103 lines
3 KiB
Nix
103 lines
3 KiB
Nix
{ config, pkgs, lib, inputs, ...}:{
|
|
|
|
imports = [
|
|
./hardware-configuration.nix
|
|
../generic.nix
|
|
];
|
|
|
|
hardware.bluetooth.enable = true;
|
|
services.blueman.enable = true;
|
|
|
|
boot.initrd.luks.devices = {
|
|
crypted = {
|
|
device = "/dev/disk/by-partuuid/5c614ca4-71bc-4ba7-a603-bf168f671533";
|
|
allowDiscards = true;
|
|
preLVM = true;
|
|
};
|
|
};
|
|
|
|
programs.firejail = {
|
|
enable = true;
|
|
wrappedBinaries = {
|
|
packettracer9 = {
|
|
executable = lib.getExe pkgs.ciscoPacketTracer9;
|
|
|
|
# Will still want a .desktop entry as the package is not directly added
|
|
desktop = "${pkgs.ciscoPacketTracer9}/share/applications/cisco-packet-tracer-9.desktop";
|
|
|
|
extraArgs = [
|
|
# This should make it run in isolated netns, preventing internet access
|
|
"--net=none"
|
|
|
|
# firejail is only needed for network isolation so no futher profile is needed
|
|
"--noprofile"
|
|
|
|
# Packet tracer doesn't play nice with dark QT themes so this
|
|
# should unset the theme. Uncomment if you have this issue.
|
|
''--env=QT_STYLE_OVERRIDE=""''
|
|
];
|
|
};
|
|
};
|
|
};
|
|
|
|
services.upower.enable = true;
|
|
services.power-profiles-daemon.enable = true;
|
|
|
|
services.xserver.xkb = {
|
|
layout = lib.mkForce "gb";
|
|
variant = lib.mkForce "colemak";
|
|
};
|
|
|
|
console.useXkbConfig = true;
|
|
console.earlySetup = true;
|
|
|
|
programs.bash.shellAliases = {
|
|
nano = "nvim";
|
|
};
|
|
|
|
services.displayManager.ly = {
|
|
enable = true;
|
|
settings.animation = "colormix";
|
|
};
|
|
|
|
boot.kernelModules = [ "kvm-intel" "vhost_vsock" "vfio_virqfd" "vhost-net" "vfio_pci" "vfio_iommu_type1" "vfio"];
|
|
boot.kernelParams = [ "intel_iommu=on" "iommu=pt" "i915.force_probe=!7d51" "xe.force_probe=7d51" ];
|
|
|
|
services.printing.enable = true;
|
|
services.printing.drivers = [pkgs.gutenprint];
|
|
|
|
programs.virt-manager.enable = true;
|
|
users.groups.libvirtd.members = ["alyx"];
|
|
virtualisation.libvirtd.enable = true;
|
|
virtualisation.libvirtd.onBoot = "ignore";
|
|
virtualisation.libvirtd.onShutdown = "shutdown";
|
|
virtualisation.libvirtd.qemu.package = pkgs.qemu_kvm;
|
|
virtualisation.libvirtd.qemu.swtpm.enable = true;
|
|
virtualisation.libvirtd.qemu.runAsRoot = true;
|
|
virtualisation.spiceUSBRedirection.enable = true;
|
|
|
|
users.users."qemu-libvirtd" = {
|
|
extraGroups = [ "kvm" "input" ];
|
|
isSystemUser = true;
|
|
};
|
|
|
|
environment.systemPackages = with pkgs; [
|
|
ciscoPacketTracer9
|
|
inputs.bar-rs.packages.${pkgs.stdenv.hostPlatform.system}.default
|
|
|
|
];
|
|
|
|
|
|
boot.kernelPackages = pkgs.linuxKernel.packages.linux_xanmod_latest;
|
|
|
|
hardware.graphics.extraPackages = with pkgs; [vpl-gpu-rt mesa.opencl libvdpau-va-gl intel-media-driver intel-vaapi-driver libva-vdpau-driver vulkan-validation-layers];
|
|
hardware.graphics.extraPackages32 = with pkgs; [driversi686Linux.mesa.opencl];
|
|
|
|
|
|
users.users.${config.var.username} = {
|
|
description = "Alyx Wren";
|
|
extraGroups = [ "networkmanager" "wheel" "camera" "input" "adbusers" "inputs" "uinput" "pipewire" "kvm" "qemu-libvirt" "qemu-libvirtd" "lxd" "libvirtd" ];
|
|
};
|
|
}
|
|
|
|
|