# Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, lib, ... }: let rust_overlay = import (builtins.fetchTarball "https://github.com/oxalica/rust-overlay/archive/master.tar.gz"); moz-rev = "master"; moz-url = builtins.fetchTarball { url = "https://github.com/mozilla/nixpkgs-mozilla/archive/${moz-rev}.tar.gz"; }; nightly_overlay = (import "${moz-url}/firefox-overlay.nix"); pkgs = import { overlays = [ rust_overlay nightly_overlay ]; allowUnfree = true; }; allowUnfree = true; rustVersion = "latest"; in { imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix ]; # Bootloader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; nixpkgs.config = { allowUnfree = true; }; virtualisation.libvirtd.enable = true; virtualisation.libvirtd.qemu.package = pkgs.qemu_kvm; users.extraGroups.libvirtd.members = [ "sevki" ]; networking.hostName = "trashcan"; # Define your hostname. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. # Configure network proxy if necessary # networking.proxy.default = "http://user:password@proxy:port/"; # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; services.tailscale.enable = true; services.flatpak.enable = true; # Enable networking networking.networkmanager.enable = true; # Set your time zone. time.timeZone = "Europe/London"; # Select internationalisation properties. i18n.defaultLocale = "en_GB.UTF-8"; i18n.extraLocaleSettings = { LC_ADDRESS = "en_GB.UTF-8"; LC_IDENTIFICATION = "en_GB.UTF-8"; LC_MEASUREMENT = "en_GB.UTF-8"; LC_MONETARY = "en_GB.UTF-8"; LC_NAME = "en_GB.UTF-8"; LC_NUMERIC = "en_GB.UTF-8"; LC_PAPER = "en_GB.UTF-8"; LC_TELEPHONE = "en_GB.UTF-8"; LC_TIME = "en_GB.UTF-8"; }; # Enable the X11 windowing system. services.xserver.enable = true; # Enable the GNOME Desktop Environment. # services.displayManager.sddm.enable = true; services.xserver.displayManager.gdm.enable = true; services.xserver.desktopManager.gnome.enable = true; # Configure keymap in X11 services.xserver = { layout = "us"; xkbVariant = ""; }; # Enable CUPS to print documents. services.printing.enable = true; # Enable sound with pipewire. sound.enable = true; hardware.pulseaudio.enable = false; security.rtkit.enable = true; services.pipewire = { enable = true; alsa.enable = true; alsa.support32Bit = true; pulse.enable = true; # If you want to use JACK applications, uncomment this jack.enable = true; # use the example session manager (no others are packaged yet so this is enabled by default, # no need to redefine it in your config for now) #media-session.enable = true; }; programs.browserpass.enable = true; # Define a user account. Don't forget to set a password with ‘passwd’. users.users.sevki = { isNormalUser = true; description = "sevki"; extraGroups = [ "networkmanager" "wheel" "libvirtd" ]; packages = with pkgs; [ firefox # rustc # cargo # rustfmt # clippy git nixfmt binutils _1password _1password-gui sapling gh gcc13 sqlite openapi-generator-cli openssl.dev watchman pkg-config-unwrapped llvmPackages_17.clang-unwrapped llvmPackages_17.libclang step-cli step-ca nodePackages_latest.prettier deno yarn python3 nodejs_21 spotify flyctl pscale mariadb sentry-cli ungoogled-chromium go acme-sh latest.firefox-nightly-bin rustup google-chrome google-cursor atuin gopls llvmPackages_17.bintools podman-compose sea-orm-cli ulauncher (vscode-with-extensions.override { vscodeExtensions = with vscode-extensions; [ tamasfe.even-better-toml github.copilot github.copilot-chat github.github-vscode-theme