{ config, pkgs, lib, ... }: { imports = [ ]; security = { rtkit.enable = true; doas.enable = true; doas.wheelNeedsPassword = false; sudo.wheelNeedsPassword = false; pam.services = { login.gnupg.enable = true; login.gnupg.storeOnly = true; greetd.gnupg.enable = true; greetd.gnupg.storeOnly = true; swaylock.gnupg.enable = true; i3lock.gnupg.enable = true; i3lock-color.gnupg.enable = true; }; }; boot.kernelPackages = pkgs.linuxPackages_6_0; boot.kernelParams = [ "nohibernate" "nmi_watchdog=0" "systemd.watchdog-device/dev/watchdog" ]; boot.initrd.supportedFilesystems = [ "zfs" ]; boot.supportedFilesystems = [ "zfs" ]; boot.zfs.enableUnstable = true; # GRUB bootloader boot.loader.efi.canTouchEfiVariables = true; boot.loader.grub = { enable = true; version = 2; efiSupport = true; configurationLimit = 10; device = "nodev"; useOSProber = true; copyKernels = true; extraEntries = '' menuentry "Reboot" { reboot } menuentry "Shutdown" { halt } ''; }; boot.initrd.postDeviceCommands = lib.mkAfter '' zfs rollback -r rpool/local/root@blank ''; networking.hostName = "alpha"; networking.hostId = "641a7b10"; networking.networkmanager.enable = true; networking.useDHCP = false; networking.firewall.enable = true; i18n.defaultLocale = "en_US.UTF-8"; i18n.inputMethod.enabled = "kime"; i18n.inputMethod.kime.config = { engine = { global_hotkeys = { C-Space = { behavior = { Toggle = [ "Hangul" "Latin" ]; }; result = "Consume"; }; AltR = { behavior = "Ignore"; result = "Bypass"; }; }; }; }; console.font = "${pkgs.dina-font}/share/fonts/misc/DinaMedium10.pcf.gz"; console.colors = [ "151515" "cf6a4c" "99ad6a" "dfa358" "8197bf" "b3a3ff" "8fbfdc" "cbc0ab" "333333" "d98870" "adbd88" "e5b579" "9aaccc" "c2b5ff" "a5cce3" "d5cdbc" ]; console.keyMap = "us"; time.timeZone = "Asia/Seoul"; environment.systemPackages = with pkgs; [ gcc gnumake ]; services.zfs.trim.enable = true; services.zfs.autoScrub.enable = true; services.zfs.autoScrub.pools = [ "rpool" ]; services.openssh.enable = true; services.openssh.passwordAuthentication = false; services.openssh.hostKeys = [ { path = "/persist/ssh/ssh_host_ed25519_key"; type = "ed25519"; } { path = "/persist/ssh/ssh_host_rsa_key"; type = "rsa"; bits = 4096; } ]; sound.enable = false; services.pipewire = { enable = true; alsa.enable = true; alsa.support32Bit = true; pulse.enable = true; }; hardware.bluetooth.enable = true; services.printing.enable = true; services.printing.drivers = [ pkgs.gutenprint pkgs.samsung-unified-linux-driver pkgs.brgenml1lpr pkgs.brgenml1cupswrapper ]; nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ "samsung-UnifiedLinuxDriver" "brgenml1lpr" ]; services.greetd = { enable = true; settings.default_session.command = "${pkgs.greetd.tuigreet}/bin/tuigreet -t -c sway"; }; # https://github.com/apognu/tuigreet/issues/17 systemd.services.greetd.unitConfig.After = lib.mkOverride 0 [ "multi-user.target" ]; services.journald.extraConfig = lib.mkForce ""; systemd.extraConfig = "RebootWatchdogSec=5"; fonts = { fontDir.enable = true; fonts = with pkgs; [ bitmap-font-collections cozette dina-font envypn-font iosevka-pure-bin nanum-gothic nanum-myeongjo readable-cherry sarasa-gothic siji jetbrains-mono tamzen twemoji-color-font terminus-font-ll2-td1 emacs-all-the-icons-fonts (nerdfonts.override { fonts = [ "Iosevka" "JetBrainsMono" ]; }) ]; fontconfig = { enable = true; defaultFonts = { serif = [ "Sarasa Gothic C" "Sarasa Gothic J" "Sarasa Gothic K" ]; sansSerif = [ "Sarasa Gothic C" "Sarasa Gothic J" "Sarasa Gothic K" ]; monospace = [ "Dina" "Terminus" "cherry" "Iosevka Pure" "Iosevka Nerd Font" "JetBrainsMono Nerd Font" ]; emoji = [ "Siji" "Twitter Color Emoji" ]; }; }; }; programs = { sway.enable = true; sway.extraPackages = lib.mkForce [ ]; zsh.enable = true; zsh.enableCompletion = false; }; hardware.opengl.enable = true; hardware.opengl.driSupport32Bit = true; hardware.opengl.extraPackages = with pkgs; [ vaapiVdpau libvdpau-va-gl ]; xdg.portal = { enable = true; extraPortals = with pkgs; [ xdg-desktop-portal-gtk xdg-desktop-portal-wlr ]; }; users.mutableUsers = false; fileSystems."/persist".neededForBoot = true; users.users = { root.passwordFile = "/persist/passwords/root"; zach = { isNormalUser = true; shell = pkgs.zsh; passwordFile = "/persist/passwords/zach"; extraGroups = [ "wheel" "audio" "networkmanager" ]; }; }; # This value determines the NixOS release with which your system is to be # compatible, in order to avoid breaking some software such as database # servers. You should change this only after NixOS release notes say you # should. system.stateVersion = "22.05"; # Did you read the comment? }