env-nixos/configuration.nix
Chad 730eaf9faa
Finalize Working Version (#1)
* Add more GNOME helpers.

* Fix typo, adjust output.

* Update readme.

* Add more programs and a TBD.

* Add OpenJDK 8 as well.

* More programs, fix mlocate, start working on GNOME settings.

* Add success message.

* Fixing favorites, for some reason the files are different on NixOS than systems using Ansible.

* Add cron. Start working on header details.

* Modify Python configuration for ansible playbooks.

* More work on Python. Still not getting success with psutil.

* NixOS, python, and psutil are still being dumb with ansible.

* Add imagemagick for compressing file sizes.

* Automatically create backups the first time this is run each day.

* Create an example file.

* More comments, SSHD config, a few fixes, some TBDs, and general reorganization.

* Add a disclaimer.

* Make the file look more like a developer wrote it.

* Try adding wallets. Exodus seems broken. Monero works.

* Start trying a different route for dconf settings. May require "home manager".

* Add Docker.

* Create a static and ansible file. Import them, and give examples of what they are for.

* Add comments brainstorming how to do the different setups.

* Add home-manager. Still no luck with dconf. Not in Ansible either.

* Add godot.

* Add zsh.

* Move to Godot4.

* Remove extra space.

* Add balena etcher for USB sticks.

* Remove etcher, seems to have broken ability to update or install anything.

* Add a bittorrent client.

* Remove excess ssh ports. They were probably for testing.
2023-10-17 04:33:40 -07:00

