Install pipewire

Install borgbackup tools
Don't clean cookies in librewolf
Merge nixos configuration and hardware configuration
This commit is contained in:
Pim Kunis 2024-05-25 16:37:37 +02:00
parent b6b5d8344c
commit e069bd25a2
3 changed files with 55 additions and 41 deletions

View file

@ -55,6 +55,7 @@
unstable.attic-client unstable.attic-client
unstable.hexchat unstable.hexchat
sbctl sbctl
borgbackup
]; ];
}; };
@ -118,6 +119,7 @@
"privacy.clearOnShutdown.downloads" = false; "privacy.clearOnShutdown.downloads" = false;
"browser.translations.automaticallyPopup" = false; "browser.translations.automaticallyPopup" = false;
"browser.aboutConfig.showWarning" = false; "browser.aboutConfig.showWarning" = false;
"privacy.clearOnShutdown.cookies" = false;
}; };
}; };
}; };

View file

@ -1,6 +1,4 @@
{ pkgs, config, lib, ... }: { { pkgs, config, lib, ... }: {
imports = [ ./hardware-configuration.nix ];
time.timeZone = "Europe/Amsterdam"; time.timeZone = "Europe/Amsterdam";
i18n.defaultLocale = "en_US.UTF-8"; i18n.defaultLocale = "en_US.UTF-8";
@ -18,6 +16,13 @@
enable = true; enable = true;
drivers = [ pkgs.hplip pkgs.gutenprint ]; drivers = [ pkgs.hplip pkgs.gutenprint ];
}; };
pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
}; };
users = { users = {
@ -62,9 +67,13 @@
programs.ssh.startAgent = true; programs.ssh.startAgent = true;
security.sudo.extraConfig = '' security = {
rtkit.enable = true;
sudo.extraConfig = ''
Defaults timestamp_timeout=30 Defaults timestamp_timeout=30
''; '';
};
nix = { nix = {
package = pkgs.nixFlakes; package = pkgs.nixFlakes;
@ -93,6 +102,8 @@
}; };
networking = { networking = {
useDHCP = lib.mkDefault true;
wg-quick.interfaces = { wg-quick.interfaces = {
home = { home = {
privateKeyFile = config.age.secrets.wg-quick-home-privkey.path; privateKeyFile = config.age.secrets.wg-quick-home-privkey.path;
@ -132,8 +143,42 @@
}; };
}; };
nixpkgs.config = { nixpkgs = {
hostPlatform = lib.mkDefault "x86_64-linux";
config = {
permittedInsecurePackages = [ "electron-25.9.0" ]; permittedInsecurePackages = [ "electron-25.9.0" ];
allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ "vmware-horizon-client" "libfprint-2-tod1-goodix" "vmware-workstation" ]; allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ "vmware-horizon-client" "libfprint-2-tod1-goodix" "vmware-workstation" ];
}; };
};
boot = {
kernelModules = [ "kvm-intel" ];
extraModulePackages = [ ];
initrd = {
availableKernelModules = [ "xhci_pci" "sd_mod" ];
kernelModules = [ ];
};
loader = {
efi.canTouchEfiVariables = true;
systemd-boot.enable = lib.mkForce false;
};
lanzaboote = {
enable = true;
pkiBundle = "/etc/secureboot";
};
kernel.sysctl = {
"net.core.default_qdisc" = "fq";
"net.ipv4.tcp_congestion_control" = "bbr";
};
};
hardware = {
cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
pulseaudio.enable = false;
};
} }

View file

@ -1,33 +0,0 @@
{ config, lib, modulesPath, ... }: {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot = {
kernelModules = [ "kvm-intel" ];
extraModulePackages = [ ];
initrd = {
availableKernelModules = [ "xhci_pci" "sd_mod" ];
kernelModules = [ ];
};
loader = {
efi.canTouchEfiVariables = true;
systemd-boot.enable = lib.mkForce false;
};
lanzaboote = {
enable = true;
pkiBundle = "/etc/secureboot";
};
kernel.sysctl = {
"net.core.default_qdisc" = "fq";
"net.ipv4.tcp_congestion_control" = "bbr";
};
};
networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}