DerGrumpf/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Changed: Podman

Browse Source
This commit is contained in:
DerGrumpf 2025-03-26 15:17:45 +01:00
parent 065f4ed0be
commit a9312ed768
2 changed files with 174 additions and 166 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
home/programs/default.nix
View File

@ -6,6 +6,5 @@
./media.nix ./media.nix
./xdg.nix ./xdg.nix
./neovim.nix ./neovim.nix
./podman.nix
]; ];
} }

339
modules/system.nix
View File

@ -4,22 +4,22 @@
username, username,
... ...
}: { }: {
# ============================= User related ============================= # ============================= User related =============================
# Define a user account. Don't forget to set a password with passwd. # Define a user account. Don't forget to set a password with passwd.
users.users.${username} = { users.users.${username} = {
isNormalUser = true; isNormalUser = true;
description = username; description = username;
extraGroups = ["networkmanager" "wheel"]; extraGroups = ["networkmanager" "wheel"];
}; };
# given the users in this list the right to specify additional substituters via: # given the users in this list the right to specify additional substituters via:
# 1. `nixConfig.substituers` in `flake.nix` # 1. `nixConfig.substituers` in `flake.nix`
# 2. command line args `--options substituers http://xxx` # 2. command line args `--options substituers http://xxx`
nix.settings.trusted-users = [username]; nix.settings.trusted-users = [username];
# customise /etc/nix/nix.conf declaratively via `nix.settings` # customise /etc/nix/nix.conf declaratively via `nix.settings`
nix.settings = { nix.settings = {
# enable flakes globally # enable flakes globally
experimental-features = ["nix-command" "flakes"]; experimental-features = ["nix-command" "flakes"];
substituters = [ substituters = [
@ -32,171 +32,180 @@
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
]; ];
builders-use-substitutes = true; builders-use-substitutes = true;
}; };
# do garbage collection weekly to keep disk usage low # do garbage collection weekly to keep disk usage low
nix.gc = { nix.gc = {
automatic = lib.mkDefault true; automatic = lib.mkDefault true;
dates = lib.mkDefault "weekly"; dates = lib.mkDefault "weekly";
options = lib.mkDefault "--delete-older-than 7d"; options = lib.mkDefault "--delete-older-than 7d";
}; };
# Allow unfree packages # Allow unfree packages
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
# Set your time zone. # Set your time zone.
time.timeZone = "Europe/Berlin"; time.timeZone = "Europe/Berlin";
# Select internationalisation properties. # Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8"; i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = { i18n.extraLocaleSettings = {
LC_ADDRESS = "de_DE.UTF-8"; LC_ADDRESS = "de_DE.UTF-8";
LC_IDENTIFICATION = "de_DE.UTF-8"; LC_IDENTIFICATION = "de_DE.UTF-8";
LC_MEASUREMENT = "de_DE.UTF-8"; LC_MEASUREMENT = "de_DE.UTF-8";
LC_MONETARY = "de_DE.UTF-8"; LC_MONETARY = "de_DE.UTF-8";
LC_NAME = "de_DE.UTF-8"; LC_NAME = "de_DE.UTF-8";
LC_NUMERIC = "de_DE.UTF-8"; LC_NUMERIC = "de_DE.UTF-8";
LC_PAPER = "de_DE.UTF-8"; LC_PAPER = "de_DE.UTF-8";
LC_TELEPHONE = "de_DE.UTF-8"; LC_TELEPHONE = "de_DE.UTF-8";
LC_TIME = "de_DE.UTF-8"; LC_TIME = "de_DE.UTF-8";
}; };
# Enable CUPS to print documents. # Enable CUPS to print documents.
services.printing.enable = true; services.printing.enable = true;
fonts = { fonts = {
packages = with pkgs; [ packages = with pkgs; [
# icon fonts # icon fonts
material-design-icons material-design-icons
# normal fonts # normal fonts
noto-fonts noto-fonts
noto-fonts-cjk noto-fonts-cjk
noto-fonts-emoji noto-fonts-emoji
# nerdfonts # nerdfonts
(nerdfonts.override {fonts = ["FiraCode" "JetBrainsMono"];}) (nerdfonts.override {fonts = ["FiraCode" "JetBrainsMono"];})
];
# use fonts specified by user rather than default ones
enableDefaultPackages = false;
# user defined fonts
# the reason there's Noto Color Emoji everywhere is to override DejaVu's
# B&W emojis that would sometimes show instead of some Color emojis
fontconfig.defaultFonts = {
serif = ["Noto Serif" "Noto Color Emoji"];
sansSerif = ["Noto Sans" "Noto Color Emoji"];
