{ config, pkgs, ... }: let greetdSwayConfig = pkgs.writeText "greetd-sway-config" '' # `-l` activates layer-shell mode. Notice that `swaymsg exit` will run after gtkgreet. exec "${pkgs.greetd.gtkgreet}/bin/gtkgreet -l -c sway; swaymsg exit" bindsym Mod4+shift+e exec swaynag \ -t warning \ -m 'What do you want to do?' \ -b 'Poweroff' 'systemctl poweroff' \ -b 'Reboot' 'systemctl reboot' ''; in { imports = [ ./hardware-configuration.nix ../common/configuration.nix ]; virtualisation = { virtualisation.docker.enable = true; virtualisation.libvirtd.enable = true; virtualisation.spiceUSBRedirection.enable = true; #virtualisation.waydroid.enable = true; #virtualisation.lxd.enable = true; }; hardware = { bluetooth.enable = true; pulseaudio.enable = false; opengl = { enable = true; driSupport32Bit = true; extraPackages = with pkgs; [ intel-media-driver vaapiIntel ]; }; }; boot = { loader = { efi.canTouchEfiVariables = true; systemd-boot = { enable = true; consoleMode = "auto"; configurationLimit = 10; }; }; kernelPackages = pkgs.linuxPackages_latest; kernelParams = [ "quiet" "splash" "vga=current" "udev.log_level=3" "i915.enable_psr=1" "nvme.noacpi=1" "resume=/dev/disk/by-uuid/7e88d61f-5581-45fb-82f1-29a0e0caf4c0" ]; blacklistedKernelModules = [ "hid_sensor_hub" ]; supportedFilesystems = [ "ntfs" ]; loader.timeout = 0; initrd.verbose = false; consoleLogLevel = 0; plymouth.enable = true; }; networking = { hostName = "sijmen-framework"; networkmanager.enable = true; firewall = { allowedTCPPorts = [ 22 # ssh 22000 # syncthing sync 51414 # transmission 57621 # spotify connect 1313 8000 8080 ]; allowedUDPPorts = [ 21027 # syncthing discovery 22000 # syncthing sync 51820 # wireguard ]; }; wireguard.interfaces.wg0 = { ips = [ "10.100.0.4/32" ]; listenPort = 51820; privateKeyFile = "/home/sijmen/.config/wireguard-keys/private"; peers = [{ publicKey = "zu9vXxxg4wm0R4yWQ2HPaAwJbizuccGYbBB/StwSsm4="; allowedIPs = [ "10.100.0.0/24" ]; endpoint = "143.178.219.107:51820"; persistentKeepalive = 25; }]; }; }; environment.etc."greetd/environments".text = '' sway bash ''; services = { greetd = { enable = true; settings = { default_session.command = "${pkgs.sway}/bin/sway --config ${greetdSwayConfig}"; }; }; syncthing = { overrideDevices = true; overrideFolders = true; devices = { nas.id = "5XADATO-6ZKNZFK-YIX2TU3-RTUOAXR-OMWOAH6-OIUB7LE-TWM5B3C-W2I2FQU"; desktop-fedora.id = "RE3BCEP-2FVDNPA-C72KDCX-5NRTLD4-DEJZAIX-PJAMJAN-LJDFHOY-WOXNPQW"; }; folders = { "vhuse-qjbcl" = { path = "${config.users.users.sijmen.home}/Sync"; devices = [ "nas" "desktop-fedora" ]; }; }; }; pipewire = { enable = true; alsa = { enable = true; support32Bit = true; }; pulse.enable = true; }; tlp = { enable = true; settings = { CPU_ENERGY_PERF_POLICY_ON_AC = "64"; CPU_ENERGY_PERF_POLICY_ON_BAT = "140"; PCIE_ASPM_ON_BAT = "powersupersave"; # Bus 001 Device 040: ID 1050:0407 Yubico.com Yubikey 4/5 OTP+U2F+CCID # Bus 001 Device 038: ID 32ac:0002 Framework HDMI Expansion Card USB_ALLOWLIST="1050:0407 32ac:0002"; }; }; avahi = { enable = true; nssmdns = true; openFirewall = true; }; fwupd.extraRemotes = [ "lvfs-testing" ]; fprintd.enable = true; ratbagd.enable = true; logind.lidSwitchDocked = "suspend"; power-profiles-daemon.enable = false; }; security.pam.services.login.fprintAuth = true; security.pam.services.swaylock = {}; security.polkit.enable = true; environment = { gnome.excludePackages = (with pkgs; [ gnome-photos gnome-tour ]) ++ (with pkgs.gnome; [ atomix # puzzle game cheese # webcam epiphany # web browser geary # email reader gnome-calendar gnome-music hitori # sudoku game iagno # go game tali # poker game totem # video player ]); systemPackages = with pkgs; [ gnome.adwaita-icon-theme ifuse libimobiledevice libheif ]; }; programs.steam = { enable = true; remotePlay.openFirewall = true; dedicatedServer.openFirewall = true; }; nixpkgs.config = { packageOverrides = pkgs: { vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; }; }; permittedInsecurePackages = [ "electron-18.1.0" ]; }; home-manager.users.sijmen.imports = [ ../common/dconf.nix ]; system.stateVersion = "22.05"; }