From 7a372ed81256ce5d6aa608be9bebe173ab4e042e Mon Sep 17 00:00:00 2001
From: sefidel <contact@sefidel.net>
Date: Tue, 18 Jan 2022 17:38:31 +0900
Subject: project: rewrite

---
 nixos/alpha/configuration.nix | 148 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 148 insertions(+)
 create mode 100644 nixos/alpha/configuration.nix

(limited to 'nixos/alpha/configuration.nix')

diff --git a/nixos/alpha/configuration.nix b/nixos/alpha/configuration.nix
new file mode 100644
index 0000000..54ec24f
--- /dev/null
+++ b/nixos/alpha/configuration.nix
@@ -0,0 +1,148 @@
+{ config, pkgs, lib, ... }:
+
+{
+  imports = [ ];
+
+  security = {
+    protectKernelImage = true;
+    rtkit.enable = true;
+    sudo.wheelNeedsPassword = false;
+  };
+
+  boot.kernelPackages = pkgs.linuxPackages_xanmod;
+  boot.kernelParams = [
+    "nmi_watchdog=0"
+    "systemd.watchdog-device/dev/watchdog"
+  ];
+
+  # GRUB bootloader
+  boot.loader.efi.canTouchEfiVariables = true;
+  boot.loader.grub = {
+    enable = true;
+    version = 2;
+
+    efiSupport = true;
+    configurationLimit = 10;
+    devices = [ "nodev" ];
+    useOSProber = true;
+    # device = "/dev/disk/by-uuid/7905-2E41";
+    extraEntries = ''
+      menuentry "Reboot" {
+        reboot
+      }
+      menuentry "Shutdown" {
+        halt
+      }
+    '';
+  };
+
+  networking.hostName = "alpha";
+  networking.networkmanager.enable = true;
+  networking.useDHCP = false;
+  networking.firewall.enable = true;
+
+  i18n.defaultLocale = "en_US.UTF-8";
+
+  console.font = "Lat2-Terminus16";
+  console.keyMap = "us";
+
+  time.timeZone = "Asia/Seoul";
+
+  environment.systemPackages = with pkgs; [ gcc ];
+
+  services.openssh.enable = true;
+  services.openssh.passwordAuthentication = false;
+
+  sound.enable = true;
+  services.pipewire = {
+    enable = true;
+    alsa.enable = true;
+    alsa.support32Bit = true;
+    pulse.enable = true;
+  };
+
+  hardware.bluetooth.enable = true;
+
+  services.greetd = {
+    enable = true;
+
+    settings.default_session.command = "${pkgs.greetd.tuigreet}/bin/tuigreet -t -c sway";
+  };
+
+  # https://github.com/apognu/tuigreet/issues/17
+  systemd.services.greetd.unitConfig.After = lib.mkOverride 0 [ "multi-user.target" ];
+
+  services.journald.extraConfig = lib.mkForce "";
+
+  # HACK: fix treesitter
+  systemd.tmpfiles.rules = [
+    "L+ /lib/libstdc++.so.6 - - - - ${pkgs.stdenv.cc.cc.lib}/lib/libstdc++.so.6"
+  ];
+
+  systemd.extraConfig = "RebootWatchdogSec=5";
+
+  programs = {
+    sway = {
+      enable = true;
+      wrapperFeatures.gtk = true;
+
+      extraPackages = with pkgs; [
+        autotiling
+        alacritty
+        swaylock
+        swayidle
+        swaybg
+        wayland-utils
+        wl-clipboard
+        grim
+        slurp
+        sway-contrib.grimshot
+        waybar
+        bemenu
+        qt5.qtwayland
+        xdg_utils
+      ];
+    };
+
+    zsh.enable = true;
+    zsh.enableCompletion = false;
+  };
+
+  hardware.opengl.enable = true;
+  hardware.opengl.driSupport32Bit = true;
+  hardware.opengl.extraPackages = with pkgs; [ vaapiVdpau libvdpau-va-gl ];
+
+  xdg.portal = {
+    enable = true;
+    gtkUsePortal = true;
+    extraPortals = with pkgs; [
+      xdg-desktop-portal-gtk
+      xdg-desktop-portal-wlr
+    ];
+  };
+
+  virtualisation.libvirtd.enable = true;
+
+  sops.defaultSopsFile = ./secrets/secrets.yaml;
+  sops.secrets.spotify-password.owner = "boopy";
+
+  users.users = {
+    boopy = {
+      isNormalUser = true;
+      shell = pkgs.zsh;
+
+      extraGroups = [
+        "wheel"
+        "audio"
+        "networkmanager"
+        "libvirtd"
+      ];
+    };
+  };
+
+  # This value determines the NixOS release with which your system is to be
+  # compatible, in order to avoid breaking some software such as database
+  # servers. You should change this only after NixOS release notes say you
+  # should.
+  system.stateVersion = "22.05"; # Did you read the comment?
+}
-- 
cgit 1.4.1