{ config, pkgs, ... }: { imports = [ ./hardware-configuration.nix ../common/configuration.nix ]; virtualisation.docker.enable = true; hardware = { bluetooth.enable = true; pulseaudio.enable = false; opengl = { enable = true; driSupport32Bit = true; extraPackages = with pkgs; [ intel-media-driver vaapiIntel ]; }; }; boot = { loader = { efi.canTouchEfiVariables = true; systemd-boot = { enable = true; consoleMode = "auto"; configurationLimit = 10; }; }; kernelPackages = pkgs.linuxPackages_latest; kernelParams = [ "quiet" "splash" "vga=current" "udev.log_level=3" "i915.enable_psr=0" "nvme.noacpi=1" "resume=/dev/disk/by-uuid/7e88d61f-5581-45fb-82f1-29a0e0caf4c0" ]; blacklistedKernelModules = [ "hid_sensor_hub" ]; supportedFilesystems = [ "ntfs" ]; loader.timeout = 0; initrd.verbose = false; consoleLogLevel = 0; plymouth.enable = true; }; networking = { hostName = "sijmen-framework"; networkmanager.enable = true; firewall = { allowedTCPPorts = [ 22 # ssh 22000 # syncthing sync 51414 # transmission 57621 # spotify connect ]; allowedUDPPorts = [ 21027 # syncthing discovery 22000 # syncthing sync 51820 # wireguard ]; }; wireguard.interfaces.wg0 = { ips = [ "10.100.0.4/32" ]; listenPort = 51820; privateKeyFile = "/home/sijmen/.config/wireguard-keys/private"; peers = [{ publicKey = "zu9vXxxg4wm0R4yWQ2HPaAwJbizuccGYbBB/StwSsm4="; allowedIPs = [ "10.100.0.0/24" ]; endpoint = "143.178.219.107:51820"; persistentKeepalive = 25; }]; }; }; services = { xserver = { enable = true; displayManager.gdm.enable = true; desktopManager.gnome.enable = true; }; syncthing = { overrideDevices = true; overrideFolders = true; devices = { nas.id = "5XADATO-6ZKNZFK-YIX2TU3-RTUOAXR-OMWOAH6-OIUB7LE-TWM5B3C-W2I2FQU"; desktop-fedora.id = "RE3BCEP-2FVDNPA-C72KDCX-5NRTLD4-DEJZAIX-PJAMJAN-LJDFHOY-WOXNPQW"; }; folders = { "vhuse-qjbcl" = { path = "${config.users.users.sijmen.home}/Sync"; devices = [ "nas" "desktop-fedora" ]; }; }; }; fprintd.enable = true; pipewire = { enable = true; alsa = { enable = true; support32Bit = true; }; pulse.enable = true; }; flatpak.enable = true; ratbagd.enable = true; logind.lidSwitchDocked = "suspend"; power-profiles-daemon.enable = false; tlp = { enable = true; settings = { CPU_ENERGY_PERF_POLICY_ON_AC = "64"; CPU_ENERGY_PERF_POLICY_ON_BAT = "140"; PCIE_ASPM_ON_BAT = "powersupersave"; }; }; }; security.pam.services.login.fprintAuth = true; environment = { gnome.excludePackages = (with pkgs; [ gnome-photos gnome-tour ]) ++ (with pkgs.gnome; [ atomix # puzzle game cheese # webcam epiphany # web browser geary # email reader gnome-calendar gnome-music hitori # sudoku game iagno # go game tali # poker game totem # video player ]); systemPackages = with pkgs; [ gnome.adwaita-icon-theme ifuse libimobiledevice libheif ]; }; programs.steam = { enable = true; remotePlay.openFirewall = true; dedicatedServer.openFirewall = true; }; nixpkgs.config.packageOverrides = pkgs: { vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; }; }; home-manager.users.sijmen.imports = [ ../common/dconf.nix ]; system.stateVersion = "22.05"; }