args@{ config, pkgs, lib, nhekoSrc, mtxclientSrc, ... }: { imports = [ # base imports ../../modules/base-client.nix ../../packages/vim.nix ../../modules/users/geba.nix ../../modules/software-templates/eid-mw.nix ./printing.nix ]; boot = { kernelPackages = pkgs.linuxPackages_latest; loader = { grub = { configurationLimit = 10; enable = true; device = "nodev"; # nodev for EFI only # EFI efiSupport = true; efiInstallAsRemovable = true; }; }; }; programs.noisetorch.enable = true; programs.gamemode.enable = true; users.users.geba.extraGroups = [ "gamemode" ]; environment.sessionVariables = { ZSH_DISABLE_COMPFIX = "true"; }; networking = { hostName = "AspireTC705"; networkmanager.enable = true; wireless.enable = true; firewall = { enable = false; # allowedTCPPorts = [ ... ]; # allowedUDPPorts = [ ... ]; }; #useDHCP = true; # Doesn't work with NetworkManager, investigate }; time.timeZone = "Europe/Brussels"; i18n.defaultLocale = "en_US.UTF-8"; services = { displayManager.gdm.enable = true; xserver = { displayManager.lightdm.enable = false; enable = true; updateDbusEnvironment = true; xkb.layout = "us"; }; libinput.enable = true; openssh = { enable = true; extraConfig = '' MaxAuthTries 32 ''; settings.PermitRootLogin = "yes"; }; pipewire = { enable = true; audio.enable = true; pulse.enable = true; wireplumber.enable = true; jack.enable = true; alsa.enable = true; }; desktopManager.plasma6.enable = true; }; services.desktopManager.gnome.enable = false; environment.systemPackages = with pkgs; [ anydesk eog libreoffice qt6.qtwayland easyeffects kitty vscode # - Utilities #inkscape-with-extensions gimp # - Languages steam-run file-roller google-chrome unrar-wrapper keepassxc thunderbird blueman # Wrapper script to tell to Chrome/Chromium to use p11-kit-proxy to load # security devices, so they can be used for TLS client auth. # Each user needs to run this themselves, it does not work on a system level # due to a bug in Chromium: # # https://bugs.chromium.org/p/chromium/issues/detail?id=16387 (pkgs.writeShellScriptBin "setup-browser-eid" '' NSSDB="''${HOME}/.pki/nssdb" mkdir -p ''${NSSDB} ${pkgs.nssTools}/bin/modutil -force -dbdir sql:$NSSDB -add p11-kit-proxy \ -libfile ${pkgs.p11-kit}/lib/p11-kit-proxy.so '') ]; programs.steam = { enable = false; gamescopeSession.enable = false; extraCompatPackages = with pkgs; [ steam-play-none proton-ge-bin ]; }; virtualisation.waydroid.enable = false; xdg = { portal = { enable = true; extraPortals = with pkgs; [ #xdg-desktop-portal-gtk xdg-desktop-portal-xapp # (callPackage ../../modules/packages/xdg-desktop-portal-gtk.nix { }) ]; config = { common = { default = [ "gtk" ]; }; }; xdgOpenUsePortal = true; }; #sounds.enable = true; #mime.enable = true; #menus.enable = true; #icons.enable = true; #autostart.enable = true; }; nixpkgs = { config = { allowUnfree = true; permittedInsecurePackages = [ "electron-25.9.0" "olm-3.2.16" "dotnet-sdk-wrapped-7.0.410" "dotnet-sdk-7.0.410" ]; }; }; security = { polkit.enable = true; sudo.wheelNeedsPassword = false; }; hardware = { pulseaudio.enable = false; }; programs.dconf.enable = true; services.power-profiles-daemon.enable = true; services.gvfs.enable = true; zramSwap = { enable = true; memoryPercent = 300; }; services.pcscd.enable = true; virtualisation.vmVariant = { users = { mutableUsers = false; users.Rory.password = "password"; }; networking.interfaces.enp34s0 = lib.mkForce { }; }; system.stateVersion = "24.11"; # DO NOT EDIT! system.activationScripts.web-eid-app = { text = '' mkdir -p /usr/lib/x86_64-linux-gnu ln -sf ${pkgs.eid-mw}/lib/pkcs11/beidpkcs11.so /usr/lib/x86_64-linux-gnu/libbeidpkcs11.so.0 ''; }; }