1 files changed, 205 insertions, 0 deletions
diff --git a/host/AspireTC705/configuration.nix b/host/AspireTC705/configuration.nix
new file mode 100644
index 0000000..06296a3
--- /dev/null
+++ b/host/AspireTC705/configuration.nix
@@ -0,0 +1,205 @@
+args@{
+ config,
+ pkgs,
+ lib,
+ nhekoSrc,
+ mtxclientSrc,
+ ...
+}:
+
+{
+ imports = [
+ # base imports
+ ../../modules/base-client.nix
+ ../../packages/vim.nix
+ ../../modules/users/geba.nix
+ ../../modules/software-templates/eid-mw.nix
+
+ ./printing.nix
+ ];
+
+ boot = {
+ kernelPackages = pkgs.linuxPackages_latest;
+ loader = {
+ grub = {
+ configurationLimit = 10;
+ enable = true;
+ device = "nodev"; # nodev for EFI only
+ # EFI
+ efiSupport = true;
+ efiInstallAsRemovable = true;
+ };
+ };
+ };
+ programs.noisetorch.enable = true;
+ programs.gamemode.enable = true;
+ users.users.geba.extraGroups = [ "gamemode" ];
+
+ environment.sessionVariables = {
+ ZSH_DISABLE_COMPFIX = "true";
+ };
+
+ networking = {
+ hostName = "AspireTC705";
+ networkmanager.enable = true;
+ wireless.enable = true;
+ firewall = {
+ enable = false;
+ # allowedTCPPorts = [ ... ];
+ # allowedUDPPorts = [ ... ];
+ };
+
+ #useDHCP = true; # Doesn't work with NetworkManager, investigate
+ };
+
+ time.timeZone = "Europe/Brussels";
+ i18n.defaultLocale = "en_US.UTF-8";
+
+ services = {
+ displayManager.gdm.enable = true;
+ xserver = {
+ displayManager.lightdm.enable = false;
+ enable = true;
+ updateDbusEnvironment = true;
+ xkb.layout = "us";
+ };
+ libinput.enable = true;
+
+ openssh = {
+ enable = true;
+ extraConfig = ''
+ MaxAuthTries 32
+ '';
+ settings.PermitRootLogin = "yes";
+ };
+ pipewire = {
+ enable = true;
+ audio.enable = true;
+ pulse.enable = true;
+ wireplumber.enable = true;
+ jack.enable = true;
+ alsa.enable = true;
+ };
+
+ desktopManager.plasma6.enable = true;
+ };
+
+ services.desktopManager.gnome.enable = false;
+ environment.systemPackages = with pkgs; [
+ anydesk
+ eog
+ libreoffice
+ qt6.qtwayland
+
+ easyeffects
+ kitty
+ vscode
+
+ # - Utilities
+ #inkscape-with-extensions
+ gimp
+
+ # - Languages
+ steam-run
+ file-roller
+
+ google-chrome
+ unrar-wrapper
+ keepassxc
+ thunderbird
+
+ blueman
+ # Wrapper script to tell to Chrome/Chromium to use p11-kit-proxy to load
+ # security devices, so they can be used for TLS client auth.
+ # Each user needs to run this themselves, it does not work on a system level
+ # due to a bug in Chromium:
+ #
+ # https://bugs.chromium.org/p/chromium/issues/detail?id=16387
+ (pkgs.writeShellScriptBin "setup-browser-eid" ''
+ NSSDB="''${HOME}/.pki/nssdb"
+ mkdir -p ''${NSSDB}
+
+ ${pkgs.nssTools}/bin/modutil -force -dbdir sql:$NSSDB -add p11-kit-proxy \
+ -libfile ${pkgs.p11-kit}/lib/p11-kit-proxy.so
+ '')
+ ];
+
+ programs.steam = {
+ enable = false;
+ gamescopeSession.enable = false;
+ extraCompatPackages = with pkgs; [
+ steam-play-none
+ proton-ge-bin
+ ];
+ };
+ virtualisation.waydroid.enable = false;
+
+ xdg = {
+ portal = {
+ enable = true;
+ extraPortals = with pkgs; [
+ #xdg-desktop-portal-gtk
+ xdg-desktop-portal-xapp
+ # (callPackage ../../modules/packages/xdg-desktop-portal-gtk.nix { })
+ ];
+ config = {
+ common = {
+ default = [ "gtk" ];
+ };
+ };
+ xdgOpenUsePortal = true;
+ };
+ #sounds.enable = true;
+ #mime.enable = true;
+ #menus.enable = true;
+ #icons.enable = true;
+ #autostart.enable = true;
+ };
+
+ nixpkgs = {
+ config = {
+ allowUnfree = true;
+ permittedInsecurePackages = [
+ "electron-25.9.0"
+ "olm-3.2.16"
+ "dotnet-sdk-wrapped-7.0.410"
+ "dotnet-sdk-7.0.410"
+ ];
+ };
+ };
+ security = {
+ polkit.enable = true;
+ sudo.wheelNeedsPassword = false;
+ };
+
+ hardware = {
+ pulseaudio.enable = false;
+ };
+
+ programs.dconf.enable = true;
+ services.power-profiles-daemon.enable = true;
+
+
+ services.gvfs.enable = true;
+ zramSwap = {
+ enable = true;
+ memoryPercent = 300;
+ };
+ services.pcscd.enable = true;
+
+ virtualisation.vmVariant = {
+ users = {
+ mutableUsers = false;
+ users.Rory.password = "password";
+ };
+ networking.interfaces.enp34s0 = lib.mkForce { };
+ };
+
+ system.stateVersion = "24.11"; # DO NOT EDIT!
+ system.activationScripts.web-eid-app = {
+ text = ''
+ mkdir -p /usr/lib/x86_64-linux-gnu
+ ln -sf ${pkgs.eid-mw}/lib/pkcs11/beidpkcs11.so /usr/lib/x86_64-linux-gnu/libbeidpkcs11.so.0
+ '';
+};
+}
|
