{ config, pkgs, lib, inputs, config', ... }: { nixpkgs = { config = { permittedInsecurePackages = [ "python-2.7.18.6" ]; allowUnfree = true; }; overlays = [ inputs.nur.overlay inputs.neovim-nightly-overlay.overlay ]; }; boot = { loader = { systemd-boot = { enable = true; memtest86.enable = true; }; efi.canTouchEfiVariables = true; }; #kernelPackages = pkgs.linuxPackages_xanmod_latest; kernelPackages = pkgs.linuxPackages_zen; extraModulePackages = with config.boot.kernelPackages; [ ( ddcci-driver.overrideAttrs (o: { #patches = (o.patches or [ ]) ++ [ # ./ddcci_semaphore_fix.patch #]; }) ) ]; kernelModules = [ "ddcci" ]; initrd.kernelModules = [ "amdgpu" ]; kernelParams = [ "video=eDP-1:2560x1440@165" "video=HDMI-A-1:2560x1440@144" ]; }; documentation = { enable = true; dev.enable = true; doc.enable = true; info.enable = true; man = { enable = true; generateCaches = true; man-db.enable = false; mandoc.enable = true; }; nixos = { includeAllModules = true; }; }; networking = { hostName = config'.hostname; networkmanager.enable = true; firewall.checkReversePath = "loose"; }; # don't wait for network to boot faster # https://old.reddit.com/r/NixOS/comments/vdz86j/how_to_remove_boot_dependency_on_network_for_a systemd = { targets.network-online.wantedBy = lib.mkForce []; # default is [ "multi-user.target" ] services.NetworkManager-wait-online.wantedBy = lib.mkForce []; # default is [ "network-online.target" ] }; systemd.oomd = { enable = true; enableUserServices = true; }; time.timeZone = "Europe/Warsaw"; nix = { settings = { experimental-features = [ "flakes" "nix-command" ]; substituters = [ "https://hyprland.cachix.org" "https://nix-gaming.cachix.org" "https://anyrun.cachix.org" "https://nix-community.cachix.org" "https://nixpkgs-wayland.cachix.org" "https://helix.cachix.org" "https://viperml.cachix.org" ]; trusted-public-keys = [ "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" "nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4=" "anyrun.cachix.org-1:pqBobmOjI7nKlsUMV25u9QHa9btJK65/C8vnO3p346s=" "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" "nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA=" "helix.cachix.org-1:ejp9KQpR1FBI2onstMQ34yogDm4OgU2ru6lIwPvuCVs=" "viperml.cachix.org-1:qZhKBMTfmcLL+OG6fj/hzsMEedgKvZVFRRAhq7j8Vh8=" ]; keep-outputs = true; keep-derivations = true; }; }; virtualisation = { libvirtd = { enable = true; onBoot = "ignore"; qemu = { ovmf.enable = true; runAsRoot = false; swtpm.enable = true; }; }; }; networking.firewall.trustedInterfaces = [ "virbr0" ]; programs.dconf.enable = true; # https://github.com/NixOS/nixpkgs/issues/158025 security.pam.services = { swaylock.text = "auth include login"; gtklock.text = "auth include login"; }; security.sudo.package = pkgs.sudo.override { withInsults = true; }; security.polkit.enable = true; fonts.packages = with pkgs; [ material-design-icons (nerdfonts.override { fonts = [ "JetBrainsMono" "Iosevka" ]; }) noto-fonts noto-fonts-cjk-sans noto-fonts-cjk-serif noto-fonts-emoji ]; users.users.${config'.username} = { isNormalUser = true; extraGroups = [ "wheel" "networkmanager" "libvirtd" ]; shell = pkgs.zsh; }; programs.zsh.enable = true; environment = { shells = [ pkgs.zsh ]; pathsToLink = [ "/share/zsh" ]; enableAllTerminfo = true; sessionVariables = { TERM = "foot"; EDITOR = "${pkgs.neovim}/bin/nvim"; GTK_IM_MODULE = "fcitx"; QT_IM_MODULE = "fcitx"; XMODIFIERS = "@im=fcitx"; LIBSEAT_BACKEND = "logind"; QT_QPA_PLATFORMTHEME = "qt5ct"; GOPATH = "\$HOME/.local/share/go"; XDG_CURRENT_DESKTOP = "Hyprland"; XDG_SESSION_TYPE = "wayland"; XDG_SESSION_DESKTOP = "Hyprland"; QT_QPA_PLATFORM = "wayland"; MOZ_ENABLE_WAYLAND = "1"; MOZ_DRM_DEVICE = "/dev/dri/card0"; SDL_VIDEODRIVER = "wayland"; _JAVA_AWT_WM_NONEREPARENTING = "1"; CLUTTER_BACKEND = "wayland"; GDK_BACKEND = "wayland"; XCURSOR_THEME = "Bibata-Modern-Classic"; XCURSOR_SIZE = "24"; XDG_DATA_HOME = "\$HOME/.local/share"; XDG_CONFIG_HOME = "\$HOME/.config"; XDG_STATE_HOME = "\$HOME/.local/state"; XDG_CACHE_HOME = "\$HOME/.cache"; HISTFILE = "\${XDG_STATE_HOME}/bash/history"; CARGO_HOME = "\${XDG_DATA_HOME}/cargo"; GTK2_RC_FILES = "\${XDG_CONFIG_HOME}/gtk-2.0/gtkrc"; CHROME_EXECUTABLE = "${pkgs.ungoogled-chromium}/bin/chromium"; NIXOS_OZONE_WL = "1"; }; systemPackages = with pkgs; [ man-pages man-pages-posix ]; }; services = { blueman.enable = true; mullvad-vpn.enable = true; pcscd.enable = true; udev.packages = [ pkgs.yubikey-personalization ]; udisks2.enable = true; dbus.enable = true; }; programs.gnupg.agent = { enable = true; pinentryFlavor = "qt"; enableSSHSupport = true; }; hardware = { opentabletdriver = { enable = true; daemon.enable = true; }; bluetooth.enable = true; opengl = { enable = true; driSupport = true; driSupport32Bit = true; }; }; xdg.portal = { enable = true; extraPortals = with pkgs; [ inputs.hyprland.packages.${pkgs.system}.xdg-desktop-portal-hyprland xdg-desktop-portal-gtk ]; }; services.btrfs = { autoScrub = { enable = true; interval = "weekly"; }; }; services.psd = { enable = true; resyncTimer = "30m"; }; services.journald = { extraConfig = '' SystemMaxUse=100M ''; }; system.stateVersion = "23.11"; }