seanaye.bsky.social / nixos-config
me like nix
0
Fork 0

Configure Feed

Select the types of activity you want to include in your feed.

nixos-config / hosts / common / common.nix
at 2a91ec2e1542dc9047c12f08312a444d7eb94e27 5.8 kB View raw
Sean Aye add yubikey signing
881a723a
1{ pkgs, ... }: 2 3let 4 berkeley-mono-typeface = pkgs.callPackage ../../berkely-mono/berkeley.nix { }; 5in 6{ 7 8 nix.settings.experimental-features = [ 9 "nix-command" 10 "flakes" 11 ]; 12 nix.settings.download-buffer-size = 268435456; 13 14 hardware.bluetooth.enable = true; 15 hardware.bluetooth.powerOnBoot = true; 16 services.blueman.enable = true; 17 18 # Bootloader. 19 boot.loader.systemd-boot.enable = true; 20 boot.loader.efi.canTouchEfiVariables = true; 21 22 services.fwupd.enable = true; 23 # Use latest kernel. 24 boot.kernelPackages = pkgs.linuxPackages_latest; 25 26 # Fix USB disconnection issues with Dell U4025QW Thunderbolt dock 27 # Disables autosuspend and LPM for Dell hub (vendor ID: 1d5c, product ID: 5801) 28 # boot.kernelParams = [ "usbcore.quirks=1d5c:5801:gk" ]; 29 # If USB disconnects persist, try disabling UCSI ACPI instead: 30 # boot.kernelParams = [ "module_blacklist=ucsi_acpi" ]; 31 32 # Enable networking 33 networking.networkmanager.enable = true; 34 35 # Set your time zone. 36 # time.timeZone = "America/New_York"; 37 time.timeZone = "America/Toronto"; 38 39 # Select internationalisation properties. 40 i18n.defaultLocale = "en_US.UTF-8"; 41 42 i18n.extraLocaleSettings = { 43 LC_ADDRESS = "en_US.UTF-8"; 44 LC_IDENTIFICATION = "en_US.UTF-8"; 45 LC_MEASUREMENT = "en_US.UTF-8"; 46 LC_MONETARY = "en_US.UTF-8"; 47 LC_NAME = "en_US.UTF-8"; 48 LC_NUMERIC = "en_US.UTF-8"; 49 LC_PAPER = "en_US.UTF-8"; 50 LC_TELEPHONE = "en_US.UTF-8"; 51 LC_TIME = "en_US.UTF-8"; 52 }; 53 54 # Font configuration 55 fonts = { 56 fontDir.enable = true; 57 fontconfig = { 58 enable = true; 59 defaultFonts = { 60 monospace = [ 61 "BerkeleyMono Nerd Font" 62 "BerkeleyMono" 63 ]; 64 }; 65 }; 66 packages = with pkgs; [ 67 berkeley-mono-typeface 68 ]; 69 }; 70 71 programs.niri = { 72 enable = true; 73 }; 74 75 services.greetd = { 76 enable = true; 77 settings = { 78 default_session = { 79 command = "${pkgs.tuigreet}/bin/tuigreet --time --cmd niri-session"; 80 user = "greeter"; 81 }; 82 }; 83 }; 84 85 # Enable CUPS to print documents. 86 services.printing.enable = true; 87 88 security.polkit.enable = true; 89 security.rtkit.enable = true; 90 services.pipewire = { 91 enable = true; 92 alsa.enable = true; 93 alsa.support32Bit = true; 94 pulse.enable = true; 95 # If you want to use JACK applications, uncomment this 96 #jack.enable = true; 97 98 # use the example session manager (no others are packaged yet so this is enabled by default, 99 # no need to redefine it in your config for now) 100 #media-session.enable = true; 101 }; 102 103 services.udisks2.enable = true; 104 services.tailscale.enable = true; 105 services.pcscd.enable = true; # Smart card daemon for Yubikey 106 107 security.pam.u2f = { 108 enable = true; 109 control = "sufficient"; 110 cue = true; 111 }; 112 