blob: fcaf896cc9c8c472acae48578384d3e0863ddfab (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
|
{ me, pkgs, auxiliaryPkgs, ... }:
{
imports = [
./nix.nix
./user.nix
./locale.nix
./vim.nix
./tmux.nix
./gnome.nix
./fonts.nix
./flatpak.nix
./libreoffice.nix
./electronics.nix
./hardware-keys.nix
./nix-ld.nix
];
services.envfs.enable = true;
virtualisation.libvirtd.enable = true;
# fish enables this by default,
# it makes every nixos rebuild very slow.
# NOTE: enabled for now, although will
# be switched up with a bespoke solution soon!
documentation.man.generateCaches = true;
documentation = {
info.enable = true;
doc.enable = true;
dev.enable = true;
nixos = {
enable = true;
includeAllModules = true;
};
};
networking.hostName = me.name;
# use corsac dns server
networking.nameservers =
let
corsacTailnet = "100.64.100.100";
in
[ corsacTailnet ];
services.resolved.enable = true;
services = {
acpid.enable = true;
sysprof.enable = true;
tailscale = {
enable = true;
useRoutingFeatures = "both";
extraUpFlags = [ "--ssh" ];
};
# sometimes needed for gnupg
pcscd.enable = true;
};
programs = {
steam = {
enable = true;
remotePlay.openFirewall = true;
};
virt-manager.enable = true;
fish.enable = true;
git.enable = true;
ghidra = {
enable = true;
package = auxiliaryPkgs.ghidra;
gdb = true;
};
adb.enable = true;
gnupg.agent = {
enable = true;
enableSSHSupport = true;
pinentryPackage = pkgs.pinentry-gnome3;
};
};
environment.systemPackages = (with pkgs; [
file unzip jq dig htop wget screen
gnupg pinentry-gnome3 age agenix minisign openssl cryptsetup pamtester
bitwarden-desktop bitwarden-cli
inetutils pciutils usbutils lshw lsof inxi iw pmutils acpi acpid
minicom miniserve netcat-gnu socat tcpdump nmap iftop iperf mtr arp-scan ethtool
sysprof wireshark seer mitmproxy hardinfo2 remmina
vlc celluloid foliate calibre
yt-dlp ffmpeg_7-full handbrake mpv helvum
gimp krita aseprite rnote fontforge-gtk
blender inkscape obs-studio darktable davinci-resolve
orca-slicer
renderdoc
audacity musescore muse-sounds-manager reaper bitwig-studio
ungoogled-chromium librewolf lagrange
senpai signal-desktop alpaca newsflash
qemu_full virtiofsd
openvpn openvpn3 update-resolv-conf
transmission_4-gtk fragments
xorg.xeyes wl-clipboard
ripgrep hyperfine parallel just fzf bat delta eza fd tokei didyoumean
universal-ctags compiledb graphviz
python3 uv ruff
nodejs_22 deno yarn
rustc rustup cargo rustfmt
go gopls delve go-task gotags golangci-lint
meson cmake gnumake ninja gdb gcc clang clang-tools
hare haredoc
jdk maven gradle
nil nixfmt-rfc-style direnv
nixpkgs-review nixpkgs-fmt nixpkgs-lint-community
helix alacritty ghostty
androidStudioPackages.dev
winetricks bottles
scrcpy apfs-fuse nfs-utils
ubootTools dtc cloud-utils
borgbackup pika-backup
prismlauncher xonotic
man-pages man-pages-posix
]) ++ (with auxiliaryPkgs; [
# TODO: need fixes for 25.05
# retroarch wine
ngfx
]);
environment.etc.openvpn.source = "${pkgs.update-resolv-conf}/libexec/openvpn";
}
|
