# Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running 'nixos-help'). { config, pkgs, pkgs-unstable, inputs, configPath, hostname, hostTypes, lib, ... }: { imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix inputs.home-manager.nixosModules.default ]; # Bootloader. boot.loader.grub.enable = lib.mkDefault true; boot.loader.grub.devices = [ "nodev" ]; nix.settings.experimental-features = ["nix-command" "flakes"]; # Nix optimizations nix.optimise.automatic = true; nix.settings.auto-optimise-store = true; nix.gc = { automatic = true; dates = "weekly"; persistent = true; options = "--delete-older-than 30d"; }; networking.hostName = "buildbox"; # Define your hostname. # Enable networking networking.networkmanager.enable = true; virtualisation.docker.enable = true; # zram zramSwap = { enable = true; priority = 100; memoryPercent = 30; swapDevices = 1; algorithm = "zstd"; }; # Set your time zone. time.timeZone = "America/Los_Angeles"; # Select internationalisation properties. i18n.defaultLocale = "en_US.UTF-8"; i18n.extraLocaleSettings = { LC_ADDRESS = "en_US.UTF-8"; LC_IDENTIFICATION = "en_US.UTF-8"; LC_MEASUREMENT = "en_US.UTF-8"; LC_MONETARY = "en_US.UTF-8"; LC_NAME = "en_US.UTF-8"; LC_NUMERIC = "en_US.UTF-8"; LC_PAPER = "en_US.UTF-8"; LC_TELEPHONE = "en_US.UTF-8"; LC_TIME = "en_US.UTF-8"; }; # Disable X11 for servers services.xserver.enable = false; services.tailscale.enable = true; # Configure keymap in X11 services.xserver.xkb = { layout = "us"; variant = ""; }; # Enable CUPS to print documents. services.printing.enable = false; # Enable sound with pipewire. # hardware.pulseaudio.enable = false; #hardware.pulseaudio = { # enable = true; # package = pkgs.pulseaudioFull; #}; # Enable touchpad support (enabled default in most desktopManager). # services.xserver.libinput.enable = true; # VSCode-Server programs.nix-ld.enable = true; programs.nix-ld.libraries = with pkgs; [ stdenv.cc.cc.lib zlib glib libGL libGLU openssl ]; # Define a user account. Don't forget to set a password with ‘passwd’. programs.zsh.enable = true; users.users.rogueking = { isNormalUser = true; description = "rogueking"; extraGroups = [ "networkmanager" "wheel" "docker" ]; shell = pkgs.zsh; packages = with pkgs; []; }; users.users.cris = { isNormalUser = true; description = "cris"; extraGroups = [ "networkmanager" "wheel" "docker" ]; shell = pkgs.zsh; packages = with pkgs; []; }; # Install firefox. programs.firefox.enable = true; # Allow unfree packages nixpkgs.config.allowUnfree = true; security.polkit.enable = true; programs._1password.enable = true; programs._1password-gui = { enable = true; polkitPolicyOwners = [ "rogueking" ]; }; # Enable OpenSSH daemon services.openssh = { enable = true; ports = [ 22 ]; settings = { PasswordAuthentication = true; AllowUsers = [ "rogueking" "cris"]; UseDns = true; X11Forwarding = false; PermitRootLogin = "no"; MaxAuthTries = 8; }; }; users.users."rogueking".openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINXqriPZVIuduc/J7GS1mD171LL0gIbgEjlImsxedWVX" ]; users.users."cris".openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIlF9KmjGDL1/KX2YDAZe4E5rd0qMtrirEbFnE3CKmS+" ]; nixpkgs.config.permittedInsecurePackages = [ "qtwebengine-5.15.19" "python3.12-ecdsa-0.19.1" ]; # List packages installed in system profile. To search, run: # $ nix search wget environment.systemPackages = with pkgs; [ # System-level only — CLI tools moved to home-manager ]; home-manager = { extraSpecialArgs = { inherit configPath inputs pkgs-unstable hostname hostTypes ; }; users = { "rogueking" = import ./../../home-manager/home.nix; "cris" = import ./../../home-manager/cris-home.nix; }; backupFileExtension = "backup"; }; system.stateVersion = "25.11"; }