security.pam.services.sudo.u2fAuth = true; 113 114 programs.yubikey-touch-detector.enable = true; 115 116 # ZSA Keyboard udev rules for Oryx web flashing and live training 117 services.udev.extraRules = '' 118 # Rules for Oryx web flashing and live training 119 KERNEL=="hidraw*", ATTRS{idVendor}=="16c0", MODE="0664", GROUP="plugdev" 120 KERNEL=="hidraw*", ATTRS{idVendor}=="3297", MODE="0664", GROUP="plugdev" 121 122 # Legacy rules for live training over webusb (Not needed for firmware v21+) 123 # Rule for all ZSA keyboards 124 SUBSYSTEM=="usb", ATTR{idVendor}=="3297", GROUP="plugdev" 125 # Rule for the Moonlander 126 SUBSYSTEM=="usb", ATTR{idVendor}=="3297", ATTR{idProduct}=="1969", GROUP="plugdev" 127 # Rule for the Ergodox EZ 128 SUBSYSTEM=="usb", ATTR{idVendor}=="feed", ATTR{idProduct}=="1307", GROUP="plugdev" 129 # Rule for the Planck EZ 130 SUBSYSTEM=="usb", ATTR{idVendor}=="feed", ATTR{idProduct}=="6060", GROUP="plugdev" 131 132 # Wally Flashing rules for the Ergodox EZ 133 ATTRS{idVendor}=="16c0", ATTRS{idProduct}=="04[789B]?", ENV{ID_MM_DEVICE_IGNORE}="1" 134 ATTRS{idVendor}=="16c0", ATTRS{idProduct}=="04[789A]?", ENV{MTP_NO_PROBE}="1" 135 SUBSYSTEMS=="usb", ATTRS{idVendor}=="16c0", ATTRS{idProduct}=="04[789ABCD]?", MODE:="0666" 136 KERNEL=="ttyACM*", ATTRS{idVendor}=="16c0", ATTRS{idProduct}=="04[789B]?", MODE:="0666" 137 138 # Keymapp / Wally Flashing rules for the Moonlander and Planck EZ 139 SUBSYSTEMS=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="df11", MODE:="0666", SYMLINK+="stm32_dfu" 140 # Keymapp Flashing rules for the Voyager 141 SUBSYSTEMS=="usb", ATTRS{idVendor}=="3297", MODE:="0666", SYMLINK+="ignition_dfu" 142 # USB serial device access via Chrome/Chromium 143 KERNEL=="ttyUSB[0-9]*", MODE:="0666", GROUP="dialout" 144 KERNEL=="ttyACM[0-9]*", MODE:="0666", GROUP="dialout" 145 ''; 146 147 # Define a user account. Don't forget to set a password with ‘passwd’. 148 users.groups.storage = { }; 149 users.groups.plugdev = { }; 150 users.users.sean = { 151 isNormalUser = true; 152 description = "Sean Aye"; 153 extraGroups = [ 154 "docker" 155 "networkmanager" 156 "wheel" 157 "video" 158 "disk" 159 "storage" 160 "input" 161 "plugdev" 162 "dialout" 163 ]; 164 shell = pkgs.fish; 165 }; 166 167 programs.steam = { 168 enable = true; 169 remotePlay.openFirewall = true; 170 gamescopeSession.enable = true; 171 extraCompatPackages = with pkgs; [ 172 proton-ge-bin 173 ]; 174 }; 175 176 programs.gamemode.enable = true; 177 178 programs.gamescope = { 179 enable = true; 180 }; 181 182 programs.fish.enable = true; 183 programs._1password.enable = true; 184 programs._1password-gui = { 185 enable = true; 186 polkitPolicyOwners = [ "sean" ]; 187 }; 188 189 virtualisation.docker.enable = true; 190 191 # Allow unfree packages 192 nixpkgs.config.allowUnfree = true; 193 194 # List packages installed in system profile. To search, run: 195 # $ nix search wget 196 environment.systemPackages = with pkgs; [ 197 wl-clipboard 198 ]; 199 environment.variables = { 200 EDITOR = "hx"; 201 VISUAL = "hx"; 202 SUDO_EDITOR = "hx"; 203 }; 204}