{ config, pkgs, lib, inputs, ... }: let inherit (lib) types; cfg = config.mtxyz.platform; in { options.mtxyz.platform = { private = lib.mkOption { type = types.bool; default = false; }; portable = lib.mkOption { type = types.bool; default = false; }; minimal = lib.mkOption { type = types.bool; default = false; }; }; imports = [ ./users.nix ./podman.nix ./nebula.nix ]; config = { boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; boot.loader.systemd-boot.configurationLimit = 5; boot.initrd.systemd.enable = true; boot.kernelPackages = pkgs.linuxKernel.packages.linux_zen; services.fwupd.enable = true; environment.systemPackages = with pkgs; [ nvd nixpkgs-fmt nix-output-monitor coreutils mime-types file usbutils pciutils gitFull git-crypt ]; # Set your time zone. time.timeZone = "US/Eastern"; console = { font = "Lat2-Terminus16"; packages = [pkgs.terminus_font]; useXkbConfig = true; # use xkbOptions in tty. earlySetup = true; }; nix = let users = [ "root" config.mtxyz.user.name ]; in { gc = { automatic = true; options = "--delete-older-than 30d"; dates = "weekly"; }; settings = { allowed-users =[ "root" "@users" ]; auto-optimise-store = true; experimental-features = [ "nix-command" "flakes" ]; http-connections = 50; keep-derivations = true; keep-outputs = true; log-lines = 50; trusted-users = users; warn-dirty = false; }; registry = { nixpkgs.flake = inputs.nixpkgs; nixconf.flake = inputs.self; }; nixPath = [ "nixpkgs=flake:nixpkgs" "nixconf=flake:nixconf" ]; }; home-manager = { useGlobalPkgs = true; useUserPackages = true; backupFileExtension = "hm-bak"; users."${config.mtxyz.user.name}".mtxyz = { inherit (config.mtxyz) platform graphical; }; }; programs.neovim = { enable = true; defaultEditor = true; viAlias = true; vimAlias = true; configure = { packages.myVimPackage = with pkgs.vimPlugins; { start = [ vim-nix vim-lastplace vim-airline ]; opt = []; }; customRC = '' " custom vimrc set nocompatible set backspace=indent,eol,start " Turn on syntax highlighting by default syntax on set mouse=a set number " ... ''; }; }; # Run appimages normally boot.binfmt.registrations.appimage = { wrapInterpreterInShell = false; interpreter = "${pkgs.appimage-run}/bin/appimage-run"; recognitionType = "magic"; offset = 0; mask = ''\xff\xff\xff\xff\x00\x00\x00\x00\xff\xff\xff''; magicOrExtension = ''\x7fELF....AI\x02''; }; services.udev.packages = with pkgs; [ android-udev-rules platformio ]; services.tailscale.enable = lib.mkDefault cfg.private; # Dont start tailscale on boot, interferes with nebula but useful as a fallback. systemd.services.tailscaled.enable = lib.mkForce false; # Open ports for syncthing user service. networking.firewall = { enable = true; allowedTCPPorts = [ 22000 ]; allowedUDPPorts = [ 22000 ]; }; boot.binfmt.emulatedSystems = lib.optionals (!cfg.minimal) [ "aarch64-linux" "riscv64-linux" ]; # Inserts flake.nix shim on install. environment.etc."nixos/flake.nix" = { source = inputs.self + "/templates/shim/flake.nix"; mode = "0440"; }; # Disable these cuz they cause problems. see: https://github.com/NixOS/nixpkgs/issues/180175 systemd.services.NetworkManager-wait-online.enable = lib.mkForce false; systemd.services.systemd-networkd-wait-online.enable = lib.mkForce false; # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "22.11"; # Did you read the comment? }; }