From a9312ed768ae30339c0b2ae013c17e0665662a1e Mon Sep 17 00:00:00 2001 From: DerGrumpf Date: Wed, 26 Mar 2025 15:17:45 +0100 Subject: [PATCH] Changed: Podman --- home/programs/default.nix | 1 - modules/system.nix | 339 +++++++++++++++++++------------------- 2 files changed, 174 insertions(+), 166 deletions(-) diff --git a/home/programs/default.nix b/home/programs/default.nix index 516a9ed..2541114 100644 --- a/home/programs/default.nix +++ b/home/programs/default.nix @@ -6,6 +6,5 @@ ./media.nix ./xdg.nix ./neovim.nix - ./podman.nix ]; } diff --git a/modules/system.nix b/modules/system.nix index 3b43785..22b3e01 100644 --- a/modules/system.nix +++ b/modules/system.nix @@ -4,22 +4,22 @@ username, ... }: { - # ============================= User related ============================= +# ============================= User related ============================= - # Define a user account. Don't forget to set a password with ‘passwd’. - users.users.${username} = { - isNormalUser = true; - description = username; - extraGroups = ["networkmanager" "wheel"]; - }; - # given the users in this list the right to specify additional substituters via: - # 1. `nixConfig.substituers` in `flake.nix` - # 2. command line args `--options substituers http://xxx` - nix.settings.trusted-users = [username]; +# Define a user account. Don't forget to set a password with ‘passwd’. + users.users.${username} = { + isNormalUser = true; + description = username; + extraGroups = ["networkmanager" "wheel"]; + }; +# given the users in this list the right to specify additional substituters via: +# 1. `nixConfig.substituers` in `flake.nix` +# 2. command line args `--options substituers http://xxx` + nix.settings.trusted-users = [username]; - # customise /etc/nix/nix.conf declaratively via `nix.settings` - nix.settings = { - # enable flakes globally +# customise /etc/nix/nix.conf declaratively via `nix.settings` + nix.settings = { +# enable flakes globally experimental-features = ["nix-command" "flakes"]; substituters = [ @@ -32,171 +32,180 @@ "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" ]; builders-use-substitutes = true; - }; + }; - # do garbage collection weekly to keep disk usage low - nix.gc = { - automatic = lib.mkDefault true; - dates = lib.mkDefault "weekly"; - options = lib.mkDefault "--delete-older-than 7d"; - }; +# do garbage collection weekly to keep disk usage low + nix.gc = { + automatic = lib.mkDefault true; + dates = lib.mkDefault "weekly"; + options = lib.mkDefault "--delete-older-than 7d"; + }; - # Allow unfree packages - nixpkgs.config.allowUnfree = true; +# Allow unfree packages + nixpkgs.config.allowUnfree = true; - # Set your time zone. - time.timeZone = "Europe/Berlin"; +# Set your time zone. + time.timeZone = "Europe/Berlin"; - # Select internationalisation properties. - i18n.defaultLocale = "en_US.UTF-8"; +# Select internationalisation properties. + i18n.defaultLocale = "en_US.UTF-8"; - i18n.extraLocaleSettings = { - LC_ADDRESS = "de_DE.UTF-8"; - LC_IDENTIFICATION = "de_DE.UTF-8"; - LC_MEASUREMENT = "de_DE.UTF-8"; - LC_MONETARY = "de_DE.UTF-8"; - LC_NAME = "de_DE.UTF-8"; - LC_NUMERIC = "de_DE.UTF-8"; - LC_PAPER = "de_DE.UTF-8"; - LC_TELEPHONE = "de_DE.UTF-8"; - LC_TIME = "de_DE.UTF-8"; - }; + i18n.extraLocaleSettings = { + LC_ADDRESS = "de_DE.UTF-8"; + LC_IDENTIFICATION = "de_DE.UTF-8"; + LC_MEASUREMENT = "de_DE.UTF-8"; + LC_MONETARY = "de_DE.UTF-8"; + LC_NAME = "de_DE.UTF-8"; + LC_NUMERIC = "de_DE.UTF-8"; + LC_PAPER = "de_DE.UTF-8"; + LC_TELEPHONE = "de_DE.UTF-8"; + LC_TIME = "de_DE.UTF-8"; + }; - # Enable CUPS to print documents. - services.printing.enable = true; +# Enable CUPS to print documents. + services.printing.enable = true; - fonts = { - packages = with pkgs; [ - # icon fonts - material-design-icons + fonts = { + packages = with pkgs; [ + # icon fonts + material-design-icons - # normal fonts - noto-fonts - noto-fonts-cjk - noto-fonts-emoji + # normal fonts + noto-fonts + noto-fonts-cjk + noto-fonts-emoji - # nerdfonts - (nerdfonts.override {fonts = ["FiraCode" "JetBrainsMono"];}) + # nerdfonts + (nerdfonts.override {fonts = ["FiraCode" "JetBrainsMono"];}) + ]; + +# use fonts specified by user rather than default ones + enableDefaultPackages = false; + +# user defined fonts +# the reason there's Noto Color Emoji everywhere is to override DejaVu's +# B&W emojis that would sometimes show instead of some Color emojis + fontconfig.defaultFonts = { + serif = ["Noto Serif" "Noto Color Emoji"]; + sansSerif = ["Noto Sans" "Noto Color Emoji"]; + monospace = ["JetBrainsMono Nerd Font" "Noto Color Emoji"]; + emoji = ["Noto Color Emoji"]; + }; + }; + + programs.dconf.enable = true; + programs.thunar = { + enable = true; + plugins = with pkgs.xfce; [ + thunar-archive-plugin + thunar-volman + ]; + }; + + programs.xfconf.enable = true; + services.gvfs.enable = true; + services.tumbler.enable = true; + + virtualisation = { + containers.enable = true; + + podman = { + enable = true; + dockerCompat = true; + defaultNetwork.settings.dns_enabled = true; + }; + }; +# networking.firewall.allowedTCPPorts = [ ... ]; +# networking.firewall.allowedUDPPorts = [ ... ]; +# Or disable the firewall altogether. + networking.firewall.enable = false; + +# Enable the OpenSSH daemon. + services.openssh = { + enable = true; + settings = { + X11Forwarding = true; + PermitRootLogin = "no"; # disable root login + PasswordAuthentication = false; # disable password login + }; + openFirewall = true; + }; + +# List packages installed in system profile. To search, run: +# $ nix search wget + environment.systemPackages = with pkgs; [ +# Bare minimum + neovim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + wget + git + +# System tools + sysstat + lm_sensors # for `sensors` command + ethtool + pciutils # lspci + usbutils # lsusb + +# Rizz + fastfetch +#microfetch + +# Terminal + yazi # file manager + jq # JSON Parser + yq-go # YAML Parser + glow # Markdown Reader + btop # system monitor + iotop # iomonitor + iftop # network monitor + iperf3 # network tester + nmap # network discovery + eza # ls replacement + curl + dnsutils + ldns + file + which + tree + gnused + gnutar + gawk + zstd + gnupg + +# Archives + zip + unzip + p7zip + xz ]; - # use fonts specified by user rather than default ones - enableDefaultPackages = false; - - # user defined fonts - # the reason there's Noto Color Emoji everywhere is to override DejaVu's - # B&W emojis that would sometimes show instead of some Color emojis - fontconfig.defaultFonts = { - serif = ["Noto Serif" "Noto Color Emoji"]; - sansSerif = ["Noto Sans" "Noto Color Emoji"]; - monospace = ["JetBrainsMono Nerd Font" "Noto Color Emoji"]; - emoji = ["Noto Color Emoji"]; +# Enable sound with pipewire. + sound.enable = true; + hardware.pulseaudio.enable = false; + services.power-profiles-daemon = { + enable = true; }; - }; + security.polkit.enable = true; - programs.dconf.enable = true; - programs.thunar = { - enable = true; - plugins = with pkgs.xfce; [ - thunar-archive-plugin - thunar-volman - ]; - }; + services = { + dbus.packages = [pkgs.gcr]; - programs.xfconf.enable = true; - services.gvfs.enable = true; - services.tumbler.enable = true; - - # networking.firewall.allowedTCPPorts = [ ... ]; - # networking.firewall.allowedUDPPorts = [ ... ]; - # Or disable the firewall altogether. - networking.firewall.enable = false; + geoclue2.enable = true; - # Enable the OpenSSH daemon. - services.openssh = { - enable = true; - settings = { - X11Forwarding = true; - PermitRootLogin = "no"; # disable root login - PasswordAuthentication = false; # disable password login + pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # If you want to use JACK applications, uncomment this + jack.enable = true; + + # use the example session manager (no others are packaged yet so this is enabled by default, + # no need to redefine it in your config for now) + #media-session.enable = true; + }; + + udev.packages = with pkgs; [gnome.gnome-settings-daemon]; }; - openFirewall = true; - }; - - # List packages installed in system profile. To search, run: - # $ nix search wget - environment.systemPackages = with pkgs; [ - # Bare minimum - neovim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. - wget - git - - # System tools - sysstat - lm_sensors # for `sensors` command - ethtool - pciutils # lspci - usbutils # lsusb - - # Rizz - fastfetch - #microfetch - - # Terminal - yazi # file manager - jq # JSON Parser - yq-go # YAML Parser - glow # Markdown Reader - btop # system monitor - iotop # iomonitor - iftop # network monitor - iperf3 # network tester - nmap # network discovery - eza # ls replacement - curl - dnsutils - ldns - file - which - tree - gnused - gnutar - gawk - zstd - gnupg - - # Archives - zip - unzip - p7zip - xz - ]; - - # Enable sound with pipewire. - sound.enable = true; - hardware.pulseaudio.enable = false; - services.power-profiles-daemon = { - enable = true; - }; - security.polkit.enable = true; - - services = { - dbus.packages = [pkgs.gcr]; - - geoclue2.enable = true; - - pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - # If you want to use JACK applications, uncomment this - jack.enable = true; - - # use the example session manager (no others are packaged yet so this is enabled by default, - # no need to redefine it in your config for now) - #media-session.enable = true; - }; - - udev.packages = with pkgs; [gnome.gnome-settings-daemon]; - }; }