rust-lang.rust-analyzer vadimcn.vscode-lldb ms-vscode-remote.remote-containers mvllow.rose-pine graphql.vscode-graphql graphql.vscode-graphql-syntax esbenp.prettier-vscode golang.go bbenoist.nix brettm12345.nixfmt-vscode llvm-vs-code-extensions.vscode-clangd ]; }) thunderbird ]; }; virtualisation = { podman = { enable = true; dockerCompat = true; defaultNetwork.settings.dns_enabled = true; }; }; services.fprintd.enable = true; services.fprintd.tod.enable = true; services.fprintd.tod.driver = pkgs.libfprint-2-tod1-vfs0090; # Allow unfree packages programs._1password.enable = true; programs._1password-gui = { enable = true; # Certain features, including CLI integration and system authentication support, # require enabling PolKit integration on some desktop environments (e.g. Plasma). polkitPolicyOwners = [ "sevki" ]; }; # List packages installed in system profile. To search, run: # $ nix search wget environment.systemPackages = with pkgs; [ # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. # wget gnumake cmake openssl libcap fprintd pinentry llvmPackages_latest.libclang glibc busybox coreutils-full linuxHeaders pinentry-gnome llvmPackages_latest.stdenv llvmPackages_latest.compiler-rt-libc libuuid libgcc libdrm protobuf libepoxy minijail virglrenderer wayland wayland-protocols nextdns virt-manager qemu OVMF ]; # https://github.com/rust-lang/rust-bindgen#environment-variables # Add precompiled library to rustc search path services.nextdns = { enable = true; arguments = [ "-config" "10.0.3.0/24=98ca38" "-cache-size" "10MB" "-profile" "98ca38" ]; }; environment.variables = { LIBCAP_PATH = "${pkgs.libcap.dev}/include"; LIBCLANG_PATH = pkgs.lib.makeLibraryPath [ pkgs.llvmPackages_latest.libclang.lib ]; RUSTFLAGS = builtins.concatStringsSep " " ((builtins.map (a: "-L ${a}/lib") [ pkgs.libcap ])); GLIBC_PATH = "${pkgs.glibc.dev}"; BINDGEN_EXTRA_CLANG_ARGS = # Includes with normal include path (builtins.map (a: ''-I"${a}/include"'') [ # add dev libraries here (e.g. pkgs.libvmi.dev) pkgs.glibc.dev pkgs.libcap.dev ]) # Includes with special directory paths ++ [ '' -I"${pkgs.llvmPackages_latest.libclang.lib}/lib/clang/${pkgs.llvmPackages_latest.libclang.version}/include"'' ''-I"${pkgs.glib.dev}/include/glib-2.0"'' "-I${pkgs.glib.out}/lib/glib-2.0/include/" ]; PATH = [ "~/.rustup" "~/.cargo/bin" "~/.deno/bin" "~/.yarn/bin" "~/go/bin" "${config.environment.variables.NIX_PATH}" "/var/lib/flatpak/exports/share" "/home/sevki/.local/share/flatpak/exports/share" "~/.rustup/toolchains/1.76.0-x86_64-unknown-linux-gnu/bin/" "~/.rustup/toolchains/1.77.0-x86_64-unknown-linux-gnu/bin/" "~/.rustup/toolchains/1.78.0-x86_64-unknown-linux-gnu/bin/" ]; PKG_CONFIG_PATH = [ "${pkgs.openssl.dev}/lib/pkgconfig" "${pkgs.libcap.dev}/lib/pkgconfig" "${pkgs.wayland-protocols}/share/pkgconfig" ]; }; networking.extraHosts = '' 127.0.0.1 dev.issue.is ::1 dev.issue.is ''; # Some programs need SUID wrappers, can be configured further or are # started in user sessions. # programs.mtr.enable = true; # programs.gnupg.agent = { # enable = true; # enableSSHSupport = true; # }; # List services that you want to enable: # Enable the OpenSSH daemon. # services.openssh.enable = true; # Open ports in the firewall. # networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ]; # Or disable the firewall altogether. # networking.firewall.enable = false; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "23.11"; # Did you read the comment? }