blob: 2fda8b9293865d1e8369f3f7f3174191dc70c196 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
|
{ pkgs, ... }:
{
# Bootloader.
boot.loader = {
efi = {
canTouchEfiVariables = true;
efiSysMountPoint = "/boot"; # ← use the same mount point here.
};
grub = {
efiSupport = true;
device = "nodev";
useOSProber = true;
theme = "${pkgs.fetchFromGitHub { # blue screen of life grub theme
owner = "scouckel";
repo = "bsol";
rev = "a8eedad9e7163dce230ca7886be8e1b4ef81da99";
sha256 = "sha256-P2q73uM1Ysn1a+0mOGOvee/Q1WAYRGQvfanrasx/8r8";
}}/bsol";
};
};
boot.kernelPackages = pkgs.linuxPackages_latest;
# amd gpu config
hardware.graphics = {
enable = true;
enable32Bit = true;
};
hardware.firmware = with pkgs; [
linux-firmware
];
# networking
system.name = "system";
networking.hostName = "system";
networking.networkmanager = {
enable = true;
plugins = with pkgs; [
networkmanager-openvpn
];
};
networking.nameservers = [ "1.1.1.1" "9.9.9.9" ];
# localization
time.timeZone = "Etc/UTC";
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "en_US.UTF-8";
LC_IDENTIFICATION = "en_US.UTF-8";
LC_MEASUREMENT = "en_US.UTF-8";
LC_MONETARY = "en_US.UTF-8";
LC_NAME = "en_US.UTF-8";
LC_NUMERIC = "en_US.UTF-8";
LC_PAPER = "en_US.UTF-8";
LC_TELEPHONE = "en_US.UTF-8";
LC_TIME = "en_US.UTF-8";
};
services.xserver.xkb = {
layout = "us";
variant = "";
};
users.users.user = {
isNormalUser = true;
description = "user";
extraGroups = [ "networkmanager" "wheel" "nordvpn" ];
};
nixpkgs.config.allowUnfree = true;
nix.settings = {
experimental-features = [ "nix-command" "flakes" ];
auto-optimise-store = true;
};
environment.pathsToLink = [ "/share/xdg-desktop-portal" "/share/applications" ];
gaming.enable = true;
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
security.polkit.enable = true;
services.playerctld.enable = true;
services.openssh = {
enable = true;
settings.PermitRootLogin = "no";
# PasswordAuthentication = true;
# allowSFTP = true;
};
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
system.stateVersion = "25.05";
}
|
