# Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page, on # https://search.nixos.org/options and in the NixOS manual (`nixos-help`). { config, lib, pkgs, ... }: { imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix ]; nixpkgs.config = { allowUnfree = true; android_sdk.accept_license = true; }; # Use the systemd-boot EFI boot loader. boot = { binfmt.emulatedSystems = [ "aarch64-linux" ]; plymouth = { enable = true; theme = "abstract_ring_alt"; themePackages = with pkgs; [ # By default we would install all themes (adi1090x-plymouth-themes.override { selected_themes = [ "abstract_ring_alt" ]; }) ]; }; # Enable "Silent boot" consoleLogLevel = 3; initrd.verbose = false; initrd.systemd.enable = true; kernelPackages = pkgs.linuxPackages_latest; kernelParams = [ "quiet" "splash" "boot.shell_on_fail" "udev.log_priority=3" "rd.systemd.show_status=auto" ]; # Hide the OS choice for bootloaders. # It's still possible to open the bootloader list by pressing any key # It will just not appear on screen unless a key is pressed loader.timeout = 0; loader.efi.canTouchEfiVariables = true; loader.systemd-boot.enable = lib.mkForce false; lanzaboote = { enable = true; pkiBundle = "/var/lib/sbctl"; }; }; networking.hostName = "kemptop"; networking.networkmanager = { enable = true; plugins = with pkgs; [ networkmanager-openvpn ]; }; # Set your time zone. time.timeZone = "Europe/Amsterdam"; # Configure network proxy if necessary # networking.proxy.default = "http://user:password@proxy:port/"; # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; nix = { extraOptions = '' experimental-features = nix-command flakes impure-derivations ca-derivations ''; }; users.users.kemp = { isNormalUser = true; extraGroups = [ "wheel" "adbusers" "wireshark" "networkmanager" ]; }; environment.systemPackages = with pkgs; [ wget usbutils inetutils pciutils git pkg-config openssl tree rustc cargo rustfmt edid-decode file acpica-tools ethtool cmake zip texlive.combined.scheme-full texpresso uv distrobox lshw sbctl adw-gtk3 inkscape traceroute nix-output-monitor dig # GUI programs android-studio-full zed-editor-fhs nautilus zoom-us spotify prismlauncher qdirstat zenmap mission-center seahorse texstudio (pkgs.wrapFirefox (pkgs.firefox-unwrapped.override { pipewireSupport = true;}) {}) google-chrome tor-browser zathura # Libreoffice libreoffice-qt hunspell hunspellDicts.de_AT hunspellDicts.en_US # fish shell setup fishPlugins.done fishPlugins.fzf-fish fishPlugins.forgit #fishPlugins.hydro fzf fishPlugins.grc grc # LSP nil nixd rust-analyzer #cargotom ]; environment.sessionVariables.COSMIC_DATA_CONTROL_ENABLED = 1; services.displayManager.cosmic-greeter.enable = true; services.displayManager.autoLogin = { enable = true; user = "kemp"; }; services.desktopManager.cosmic.enable = true; services.desktopManager.cosmic.xwayland.enable = true; services.fwupd.enable = true; services.pipewire.enable = true; services.fprintd.enable = true; services.flatpak.enable = true; services.printing.enable = true; services.printing.drivers = [ pkgs.hplipWithPlugin ]; services.avahi = { enable = true; nssmdns4 = true; openFirewall = true; }; services.gnome.gnome-keyring.enable = true; # secret service security.pam.services.login.enableGnomeKeyring = true; security.pam.services.login.fprintAuth = true; security.polkit.enable = true; # polkit programs.firefox.enable = true; programs.wireshark.enable = true; programs.wireshark.package = pkgs.wireshark; programs.adb.enable = true; programs.fish = { enable = true; interactiveShellInit = '' set fish_greeting # Disable greeting ''; }; programs.bash = { interactiveShellInit = '' if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]] then shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION="" exec ${pkgs.fish}/bin/fish $LOGIN_OPTION fi ''; }; virtualisation.podman = { enable = true; dockerCompat = true; }; systemd.user.extraConfig = '' DefaultEnvironment="PATH=/run/wrappers/bin:/home/%u/.nix-profile/bin:/nix/profile/bin:/home/%u/.local/state/nix/profile/bin:/etc/profiles/per-user/%u/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin" ''; powerManagement.powertop.enable = true; # This option defines the first version of NixOS you have installed on this particular machine, # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. # # Most users should NEVER change this value after the initial install, for any reason, # even if you've upgraded your system to a new NixOS release. # # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how # to actually do that. # # This value being lower than the current NixOS release does NOT mean your system is # out of date, out of support, or vulnerable. # # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, # and migrated your data accordingly. # # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . system.stateVersion = "25.05"; # Did you read the comment? }