delta/dotfiles
1
0
Fork 0
mirror of https://github.com/deltathetawastaken/dotfiles.git synced 2025-12-06 07:16:37 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity
dotfiles/hosts/dlaptop/system.nix
Your Name de61a1c165 flake upd + TLP + vscode
2024-03-31 14:33:38 +03:00

177 lines
4.5 KiB
Nix
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ pkgs, lib, inputs, self, homeSettings, ... }:
{
imports = [
./hardware.nix
./services.nix
./xorg.nix
"${self}/apps/apps.nix"
"${self}/apps/socks.nix"
"${self}/apps/scripts.nix"
"${self}/apps/work.nix"
inputs.secrets.nixosModules.dlaptop
inputs.home-manager.nixosModules.home-manager homeSettings
];
time.timeZone = "Europe/Moscow";
i18n.defaultLocale = "en_GB.UTF-8";
networking = {
hostName = "dlaptop";
nameservers = [ "100.92.15.128" "fd7a:115c:a1e0::b21c:f80" ];
networkmanager.dns = "none";
networkmanager.enable = true;
useDHCP = lib.mkDefault true;
interfaces.wlp1s0.proxyARP = true;
iproute2.enable = true;
firewall = {
enable = true;
allowedTCPPorts = [
# qbittorrent
4780
# audiorelay
59100
# localsend
53317
#syncthing
22000
];
allowedUDPPorts = [
# audiorelay
59100
59200
# localsend
53317
#syncthing
22000
21027
];
allowedTCPPortRanges = [ { from = 1714; to = 1764; } ]; # kde connect
allowedUDPPortRanges = [ { from = 1714; to = 1764; } ];
checkReversePath = "loose";
};
};
systemd.services.NetworkManager-wait-online.enable = false;
programs.captive-browser = {
browser = ''firejail --ignore="include whitelist-run-common.inc" --private --profile=chromium ${pkgs.bash}/bin/bash -c '${pkgs.coreutils}/bin/env XDG_CONFIG_HOME="$PREV_CONFIG_HOME" ${pkgs.chromium}/bin/chromium --user-data-dir=''${XDG_DATA_HOME:-$HOME/.local/share}/chromium-captive --proxy-server="socks5://$PROXY" --host-resolver-rules="MAP * ~NOTFOUND , EXCLUDE localhost" --no-first-run --new-window --incognito -no-default-browser-check http://cache.nixos.org/' '';
interface = "wlp1s0";
enable = true;
};
security = {
sudo.wheelNeedsPassword = false;
pam.loginLimits = [{ #needed for swaylock
domain = "@users";
item = "rtprio";
type = "-";
value = 1;
}];
pam.services.swaylock = { };
};
powerManagement.enable = true;
services.power-profiles-daemon.enable = false;
services.tlp = {
enable = true;
settings = {
CPU_SCALING_GOVERNOR_ON_AC = "powersave";
CPU_SCALING_GOVERNOR_ON_BAT = "powersave";
CPU_ENERGY_PERF_POLICY_ON_BAT = "power";
CPU_ENERGY_PERF_POLICY_ON_AC = "balance_performance";
CPU_SCALING_MAX_FREQ_ON_AC = 6600000;
CPU_SCALING_MAX_FREQ_ON_BAT = 1600000;
PLATFORM_PROFILE_ON_AC = "balanced";
PLATFORM_PROFILE_ON_BAT = "low-power";
#Trubo boost control
CPU_BOOST_ON_AC = 1;
CPU_BOOST_ON_BAT = 0;
CPU_HWP_DYN_BOOST_ON_AC = 1;
CPU_HWP_DYN_BOOST_ON_BAT = 0;
#GPU
RADEON_DPM_STATE_ON_AC = "performance";
RADEON_DPM_STATE_ON_BAT = "battery";
RADEON_DPM_PERF_LEVEL_ON_AC= "auto";
RADEON_DPM_PERF_LEVEL_ON_BAT= "low";
RESTORE_DEVICE_STATE_ON_STARTUP = 1;
DEVICES_TO_ENABLE_ON_STARTUP = "bluetooth wifi";
NMI_WATCHDOG = 0;
#Optional helps save long term battery health
#START_CHARGE_THRESH_BAT0 = 40; # 40 and bellow it starts to charge
#STOP_CHARGE_THRESH_BAT0 = 80; # 80 and above it stops charging
};
};
services.pipewire = {
enable = true;
wireplumber.enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
sound.enable = true;
hardware.pulseaudio.enable = false;
virtualisation = {
podman = {
enable = true;
dockerCompat = true;
};
spiceUSBRedirection.enable = true;
libvirtd.enable = true;
};
environment.systemPackages = with pkgs; [
openvpn
any-nix-shell
#work scripts
openconnect
oath-toolkit
expect
# Thunar stuff
ffmpegthumbnailer
webp-pixbuf-loader
freetype
poppler
f3d
nufraw-thumbnailer
android-tools
firefox
tor-browser
#inputs.anyrun.packages.${pkgs.system}.anyrun
sops
yubikey-manager-qt
yubico-piv-tool
yubioath-flutter
yubikey-personalization
yubikey-personalization-gui
age-plugin-yubikey
lua5_4
nodejs_21
rocmPackages.rocm-smi #gpu support in btop
];
system.stateVersion = "23.11"; # Don't forget the comment
}
Reference in a new issue View git blame Copy permalink