
+  fonts.fonts = with pkgs; [
+    (nerdfonts.override { fonts = [ "JetBrainsMono" ]; })
+  ];
+  nix = {
+    settings = {
+      experimental-features = [ "nix-command" "flakes" ];
+      auto-optimise-store = true;
+    };
+  };
+  nixpkgs = {
+    config.allowUnfree = true;
+  };
+  security = {
+    polkit.enable = true;
+    sudo.wheelNeedsPassword = false;
+  };
+
+
+  
+  system.stateVersion = "22.11"; # DO NOT EDIT!
+}
+
diff --git a/modules/base.nix b/modules/base.nix
index 7124b54..bc0f3b7 100755
--- a/modules/base.nix
+++ b/modules/base.nix
@@ -14,6 +14,34 @@
       "memhp_default_state=online"
       "net.core.default_qdisc=fq"
       "net.ipv4.tcp_congestion_control=bbr"
+      "mitigations=off"
+      "audit=0"
+      "consoleblank=0"
+      "kmemcheck=0"
+      "no_console_suspend"
+      "kernel.core_pattern=/dev/null"
+      "init_on_alloc=0"
+      "kernel.sysrq=1"
+      "kernel.dmesg_restrict=0"
+      "net.ipv4.ip_forward=1"
+      "vm.swappiness=10"
+      "net.core.netdev_max_backlog=16384"
+      "net.core.somaxconn=8192"
+      "net.core.rmem_default=1048576"
+      "net.core.rmem_max=16777216"
+      "net.core.wmem_default=1048576"
+      "net.core.wmem_max=16777216"
+      "net.core.optmem_max=65536"
+      "net.ipv4.tcp_rmem=4096 1048576 2097152"
+      "net.ipv4.tcp_wmem=4096 65536 16777216"
+      "net.ipv4.udp_rmem_min=4096"
+      "net.ipv4.udp_wmem_min=4096"
+      "net.ipv4.tcp_fastopen=3"
+      "net.ipv4.tcp_mtu_probing=1"
+      "net.ipv4.tcp_keepalive_time=30"
+      "net.ipv4.tcp_keepalive_intvl=15"
+      "net.ipv4.tcp_keepalive_probes=4"
+      "net.ipv4.tcp_timestamps=0"
     ];
   };
 
@@ -24,6 +52,7 @@
       # allowedTCPPorts = [ ... ];
       # allowedUDPPorts = [ ... ];
     };
+    nameservers =  [ "1.1.1.1" "1.0.0.1" "8.8.8.8" "8.4.4.8" ];
   };
 
   i18n.defaultLocale = "en_US.UTF-8";