{ self, inputs, ... }: { flake.modules.nixos.p14sConfiguration = { config, pkgs, lib, ... }: let hostname = "john-p14s"; flakeDir = "${config.home-manager.users.john.home.homeDirectory}/Documents/dendritic"; in { imports = [ self.modules.nixos.p14sHardware ]; nix.settings.experimental-features = [ "nix-command" "flakes" ]; nixpkgs.config = { permittedInsecurePackages = [ "openssl-1.1.1w" ]; allowUnfree = true; }; networking = { hostName = hostname; networkmanager.enable = true; }; # Enable automatic login for the user. services.displayManager.autoLogin.enable = true; services.displayManager.autoLogin.user = "john"; programs.zsh.enable = true; services.openssh.enable = true; services.tailscale.enable = true; # List packages installed in system profile. To search, run: # $ nix search wget environment.systemPackages = with pkgs; [ wget cacert busybox dig samba ]; security.pam.services.swaylock = {}; security.pam.services.swaylock.fprintAuth = true; programs._1password.enable = true; programs._1password-gui = { enable = true; # Certain features, including CLI integration and system authentication support, # require enabling PolKit integration on some desktop environments (e.g. Plasma). polkitPolicyOwners = [ "john" ]; # TODO this should not be a hardcoded username }; # This is needed for VSCode remote support. Read: https://nixos.wiki/wiki/Visual_Studio_Code programs.nix-ld.enable = true; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It's perfectly fine and recommended to leave # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "24.05"; # Did you read the comment? # Set your time zone. time.timeZone = "America/Chicago"; # Select internationalisation properties. i18n.defaultLocale = "en_US.UTF-8"; i18n.extraLocaleSettings = { LC_ADDRESS = "en_US.UTF-8"; LC_IDENTIFICATION = "en_US.UTF-8"; LC_MEASUREMENT = "en_US.UTF-8"; LC_MONETARY = "en_US.UTF-8"; LC_NAME = "en_US.UTF-8"; LC_NUMERIC = "en_US.UTF-8"; LC_PAPER = "en_US.UTF-8"; LC_TELEPHONE = "en_US.UTF-8"; LC_TIME = "en_US.UTF-8"; }; services.libinput.enable = true; # Enable touchpad support (enabled default in most desktopManager). services.fprintd.enable = true; # Enables fingerprint sensor # Enable sound with pipewire. services.pulseaudio.enable = false; security.rtkit.enable = true; # PulseAudio server uses this to acquire realtime priority. services.pipewire = { enable = true; alsa.enable = true; alsa.support32Bit = true; pulse.enable = true; # If you want to use JACK applications, uncomment this #jack.enable = true; # use the example session manager (no others are packaged yet so this is enabled by default, # no need to redefine it in your config for now) # media-session.enable = true; }; home-manager.useGlobalPkgs = true; home-manager.users.john.imports = with inputs.self.modules.homeManager; [ gnome desktop mysops rebuild { my-vscode.enable = true; mysops.hostSecretFile = "${flakeDir}/modules/hosts/john-p14s/secrets.yaml"; homeManagerFlakeDir = "${flakeDir}"; programs.bash.enable = lib.mkForce true; } ]; sops.defaultSopsFile = ./secrets.yaml; sops.age.sshKeyPaths = [ "${config.home-manager.users.john.home.homeDirectory}/.ssh/id_ed25519" ]; mtls = { enable = true; subject = hostname; }; }; }