{ self, pkgs, lib, inputs, config, ... }: { options = { pim.cosmic.enable = lib.mkEnableOption "cosmic"; }; config = { pim = { lanzaboote.enable = true; tidal.enable = true; gnome.enable = true; stylix.enable = true; wireguard.enable = true; compliance.enable = true; sops-nix.usersWithSopsKeys = ["pim"]; }; users.users.pim = { isNormalUser = true; extraGroups = ["wheel" "docker" "input" "wireshark" "dialout"]; }; deployment = { allowLocalDeployment = true; targetHost = null; tags = ["desktop"]; }; facter.reportPath = ./facter.json; home-manager.users.pim.imports = [./pim.home.nix]; nix.settings.trusted-users = ["pim"]; system.stateVersion = "23.05"; sops.defaultSopsFile = "${self}/secrets/sue/nixos.yaml"; boot.kernelPackages = pkgs.unstable.linuxKernel.packages.linux_6_12; environment.systemPackages = with pkgs; [ borgbackup kubectl nmap poppler_utils # For pdfunite silicon units ]; virtualisation = { libvirtd.enable = true; docker = { enable = true; rootless = { enable = true; setSocketVariable = true; }; }; }; swapDevices = [{device = "/dev/disk/by-uuid/96a43c35-0174-4e92-81f0-168a5f601f0b";}]; fileSystems = { "/" = { device = "/dev/disk/by-uuid/31638735-5cc4-4013-8037-17e30edcbb0a"; fsType = "ext4"; }; "/boot" = { device = "/dev/disk/by-uuid/560E-F8A2"; fsType = "vfat"; options = ["fmask=0022" "dmask=0022"]; }; }; nix.settings = { substituters = ["https://cosmic.cachix.org/"]; trusted-public-keys = ["cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE="]; }; boot.initrd.luks.devices."luks-8ffd3129-4908-4209-98c4-4eb68a35c494".device = "/dev/disk/by-uuid/8ffd3129-4908-4209-98c4-4eb68a35c494"; specialisation.cosmic = lib.mkIf config.pim.cosmic.enable { configuration = { imports = [ inputs.nixos-cosmic.nixosModules.default ]; services = { desktopManager.cosmic.enable = true; displayManager.cosmic-greeter.enable = true; }; }; }; }; }