{ pkgs, ... }:
{
imports =
[
./hardware-configuration.nix
./modules/backup
./modules/graphics
./modules/greetd
./modules/networks
# ./modules/printing
./modules/security
./modules/sound
./modules/virtualisation
];
# services.influxdb2 = {
# enable = true;
# };
nix.settings.system-features = [ "gccarch-tigerlake" ];
systemd.additionalUpstreamSystemUnits = [
"soft-reboot.target"
"systemd-soft-reboot.service"
];
# Use the systemd-boot EFI boot loader.
boot = {
kernelModules = [ "v4l2loopback" ];
kernelPackages = pkgs.linuxPackages_latest;
# extraModulePackages = [
# config.boot.kernelPackages.v4l2loopback
# ];
# extraModprobeConfig = ''
# options v4l2loopback exclusive_caps=1 card_label="Virtual Camera"
# '';
tmp.useTmpfs = true;
};
environment.persistence."/nix/persist/system" = {
directories = [
"/etc/nixos" # bind mounted from /nix/persist/system/etc/nixos to /etc/nixos
"/etc/ssh"
"/etc/secureboot"
"/root/.ssh"
"/root/.borgmatic"
"/root/.local/share/zsh"
];
files = [
"/etc/machine-id"
# fix for systemd v257 panicking when /usr is empty
"/usr/dummy"
];
};
time.timeZone = "Europe/Berlin";
i18n.defaultLocale = "en_US.UTF-8";
programs.direnv = {
enable = true;
};
console.keyMap = "dvorak";
# services.openldap = {
# enable = true;
# urlList = [ "ldap:///" ];
# settings = {
# attrs = {
# olcLogLevel = "conns config";
# };
# children = {
# "cn=schema".includes = [
# "${pkgs.openldap}/etc/schema/core.ldif"
# # attributetype ( 9999.1.1 NAME 'isMemberOf'
# # DESC 'back-reference to groups this user is a member of'
# # SUP distinguishedName )
# "${pkgs.openldap}/etc/schema/cosine.ldif"
# "${pkgs.openldap}/etc/schema/inetorgperson.ldif"
# "${pkgs.openldap}/etc/schema/nis.ldif"
# # "${pkgs.writeText "openssh.ldif" ''
# # dn: cn={4}openssh
# # objectClass: olcSchemaConfig
# # cn: {4}openssh
# # attributetype ( 9999.1.2 NAME 'sshPublicKey'
# # DESC 'SSH public key used by this user'
# # SUP name )
# # ''}"
# "${pkgs.writeText "openssh.ldif" ''
# dn: cn=openssh,cn=schema,cn=config
# objectClass: olcSchemaConfig
# cn: openssh
# olcAttributeTypes: ( 1.3.6.1.4.1.24552.500.1.1.1.13 NAME 'sshPublicKey'
# DESC 'MANDATORY: OpenSSH Public key'
# EQUALITY octetStringMatch
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.40 )
# ''}"
# ];
# "olcDatabase={1}mdb".attrs = {
# objectClass = [ "olcDatabaseConfig" "olcMdbConfig" ];
# olcDatabase = "{1}mdb";
# olcDbDirectory = "/var/lib/openldap/data";
# olcSuffix = "dc=ifsr,dc=de";
# /* your admin account, do not use writeText on a production system */
# olcRootDN = "cn=portunus,dc=ifsr,dc=de";
# olcRootPW = "test";
# olcAccess = [
# /* custom access rules for userPassword attributes */
# ''{0}to attrs=userPassword
# by self write
# by anonymous auth
# by * none''
# /* allow read on anything else */
# ''{1}to *
# by * read''
# ];
# };
# "olcOverlay={3}memberof,olcDatabase={1}mdb".attrs = {
# objectClass = [ "olcConfig" "olcOverlayConfig" "olcMemberOf" "top" ];
# olcOverlay = "{3}memberof";
# olcMemberOfRefInt = "TRUE";
# olcMemberOfDangling = "ignore";
# olcMemberOfGroupOC = "groupOfNames";
# olcMemberOfMemberAD = "member";
# olcMemberOfMemberOfAD = "memberOf";
# };
# "olcOverlay={4}refint,olcDatabase={1}mdb".attrs = {
# objectClass = [ "olcOverlayConfig" "olcRefintConfig" "top" ];
# olcOverlay = "{4}refint";
# olcRefintAttribute = "memberof member manager owner";
# };
# };
# };
# };
services = {
envfs.enable = true; #usr/bin fixes
blueman.enable = true; # bluetooth
devmon.enable = true; # automount stuff
upower.enable = true;
fwupd.enable = true; # firmware updates
avahi.enable = true;
btrfs.autoScrub.enable = true;
};
hardware.bluetooth = {
enable = true;
settings = {
General = {
Experimental = true;
};
};
};
services.logind = {
lidSwitch = "suspend-then-hibernate";
lidSwitchDocked = "suspend";
lidSwitchExternalPower = "suspend";
extraConfig = ''
HandlePowerKey = ignore
'';
};
services.tlp = {
enable = true;
settings = {
START_CHARGE_THRESH_BAT0 = 70;
STOP_CHARGE_THRESH_BAT0 = 90;
RESTORE_DEVICE_STATE_ON_STARTUP = 1;
};
};
documentation = {
dev.enable = true;
};
environment.systemPackages = [ pkgs.man-pages ];
system.stateVersion = "22.11";
# programs.java.enable = true;
}