diff options
author | TheArcaneBrony <myrainbowdash949@gmail.com> | 2023-09-20 13:10:30 +0200 |
---|---|---|
committer | TheArcaneBrony <myrainbowdash949@gmail.com> | 2023-09-20 13:19:25 +0200 |
commit | 2047d59bb24262966adaec04669c4604453f9d79 (patch) | |
tree | ccebf7271572789b170dd1dabe6c4d0c414a96cf | |
parent | Changes (diff) | |
download | Rory-Open-Architecture-2047d59bb24262966adaec04669c4604453f9d79.tar.xz |
Add changes in preparation of setting up desktop
-rw-r--r-- | host/Rory-desktop/configuration.nix | 174 | ||||
-rwxr-xr-x | modules/base.nix | 29 |
2 files changed, 203 insertions, 0 deletions
diff --git a/host/Rory-desktop/configuration.nix b/host/Rory-desktop/configuration.nix new file mode 100644 index 0000000..ae30435 --- /dev/null +++ b/host/Rory-desktop/configuration.nix @@ -0,0 +1,174 @@ +{ config, pkgs, lib, ... }: + +{ + imports = + [ + ../../modules/base-client.nix + ../../modules/packages/vim.nix + ../../modules/environments/home.nix + ]; + + boot = { + kernelPackages = pkgs.linuxPackages_latest; + loader = { + grub = { + enable = true; + device = "nodev"; # nodev for EFI only + # EFI + efiSupport = true; + efiInstallAsRemovable = true; + }; + }; + #readOnlyNixStore = false; + }; + + networking = { + hostName = "Rory-desktop"; + networkmanager.enable = true; + wireless.enable = false; + firewall = { + enable = false; + # allowedTCPPorts = [ ... ]; + # allowedUDPPorts = [ ... ]; + }; + + interfaces.enp34s0.ipv4.addresses = [ { + address = "192.168.0.3"; + prefixLength = 24; + } ]; + + useDHCP = true; + }; + + time.timeZone = "Europe/Brussels"; + i18n.defaultLocale = "en_US.UTF-8"; + + services = { + xserver = { + enable = true; + videoDrivers = [ "intel" ]; + desktopManager.gnome.enable = true; + libinput.enable = true; + layout = "us"; + modules = [ pkgs.xorg.xf86videointel ]; + }; + gnome = { + core-developer-tools.enable = false; + core-utilities.enable = false; + tracker-miners.enable = false; + tracker.enable = false; + sushi.enable = false; + rygel.enable = false; + gnome-user-share.enable = false; + gnome-remote-desktop.enable = false; + gnome-online-miners.enable = lib.mkForce false; + gnome-online-accounts.enable = false; + gnome-initial-setup.enable = false; + gnome-browser-connector.enable = false; + games.enable = false; + evolution-data-server.enable = lib.mkForce false; + at-spi2-core.enable = lib.mkForce false; + }; + printing.enable = false; + openssh = { + enable = true; + extraConfig = '' + MaxAuthTries 32 + ''; + }; + pipewire = { + enable = true; + audio.enable = true; + pulse.enable = true; + wireplumber.enable = true; + jack.enable = true; + alsa.enable = true; + }; + }; + + + sound.enable = true; + hardware.pulseaudio.enable = false; + + users.users = { + Rory = { + isNormalUser = true; + extraGroups = [ "wheel" ]; + packages = with pkgs; [ + #gimp-with-plugins + + #xterm + gnomeExtensions.vitals + gnomeExtensions.runcat + ]; + initialPassword = "password"; + }; + }; + + environment.systemPackages = with pkgs; [ + wget + neofetch + lnav + pciutils + git + lsd + duf + htop + btop + udisks + gparted + kitty.terminfo + glxinfo + jq + yq + pv + dig + cloud-utils + sshfs + cinnamon.nemo + firefox-bin + + #epiphany + gnome-console + feh + # Various extensions... + # - Gnome + #gnomeExtensions.vitals + #gnomeExtensions.runcat + # - Dont work on gnome 43: + #gnomeExtensions.undecorate + #gnomeExtensions.inactivity + #gnomeExtensions.left-clock + # - Vim + vimPlugins.vim-nix + # - zsh + zsh + zsh-powerlevel10k + zsh-nix-shell + zsh-you-should-use + zsh-syntax-highlighting + zsh-completions + + ]; + fonts.fonts = with pkgs; [ + (nerdfonts.override { fonts = [ "JetBrainsMono" ]; }) + ]; + nix = { + settings = { + experimental-features = [ "nix-command" "flakes" ]; + auto-optimise-store = true; + }; + }; + nixpkgs = { + config.allowUnfree = true; + }; + security = { + polkit.enable = true; + sudo.wheelNeedsPassword = false; + }; + + + + system.stateVersion = "22.11"; # DO NOT EDIT! +} + diff --git a/modules/base.nix b/modules/base.nix index 7124b54..bc0f3b7 100755 --- a/modules/base.nix +++ b/modules/base.nix @@ -14,6 +14,34 @@ "memhp_default_state=online" "net.core.default_qdisc=fq" "net.ipv4.tcp_congestion_control=bbr" + "mitigations=off" + "audit=0" + "consoleblank=0" + "kmemcheck=0" + "no_console_suspend" + "kernel.core_pattern=/dev/null" + "init_on_alloc=0" + "kernel.sysrq=1" + "kernel.dmesg_restrict=0" + "net.ipv4.ip_forward=1" + "vm.swappiness=10" + "net.core.netdev_max_backlog=16384" + "net.core.somaxconn=8192" + "net.core.rmem_default=1048576" + "net.core.rmem_max=16777216" + "net.core.wmem_default=1048576" + "net.core.wmem_max=16777216" + "net.core.optmem_max=65536" + "net.ipv4.tcp_rmem=4096 1048576 2097152" + "net.ipv4.tcp_wmem=4096 65536 16777216" + "net.ipv4.udp_rmem_min=4096" + "net.ipv4.udp_wmem_min=4096" + "net.ipv4.tcp_fastopen=3" + "net.ipv4.tcp_mtu_probing=1" + "net.ipv4.tcp_keepalive_time=30" + "net.ipv4.tcp_keepalive_intvl=15" + "net.ipv4.tcp_keepalive_probes=4" + "net.ipv4.tcp_timestamps=0" ]; }; @@ -24,6 +52,7 @@ # allowedTCPPorts = [ ... ]; # allowedUDPPorts = [ ... ]; }; + nameservers = [ "1.1.1.1" "1.0.0.1" "8.8.8.8" "8.4.4.8" ]; }; i18n.defaultLocale = "en_US.UTF-8"; |