monospace = ["JetBrainsMono Nerd Font" "Noto Color Emoji"];
emoji = ["Noto Color Emoji"];
};
};
programs.dconf.enable = true;
programs.thunar = {
enable = true;
plugins = with pkgs.xfce; [
thunar-archive-plugin
thunar-volman
];
};
programs.xfconf.enable = true;
services.gvfs.enable = true;
services.tumbler.enable = true;
virtualisation = {
containers.enable = true;
podman = {
enable = true;
dockerCompat = true;
defaultNetwork.settings.dns_enabled = true;
};
};
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
networking.firewall.enable = false;
# Enable the OpenSSH daemon.
services.openssh = {
enable = true;
settings = {
X11Forwarding = true;
PermitRootLogin = "no"; # disable root login
PasswordAuthentication = false; # disable password login
};
openFirewall = true;
};
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
# Bare minimum
neovim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
wget
git
# System tools
sysstat
lm_sensors # for `sensors` command
ethtool
pciutils # lspci
usbutils # lsusb
# Rizz
fastfetch
#microfetch
# Terminal
yazi # file manager
jq # JSON Parser
yq-go # YAML Parser
glow # Markdown Reader
btop # system monitor
iotop # iomonitor
iftop # network monitor
iperf3 # network tester
nmap # network discovery
eza # ls replacement
curl
dnsutils
ldns
file
which
tree
gnused
gnutar
gawk
zstd
gnupg
# Archives
zip
unzip
p7zip
xz
]; ];
# use fonts specified by user rather than default ones # Enable sound with pipewire.
enableDefaultPackages = false; sound.enable = true;
hardware.pulseaudio.enable = false;
# user defined fonts services.power-profiles-daemon = {
# the reason there's Noto Color Emoji everywhere is to override DejaVu's enable = true;
# B&W emojis that would sometimes show instead of some Color emojis
fontconfig.defaultFonts = {
serif = ["Noto Serif" "Noto Color Emoji"];
sansSerif = ["Noto Sans" "Noto Color Emoji"];
monospace = ["JetBrainsMono Nerd Font" "Noto Color Emoji"];
emoji = ["Noto Color Emoji"];
}; };
}; security.polkit.enable = true;
programs.dconf.enable = true; services = {
programs.thunar = { dbus.packages = [pkgs.gcr];
enable = true;
plugins = with pkgs.xfce; [
thunar-archive-plugin
thunar-volman
];
};
programs.xfconf.enable = true; geoclue2.enable = true;
services.gvfs.enable = true;
services.tumbler.enable = true;
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
networking.firewall.enable = false;
# Enable the OpenSSH daemon. pipewire = {
services.openssh = { enable = true;
enable = true; alsa.enable = true;
settings = { alsa.support32Bit = true;
X11Forwarding = true; pulse.enable = true;
PermitRootLogin = "no"; # disable root login # If you want to use JACK applications, uncomment this
PasswordAuthentication = false; # disable password login jack.enable = true;
# use the example session manager (no others are packaged yet so this is enabled by default,
# no need to redefine it in your config for now)
#media-session.enable = true;
};
udev.packages = with pkgs; [gnome.gnome-settings-daemon];
}; };
openFirewall = true;
};
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
# Bare minimum
neovim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
wget
git
# System tools
sysstat
lm_sensors # for `sensors` command
ethtool
pciutils # lspci
usbutils # lsusb
# Rizz
fastfetch
#microfetch
# Terminal
yazi # file manager
jq # JSON Parser
yq-go # YAML Parser
glow # Markdown Reader
btop # system monitor
iotop # iomonitor
iftop # network monitor
iperf3 # network tester
nmap # network discovery
eza # ls replacement
curl
dnsutils
ldns
file
which
tree
gnused
gnutar
gawk
zstd
gnupg
# Archives
zip
unzip
p7zip
xz
];
# Enable sound with pipewire.
sound.enable = true;
hardware.pulseaudio.enable = false;
services.power-profiles-daemon = {
enable = true;
};
security.polkit.enable = true;
services = {
dbus.packages = [pkgs.gcr];
geoclue2.enable = true;
pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# If you want to use JACK applications, uncomment this
jack.enable = true;
# use the example session manager (no others are packaged yet so this is enabled by default,
# no need to redefine it in your config for now)
#media-session.enable = true;
};
udev.packages = with pkgs; [gnome.gnome-settings-daemon];
};
} }