john/dendritic
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
718aa466b64a57dc9c59fadb4f59c102bc3e76e9
dendritic/modules/hosts/john-p14s/configuration.nix
T
John Lancaster e9d585f8d0 shell-tools update
2026-04-19 14:02:35 -05:00

145 lines
4.7 KiB
Nix
Raw Blame History

{ self, inputs, ... }:
{
flake.modules.nixos.p14sConfiguration = { config, pkgs, lib, ... }:
let
hostname = "john-p14s";
homeDirectory = config.home-manager.users.john.home.homeDirectory;
flakeDir = "${homeDirectory}/Documents/dendritic";
selfPkgs = inputs.self.packages.${pkgs.stdenv.hostPlatform.system};
in
{
imports = [
self.modules.nixos.p14sHardware
];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nixpkgs.config = {
permittedInsecurePackages = [ "openssl-1.1.1w" ];
allowUnfree = true;
};
rebuild.flakeDir = flakeDir;
networking = {
hostName = hostname;
networkmanager.enable = true;
};
# Enable automatic login for the user.
# services.displayManager.autoLogin.enable = true;
# services.displayManager.autoLogin.user = "john";
programs.zsh.enable = true;
services.openssh.enable = true;
services.tailscale.enable = true;
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
samba
selfPkgs.my-neovim
selfPkgs.wg-platform
];
security.pam.services.swaylock = {};
security.pam.services.swaylock.fprintAuth = true;
programs._1password.enable = true;
programs._1password-gui = {
enable = true;
# Certain features, including CLI integration and system authentication support,
# require enabling PolKit integration on some desktop environments (e.g. Plasma).
polkitPolicyOwners = [ "john" ];
# TODO this should not be a hardcoded username
};
# This is needed for VSCode remote support. Read: https://nixos.wiki/wiki/Visual_Studio_Code
programs.nix-ld.enable = true;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. It's perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "24.05"; # Did you read the comment?
# Set your time zone.
time.timeZone = "America/Chicago";
# Select internationalisation properties.
i18n = {
defaultLocale = "en_US.UTF-8";
extraLocaleSettings = {
LC_ADDRESS = "en_US.UTF-8";
LC_IDENTIFICATION = "en_US.UTF-8";
LC_MEASUREMENT = "en_US.UTF-8";
LC_MONETARY = "en_US.UTF-8";
LC_NAME = "en_US.UTF-8";
LC_NUMERIC = "en_US.UTF-8";
LC_PAPER = "en_US.UTF-8";
LC_TELEPHONE = "en_US.UTF-8";
LC_TIME = "en_US.UTF-8";
};
};
services.libinput.enable = true; # Enable touchpad support (enabled default in most desktopManager).
services.fprintd.enable = true; # Enables fingerprint sensor
# Enable sound with pipewire.
services.pulseaudio.enable = false;
security.rtkit.enable = true; # PulseAudio server uses this to acquire realtime priority.
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# If you want to use JACK applications, uncomment this
#jack.enable = true;
# use the example session manager (no others are packaged yet so this is enabled by default,
# no need to redefine it in your config for now)
# media-session.enable = true;
};
home-manager.users.root = {
imports = with inputs.self.modules.homeManager; [
rebuild
];
home.stateVersion = "25.11";
};
home-manager.users.john.imports = with inputs.self.modules.homeManager; [
gnome
desktop
mysops
rebuild
{
my-vscode.enable = true;
mysops.hostSecretFile = "${flakeDir}/modules/hosts/john-p14s/secrets.yaml";
homeManagerFlakeDir = "${flakeDir}";
shell.program = "zsh";
home.packages = with pkgs; [
bash
discord
my-neovim
proton-vpn
joplin-desktop
];
ssh.certificates.enable = true;
ssh.matchSets = {
appdaemon = true;
homelab = true;
dev = true;
certs = true;
};
}
];
sops.defaultSopsFile = ./secrets.yaml;
sops.age.sshKeyPaths = [ "${homeDirectory}/.ssh/id_ed25519" ];
mtls = {
enable = true;
subject = hostname;
};
};
}
Reference in New Issue View Git Blame Copy Permalink