{ config, pkgs, inputs, ... }: { # Imports imports = [ ./hardware-configuration.nix inputs.home-manager.nixosModules.default ]; # Bootloader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; # Modules boot.blacklistedKernelModules = [ "rtl8xxxu" "iwlwifi"]; boot.extraModulePackages = with config.boot.kernelPackages; [ rtl8192eu ]; # Set the hostname networking.hostName = "nixos"; # Enable flakes nix.settings.experimental-features = [ "nix-command" "flakes" ]; # Allow unfree packages nixpkgs.config.allowUnfree = true; # Disable hibernation, sleep and other friends systemd.targets = { sleep = { enable = false; unitConfig.DefaultDependencies = "no"; }; suspend = { enable = false; unitConfig.DefaultDependencies = "no"; }; hibernate = { enable = false; unitConfig.DefaultDependencies = "no"; }; "hybrid-sleep" = { enable = false; unitConfig.DefaultDependencies = "no"; }; }; # Enable networking networking.networkmanager.enable = true; # Set your time zone. time.timeZone = "Europe/Zagreb"; # Set iwd as wifi backend networking.wireless.iwd.enable = true; networking.networkmanager.wifi.backend = "iwd"; networking.networkmanager.wifi.powersave = false; ### --- Enabling DNS Over HTTPS --- ### # make network manager not set a default dns networking.networkmanager.dns = "none"; # set dns to local nameservers networking.nameservers = [ "127.0.0.1" "::1" ]; # Dnscrypt for dns over https services.dnscrypt-proxy2 = { enable = true; settings = { ipv6_servers = true; require_dnssec = true; sources.public-resolvers = { urls = [ "https://raw.githubusercontent.com/DNSCrypt/dnscrypt-resolvers/master/v3/public-resolvers.md" "https://download.dnscrypt.info/resolvers-list/v3/public-resolvers.md" ]; cache_file = "/var/lib/dnscrypt-proxy2/public-resolvers.md"; minisign_key = "RWQf6LRCGA9i53mlYecO4IzT51TGPpvWucNSCh1CBM0QTaLn73Y7GFO3"; }; # use mullvad dns server server_names = [ "mullvad-base-doh" ]; }; }; # Select internationalisation properties. i18n.defaultLocale = "en_US.UTF-8"; i18n.extraLocaleSettings = { LC_ADDRESS = "hr_HR.UTF-8"; LC_IDENTIFICATION = "hr_HR.UTF-8"; LC_MEASUREMENT = "hr_HR.UTF-8"; LC_MONETARY = "hr_HR.UTF-8"; LC_NAME = "hr_HR.UTF-8"; LC_NUMERIC = "hr_HR.UTF-8"; LC_PAPER = "hr_HR.UTF-8"; LC_TELEPHONE = "hr_HR.UTF-8"; LC_TIME = "hr_HR.UTF-8"; }; # Enable the X11 windowing system. services.xserver.enable = true; # Configure keymap in X11 services.xserver.xkb = { layout = "us"; variant = ""; options = "caps:escape"; }; # Enable touchpad support services.xserver.libinput.enable = true; # Enable the KDE Plasma Desktop Environment. services.xserver.displayManager.sddm = { enable = true; theme = "catppuccin-sddm-corners"; # Fix keyboard showing up unnecesarilly settings = { General = { InputMethod=""; }; }; }; services.xserver.desktopManager.plasma5.enable = true; environment.plasma5.excludePackages = with pkgs.libsForQt5; [ plasma-browser-integration konsole oxygen ]; # Enable CUPS to print documents. services.printing.enable = false; # Enable gvfs services.gvfs.enable = true; # Enable sound with pipewire. sound.enable = true; hardware.pulseaudio.enable = false; security.rtkit.enable = true; services.pipewire = { enable = true; alsa.enable = true; alsa.support32Bit = true; pulse.enable = true; }; # Enable OpenGL hardware.opengl = { enable = true; driSupport = true; driSupport32Bit = true; }; # Nvidia settings hardware.nvidia = { # Modesetting is required. modesetting.enable = true; # Nvidia power management. Experimental, and can cause sleep/suspend to