From e069bd25a2e26965689731b8e01fdfbb1ec9b451 Mon Sep 17 00:00:00 2001 From: Pim Kunis Date: Sat, 25 May 2024 16:37:37 +0200 Subject: [PATCH] Install pipewire Install borgbackup tools Don't clean cookies in librewolf Merge nixos configuration and hardware configuration --- home-manager/default.nix | 2 ++ nixos/default.nix | 61 +++++++++++++++++++++++++++----- nixos/hardware-configuration.nix | 33 ----------------- 3 files changed, 55 insertions(+), 41 deletions(-) delete mode 100644 nixos/hardware-configuration.nix diff --git a/home-manager/default.nix b/home-manager/default.nix index af8880f..a7f5a25 100644 --- a/home-manager/default.nix +++ b/home-manager/default.nix @@ -55,6 +55,7 @@ unstable.attic-client unstable.hexchat sbctl + borgbackup ]; }; @@ -118,6 +119,7 @@ "privacy.clearOnShutdown.downloads" = false; "browser.translations.automaticallyPopup" = false; "browser.aboutConfig.showWarning" = false; + "privacy.clearOnShutdown.cookies" = false; }; }; }; diff --git a/nixos/default.nix b/nixos/default.nix index aeef2a4..5e5c4aa 100644 --- a/nixos/default.nix +++ b/nixos/default.nix @@ -1,6 +1,4 @@ { pkgs, config, lib, ... }: { - imports = [ ./hardware-configuration.nix ]; - time.timeZone = "Europe/Amsterdam"; i18n.defaultLocale = "en_US.UTF-8"; @@ -18,6 +16,13 @@ enable = true; drivers = [ pkgs.hplip pkgs.gutenprint ]; }; + + pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; }; users = { @@ -62,9 +67,13 @@ programs.ssh.startAgent = true; - security.sudo.extraConfig = '' - Defaults timestamp_timeout=30 - ''; + security = { + rtkit.enable = true; + + sudo.extraConfig = '' + Defaults timestamp_timeout=30 + ''; + }; nix = { package = pkgs.nixFlakes; @@ -93,6 +102,8 @@ }; networking = { + useDHCP = lib.mkDefault true; + wg-quick.interfaces = { home = { privateKeyFile = config.age.secrets.wg-quick-home-privkey.path; @@ -132,8 +143,42 @@ }; }; - nixpkgs.config = { - permittedInsecurePackages = [ "electron-25.9.0" ]; - allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ "vmware-horizon-client" "libfprint-2-tod1-goodix" "vmware-workstation" ]; + nixpkgs = { + hostPlatform = lib.mkDefault "x86_64-linux"; + + config = { + permittedInsecurePackages = [ "electron-25.9.0" ]; + allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ "vmware-horizon-client" "libfprint-2-tod1-goodix" "vmware-workstation" ]; + }; + }; + + boot = { + kernelModules = [ "kvm-intel" ]; + extraModulePackages = [ ]; + + initrd = { + availableKernelModules = [ "xhci_pci" "sd_mod" ]; + kernelModules = [ ]; + }; + + loader = { + efi.canTouchEfiVariables = true; + systemd-boot.enable = lib.mkForce false; + }; + + lanzaboote = { + enable = true; + pkiBundle = "/etc/secureboot"; + }; + + kernel.sysctl = { + "net.core.default_qdisc" = "fq"; + "net.ipv4.tcp_congestion_control" = "bbr"; + }; + }; + + hardware = { + cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + pulseaudio.enable = false; }; } diff --git a/nixos/hardware-configuration.nix b/nixos/hardware-configuration.nix deleted file mode 100644 index c278552..0000000 --- a/nixos/hardware-configuration.nix +++ /dev/null @@ -1,33 +0,0 @@ -{ config, lib, modulesPath, ... }: { - imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - - boot = { - kernelModules = [ "kvm-intel" ]; - extraModulePackages = [ ]; - - initrd = { - availableKernelModules = [ "xhci_pci" "sd_mod" ]; - kernelModules = [ ]; - }; - - loader = { - efi.canTouchEfiVariables = true; - systemd-boot.enable = lib.mkForce false; - }; - - lanzaboote = { - enable = true; - pkiBundle = "/etc/secureboot"; - }; - - kernel.sysctl = { - "net.core.default_qdisc" = "fq"; - "net.ipv4.tcp_congestion_control" = "bbr"; - }; - }; - - networking.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -}