{ pkgs, lib, username, ... }: { # ============================= User related ============================= # Define a user account. Don't forget to set a password with ‘passwd’. users.users.${username} = { isNormalUser = true; description = username; extraGroups = ["networkmanager" "wheel" "podman"]; }; # given the users in this list the right to specify additional substituters via: # 1. `nixConfig.substituers` in `flake.nix` # 2. command line args `--options substituers http://xxx` nix.settings.trusted-users = [username]; # customise /etc/nix/nix.conf declaratively via `nix.settings` nix.settings = { # enable flakes globally experimental-features = ["nix-command" "flakes"]; auto-optimise-store = true; substituters = [ "https://cache.nixos.org" "https://hyprland.cachix.org" ]; trusted-public-keys = [ "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc=" ]; builders-use-substitutes = true; }; # do garbage collection weekly to keep disk usage low nix.gc = { automatic = lib.mkDefault true; dates = lib.mkDefault "weekly"; options = lib.mkDefault "--delete-older-than +3"; }; # Allow unfree packages nixpkgs.config.allowUnfree = true; nixpkgs.config.allowBroken = true; # Set your time zone. time.timeZone = "Europe/Berlin"; # Select internationalisation properties. i18n.defaultLocale = "en_US.UTF-8"; i18n.extraLocaleSettings = { LC_ADDRESS = "de_DE.UTF-8"; LC_IDENTIFICATION = "de_DE.UTF-8"; LC_MEASUREMENT = "de_DE.UTF-8"; LC_MONETARY = "de_DE.UTF-8"; LC_NAME = "de_DE.UTF-8"; LC_NUMERIC = "de_DE.UTF-8"; LC_PAPER = "de_DE.UTF-8"; LC_TELEPHONE = "de_DE.UTF-8"; LC_TIME = "de_DE.UTF-8"; }; # Enable CUPS to print documents. services.printing.enable = true; fonts = { packages = with pkgs; [ # icon fonts material-icons material-black-colors material-design-icons # normal fonts noto-fonts noto-fonts-cjk noto-fonts-emoji nerdfonts ]; # use fonts specified by user rather than default ones enableDefaultPackages = false; # user defined fonts # the reason there's Noto Color Emoji everywhere is to override DejaVu's # B&W emojis that would sometimes show instead of some Color emojis fontconfig.defaultFonts = { serif = ["Noto Serif" "Noto Color Emoji"]; sansSerif = ["Noto Sans" "Noto Color Emoji"]; monospace = ["JetBrainsMono Nerd Font" "Noto Color Emoji"]; emoji = ["Noto Color Emoji"]; }; }; programs.dconf.enable = true; programs.spacefm.enable = true; /*programs.xfconf.enable = true; services.gvfs.enable = true; services.tumbler.enable = true; programs.thunar = { enable = true; plugins = with pkgs.xfce; [ thunar-archive-plugin thunar-volman ]; };*/ # Virtualisation virtualisation = { containers.enable = true; podman = { enable = true; dockerCompat = true; defaultNetwork.settings.dns_enabled = true; }; oci-containers = { backend = "podman"; containers = { /*container-name = { image = "image"; autoStart = true; ports = [ "127.0.0.1:1234:1234" ]; };*/ }; }; }; # networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ]; # Or disable the firewall altogether. networking.firewall.enable = false; # Enable the OpenSSH daemon. services.openssh = { enable = true; settings = { X11Forwarding = true; PermitRootLogin = "no"; # disable root login PasswordAuthentication = false; # disable password login }; openFirewall = true; }; # List packages installed in system profile. To search, run: # $ nix search wget environment.systemPackages = with pkgs; [ # Bare minimum neovim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. wget git # System tools sysstat lm_sensors # for `sensors` command ethtool pciutils # lspci usbutils # lsusb libGL # Rizz fastfetch cpufetch hyfetch ramfetch neofetch ghfetch libnotify #microfetch # Terminal yazi # file manager jq # JSON Parser yq-go # YAML Parser glow # Markdown Reader btop # system monitor iotop # iomonitor iftop # network monitor iperf3 # network tester nmap # network discovery eza # ls replacement curl dnsutils ldns file which tree gnused gnutar gawk zstd gnupg # Archives zip unzip p7zip xz # Virtualisation podman-compose # docker-compose alternative dive # docker layer viewer podman-tui # status of containers in terminal podman-desktop # Desktop client tailscale # Vpn ]; # Enable sound with pipewire. sound.enable = true; hardware.pulseaudio.enable = false; services.power-profiles-daemon = { enable = true; }; security.polkit.enable = true; services = { dbus.packages = [pkgs.gcr]; geoclue2.enable = true; pipewire = { enable = true; alsa.enable = true; alsa.support32Bit = true; pulse.enable = true; # If you want to use JACK applications, uncomment this jack.enable = true; # use the example session manager (no others are packaged yet so this is enabled by default, # no need to redefine it in your config for now) #media-session.enable = true; }; tailscale.enable = true; udev.packages = with pkgs; [gnome.gnome-settings-daemon]; }; }