413 lines
12 KiB
Nix
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
###############################################################################
# Helpful Documentation
#
# NixOS Manual:
# https://nixos.org/manual/nixos/stable/
#
# NixOS All Options:
# https://nixos.org/manual/nixos/stable/options.html
#
# Option Search:
# https://search.nixos.org/options
#
# Package Search:
# https://search.nixos.org/packages
###############################################################################
###############################################################################
# TBD
# Make each section is own $.nix file and include it based on Ansible checks.
###############################################################################
{ config, pkgs, nix, ... }:
{
#############################################################################
# System Configuration
#############################################################################
imports =[
# Include the results of the hardware scan.
./hardware-configuration.nix
# Include any static entries that are handled outside of this project.
./static.nix
# Include anything that Ansible has created.
./ansible.nix
# Home Manager.
<home-manager/nixos>
];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
#############################################################################
# System Package Configuration
#############################################################################
# Bootloader.
boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/sda";
boot.loader.grub.useOSProber = true;
# Setup keyfile
boot.initrd.secrets = {
"/crypto_keyfile.bin" = null;
};
# Enable grub cryptodisk
boot.loader.grub.enableCryptodisk=true;
# TBD: Does not work. Goes in "nix.conf"?
#nix.extraOptions = "
# --extra-experimental-features
#";
#############################################################################
# General Networking Configuration
#############################################################################
# Enable networking
networking.networkmanager.enable = true;
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# TBD: Should this be here?
boot.initrd.luks.devices."luks-39ae7203-d5af-47bf-95f6-b4f0eefebfc6".keyFile = "/crypto_keyfile.bin";
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
#############################################################################
# Locale
#############################################################################
# Set your time zone.
time.timeZone = "America/Phoenix";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "en_US.UTF-8";
LC_IDENTIFICATION = "en_US.UTF-8";
LC_MEASUREMENT = "en_US.UTF-8";
LC_MONETARY = "en_US.UTF-8";
LC_NAME = "en_US.UTF-8";
LC_NUMERIC = "en_US.UTF-8";
LC_PAPER = "en_US.UTF-8";
LC_TELEPHONE = "en_US.UTF-8";
LC_TIME = "en_US.UTF-8";
};
#############################################################################
# User Setup
#############################################################################
# Define a user account. Don't forget to set a password with passwd.
users.users.ling = {
isNormalUser = true;
description = "Hyperling";
extraGroups = [ "networkmanager" "wheel" "sudo" "mlocate" "docker" ];
#packages = with pkgs; [
# #firefox
# #thunderbird
#];
};
#############################################################################
# Desktop Environment
#############################################################################
# Enable the X11 windowing system.
services.xserver.enable = true;
# Enable the GNOME Desktop Environment.
services.xserver.displayManager.gdm.enable = true;
services.xserver.desktopManager.gnome.enable = true;
# Remove the GNOME default packages.
#services.gnome.core-utilities.enable = false;
###
# GSettings, DConf type stuff.
##
# https://nixos.wiki/wiki/GNOME
#services.xserver.desktopManager.gnome = {
# extraGSettingsOverrides = ''
# # Favorite apps in gnome-shell
# [org.gnome.shell]
# favorite-apps= \
# [ 'org.gnome.Terminal.desktop', 'gnome-system-monitor.desktop' \
# , 'org.gnome.Nautilus.desktop' \
# , 'librewolf.desktop', 'firefox.desktop' \
# , 'org.gnome.Evolution.desktop', 'deltachat.desktop' \
# , 'codium.desktop' \
# , 'org.shotcut.Shotcut.desktop', 'lbry.desktop' \
# , 'android-studio.desktop' \
# , 'signal-desktop.desktop' \
# ]
#
# # TBD Need to finish figuring out how to load these.
# [org.gnome.shell.extensions.dash-to-dock]
# dock-position='LEFT'
# dock-fixed=true
# dash-max-icon-size=28
# '';
#
# extraGSettingsOverridePackages = [
# pkgs.gnome.gnome-shell # for org.gnome.shell, not sure if it works TBD.
# #pkgs.gnomeExtensions.dash-to-dock # TBD Not sure what to do here yet.
# ];
#};
# Maybe try this?
# https://hoverbear.org/blog/declarative-gnome-configuration-in-nixos/
#programs.dconf.enable = true;
#dconf.settings = {
# "org/gnome/shell/" = {
# favorite-apps = [
# "org.gnome.Terminal.desktop"
# "gnome-system-monitor.desktop"
# "org.gnome.Nautilus.desktop"
# "librewolf.desktop"
# "firefox.desktop"
# "org.gnome.Evolution.desktop"
# "deltachat.desktop"
# "codium.desktop"
# "org.shotcut.Shotcut.desktop"
# "lbry.desktop"
# "android-studio.desktop"
# "signal-desktop.desktop"
# ];
# };
#};
# Or this?
# https://rycee.gitlab.io/home-manager/index.html#sec-install-nixos-module
# https://rycee.gitlab.io/home-manager/options.html#opt-dconf.settings
#programs.dconf.enable = true;
#home-manager.users.ling = { pkgs, ... }: {
#
# home.packages = [ pkgs.atool pkgs.httpie ];
#
# dconf.settings = {
# "/org/gnome/shell/extensions/dash-to-dock" = {
# dock-position = "'LEFT'";
# dock-fixed = true;
# dash-max-icon-size = 24;
# };
# };
#
#};
##
# Configure keymap in X11
services.xserver = {
layout = "us";
xkbVariant = "altgr-intl";
};
# Enable CUPS to print documents.
services.printing.enable = true;
# Enable sound with pipewire.
sound.enable = true;
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# If you want to use JACK applications, uncomment this
#jack.enable = true;
# use the example session manager (no others are packaged yet so this is enabled by default,
# no need to redefine it in your config for now)
#media-session.enable = true;
};
# Enable touchpad support (enabled default in most desktopManager).
# services.xserver.libinput.enable = true;
#############################################################################
# Package Management
#############################################################################
# Allow unfree packages
nixpkgs.config.allowUnfree = true;
###
# List packages installed in system profile.
##
# To search for names, run `nix search wget` or use the website in the header.
environment.systemPackages = with pkgs; [
###
# General
##
#ansible # try installing under Python then maybe it can use psutil?
vim
mlocate
git
curl
sudo
doas
wget
nmap
lynis
htop
neofetch
cowsay
cron
zsh
# Python Setup
# Main documentation
# https://nixos.org/manual/nixpkgs/stable/#python
# See what modules are available, and which Python they are attached to:
# ls -l $(find "$(dirname $(which python))/.." -name site-packages)
# Looks like 3.10, not 3.11 like was being installed. So annoying!
# https://discourse.nixos.org/t/python3-not-importing-modules/22061/2
#python3
(python3.withPackages(ps: with ps; [
pip # Works fine! Can access via `pip` or `python -m pip`.
psutil # Not working. Not in path nor `-m`. Maybe not supposed to be, but ansible dconf module still saying "ModuleNotFoundError: No module named 'psutil'" Maybe add to ansible's python somehow?
ansible # Nope, not accessible!!! WHAT!!!
ansible-core # It's here! Thanks https://pypi.org/project/ansible/, psutil still not available though!!!!!!!!!!!!!
]))
#python3Packages.pip
#python3Packages.psutil # This does not work either, nor any 310 type versions.
#python3Packages.ansible # This does not work either, nor any 310 type versions.
###
###
# Coding
##
vscodium
android-studio
dbeaver
bash
kotlin
nodejs
ksh
zsh
zulu # OpenJDK
#zulu8 # OpenJDK 8
#python2
#python
#godot # If using C#
godot_4 # If using Godot Script
###
###
# Editing
##
gimp
shotcut
openshot-qt
obs-studio
ffmpeg
###
###
# Workstation
##
gnomeExtensions.dash-to-dock
gnome.nautilus
gnome.gnome-tweaks
gnome.dconf-editor
#gnome.gnome-terminal # This does not theme well and is different from Console.
gnome.gnome-system-monitor
gnome.gedit
gnome.geary
gnome.evince
librewolf
firefox
evolution
deltachat-desktop
signal-desktop
lbry
libreoffice
vlc
remmina
imagemagick
#etcher # Broken as of 20231013, uses too old a version of Electron.
transmission
# Wallets
#exodus # Not being found, 403 error.
monero-gui
###
###
# Server
##
# Not needed, prefer setting 'virtualisation.docker.enable'.
#docker
#docker-buildx
#docker-compose
###
];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
## List services that you want to enable ##
# Configure the OpenSSH daemon.
services.openssh = {
enable = true;
ports = [
22
];
settings = {
PermitRootLogin = "no";
AllowTcpForwarding = "no";
ClientAliveInterval = 60;
ClientAliveCountMax = 2;
Compression = "no";
LogLevel = "VERBOSE";
MaxAuthTries = 3;
MaxSessions = 2;
TCPKeepAlive = "no";
X11Forwarding = false;
AllowAgentForwarding = "no";
PermitEmptyPasswords = "no";
};
};
#############################################################################
# Non-System Package Configuration
#############################################################################
# Be able to use the locate command.
services.locate.locate = pkgs.mlocate;
services.locate.localuser = null;
services.locate.enable = true;
# Docker
virtualisation.docker.enable = true;
}