modules/system.nix at main · anglesideangle.dev/system

personal nixos config and packages
system / modules / system.nix
at main 3.9 kB view raw
  1{
  2  lib,
  3  pkgs,
  4  config,
  5  modulesPath,
  6  ...
  7}:
  8{
  9  # imports = [ "${modulesPath}/profiles/perlless.nix" ];
 10  # stuff to remove perl
 11  # system.disableInstallerTools = true;
 12  system.tools.nixos-generate-config.enable = lib.mkDefault false;
 13  environment.defaultPackages = lib.mkDefault [ ];
 14  # documentation.info.enable = lib.mkDefault false;
 15  # documentation.nixos.enable = lib.mkDefault false;
 16
 17
 18  nix.settings = {
 19    experimental-features = [
 20      "nix-command"
 21      "flakes"
 22      "ca-derivations"
 23    ];
 24    trusted-users = [ "root" ];
 25    allowed-users = [ "@wheel" ];
 26    auto-optimise-store = true;
 27  };
 28
 29  nix.gc = {
 30    automatic = true;
 31    dates = "daily";
 32  };
 33
 34  # nix.optimise = {
 35  #   automatic = true;
 36  #   dates = "daily";
 37  # };
 38
 39  # improve laptop responsiveness during rebuilds
 40  # nix.daemonCPUSchedPolicy = "idle";
 41
 42  # nix.channel.enable = false;
 43  # nix.nixPath = [ "nixpkgs=/etc/nixos/nixpkgs" ];
 44
 45  # environment.etc = {
 46  #   "nixos/nixpkgs".source = builtins.storePath pkgs.path;
 47  # };
 48
 49  hardware.enableRedistributableFirmware = true;
 50
 51  documentation.man = {
 52    enable = true;
 53    man-db.enable = false;
 54    mandoc.enable = true;
 55  };
 56
 57  # nixpkgs.hostPlatform = {
 58  #   system = "x86_64-linux";
 59  #   gcc.arch = "znver4";
 60  #   gcc.tune = "znver4";
 61  # };
 62
 63  security.sudo.enable = false;
 64
 65  # Use the systemd-boot EFI boot loader.
 66  boot.loader.systemd-boot = {
 67    enable = true;
 68    configurationLimit = 4;
 69  };
 70  boot.loader.efi.canTouchEfiVariables = true;
 71
 72  boot.initrd.systemd.enable = true;
 73
 74  system.etc.overlay = {
 75    enable = true;
 76    mutable = true;
 77  };
 78
 79  boot.tmp.cleanOnBoot = true;
 80  boot.tmp.useTmpfs = true;
 81  systemd.services.nix-daemon = {
 82    environment.TMPDIR = "/var/tmp";
 83  };
 84
 85  security.lockKernelModules = true;
 86  security.protectKernelImage = true;
 87
 88  # will break / experimental
 89  systemd.enableStrictShellChecks = true;
 90
 91  # i wonder if this is a good idea
 92  zramSwap = {
 93    enable = true;
 94    algorithm = "zstd";
 95  };
 96
 97  services.dbus.implementation = "broker";
 98
 99  # prevent freezing on high loads
100  services.irqbalance.enable = true;
101  services.earlyoom.enable = true;
102
103  programs.nh = {
104    enable = true;
105    flake = "/home/asa/system";
106  };
107
108  # Set your time zone.
109  time.timeZone = "America/New_York";
110
111  # latest (lts) kernel?
112  boot.kernelPackages = pkgs.linuxPackages_latest;
113  # hardware.framework.enableKmod = false;
114
115  # Select internationalisation properties.
116  i18n.defaultLocale = "en_US.UTF-8";
117
118  # For framework
119  services.fwupd.enable = true;
120
121  # User accounts
122  # users.mutableUsers = false;
123  services.userborn.enable = true;
124  users.users.asa = {
125    isNormalUser = true;
126    extraGroups = [
127      "wheel"
128      "networkmanager"
129      "video"
130      "kvm"
131      "dialout"
132    ];
133  };
134
135  hardware.graphics.enable = true;
136
137  # This option defines the first version of NixOS you have installed on this particular machine,
138  # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
139  #
140  # Most users should NEVER change this value after the initial install, for any reason,
141  # even if you've upgraded your system to a new NixOS release.
142  #
143  # This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
144  # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how
145  # to actually do that.
146  #
147  # This value being lower than the current NixOS release does NOT mean your system is
148  # out of date, out of support, or vulnerable.
149  #
150  # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
151  # and migrated your data accordingly.
152  #
153  # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
154  system.stateVersion = "24.11"; # Did you read the comment?
155}