fail. powerManagement.enable = true; # Nvidia fine grainder power management, super experimental. powerManagement.finegrained = false; open = false; # Enable the Nvidia settings menu, nvidiaSettings = true; # Optionally, you may need to select the appropriate driver version for your specific GPU. package = config.boot.kernelPackages.nvidiaPackages.stable; }; # Nvidia prime settings hardware.nvidia.prime = { reverseSync.enable = true; intelBusId = "PCI:5:0:0"; nvidiaBusId = "PCI:1:0:0"; }; # Enable bluetooth hardware.bluetooth.enable = true; # Open Tablet Driver setup hardware.opentabletdriver.enable = true; # Load nvidia driver for Xorg and Wayland services.xserver.videoDrivers = [ "nvidia" ]; # Steam settings programs.steam = { enable = true; remotePlay.openFirewall = true; dedicatedServer.openFirewall = true; }; # List packages installed in system profile. environment.systemPackages = with pkgs; [ neovim usbutils pciutils lshw vulkan-tools restic rsync git jq wireguard-tools unzip gamemode ipafont ryzenadj (catppuccin-kde.override { winDecStyles = ["classic" "modern"] ;}) catppuccin-gtk catppuccin-cursors.frappeRosewater catppuccin-sddm-corners (catppuccin-papirus-folders.override { flavor = "frappe"; accent = "pink"; }) ]; # Wireguard settings networking.firewall = { # if packets are still dropped, they will show up in dmesg logReversePathDrops = true; # wireguard trips rpfilter up extraCommands = '' ip46tables -t mangle -I nixos-fw-rpfilter -p udp -m udp --sport 51820 -j RETURN ip46tables -t mangle -I nixos-fw-rpfilter -p udp -m udp --dport 51820 -j RETURN ''; extraStopCommands = '' ip46tables -t mangle -D nixos-fw-rpfilter -p udp -m udp --sport 51820 -j RETURN || true ip46tables -t mangle -D nixos-fw-rpfilter -p udp -m udp --dport 51820 -j RETURN || true ''; }; # Enable fstrim services.fstrim.enable = true; # Enable ratbagd for mice configuration services.ratbagd.enable = true; # Setup syncthing services = { syncthing = { enable = true; user = "crony"; dataDir = "/home/crony/.local/sync"; configDir = "/home/crony/.config/syncthing"; }; }; # Setting up zsh programs.zsh.enable = true; # For the completion plugin environment.pathsToLink = [ "/share/zsh" ]; # Defining my user users.users.crony = { isNormalUser = true; description = "Crony"; extraGroups = [ "networkmanager" "wheel" ]; packages = with pkgs; [ (retroarch.override { cores = with libretro; [ snes9x ]; }) ]; shell = pkgs.zsh; }; # Enable home manager for my user home-manager = { useGlobalPkgs = true; extraSpecialArgs = {inherit inputs;}; users = { "crony" = import ./home.nix; }; }; # Allow appimages to run manually boot.binfmt.registrations.appimage = { wrapInterpreterInShell = false; interpreter = "${pkgs.appimage-run}/bin/appimage-run"; recognitionType = "magic"; offset = 0; mask = ''\xff\xff\xff\xff\x00\x00\x00\x00\xff\xff\xff''; magicOrExtension = ''\x7fELF....AI\x02''; }; # Automatic cleanup and optimization nix.optimise.automatic = true; nix.gc = { automatic = true; dates = "weekly"; options = "--delete-older-than 15d"; }; # Set power settings for my laptop cpu systemd.services.ryzenadj = { enable = true; description = "Set my ryzen cpu power."; serviceConfig = { Type = "oneshot"; ExecStart = toString ( pkgs.writeShellScript "ryzenadj-setup" '' ${pkgs.ryzenadj}/bin/ryzenadj --stapm-limit 35000 --fast-limit 35000 --slow-limit 35000 --slow-time 60 --stapm-time 1000 --tctl-temp 75 --vrmmax-current 65000 ''); }; wantedBy = ["default.target"]; }; # DO NOT CHANGE system.stateVersion = "23.11"; }