nixos-config/config/desktop.nix

{
  system,
  nix-packages,
  config,
  pkgs,
  lib,
  ...
} @ args: let
  lockscreen-all = pkgs.writeScript "lockscreen-all" ''
    #!${pkgs.bash}/bin/bash

    if ${pkgs.coreutils}/bin/[ -z "$(${pkgs.usbutils}/bin/lsusb | grep Yubico)" ]; then
      ${pkgs.systemd}/bin/loginctl list-sessions | ${pkgs.gnugrep}/bin/grep '^\ ' | ${pkgs.gawk}/bin/awk '{print $1}' | ${pkgs.findutils}/bin/xargs -i ${pkgs.systemd}/bin/loginctl lock-session {}
    fi
  '';
in {
  imports = [
    ./services/pipewire.nix
    ./desktop-secrets.nix
    ./services/cups.nix
    ./services/docker.nix
    ./services/cifs.nix
  ];
  fonts = {
    fontDir.enable = true;
    fontconfig = {
      enable = true;
      defaultFonts = {
        emoji = ["Noto Color Emoji"];
        monospace = ["Fira Code" "Font Awesome 5 Free"];
        sansSerif = ["Noto Sans" "Font Awesome 5 Free"];
        serif = ["Noto Serif" "Font Awesome 5 Free"];
      };
    };
    fonts = with pkgs; [
      fira-code
      fira-code-symbols
      font-awesome
      noto-fonts
      noto-fonts-cjk
      noto-fonts-emoji
      noto-fonts-extra
      (nerdfonts.override {fonts = ["FiraCode" "DroidSansMono" "Noto"];})
      nix-packages.packages.${system}.nasin-nanpa
      nix-packages.packages.${system}.fairfax-hd
    ];
  };
  fonts.fontconfig.localConf = ''
    <?xml version="1.0"?>
    <!DOCTYPE fontconfig SYSTEM "fonts.dtd">
    <fontconfig>
      <match target="scan">
        <test name="family">
          <string>Fairfax HD</string>
        </test>
        <edit name="spacing">
          <int>100</int>
        </edit>
      </match>
    </fontconfig>
  '';

  time.timeZone = "Etc/GMT-1"; # Confusing naming, it's 1 hour east of GMT
  services.pcscd.enable = true;

  security.pam = {
    services.login.u2fAuth = true;
    services.sddm.u2fAuth = true;
    services.swaylock.u2fAuth = true;
    u2f = {
      enable = true;
      control = "required";
    };
  };
  services.udev.extraRules = ''
    ACTION=="remove", ENV{ID_VENDOR_ID}=="1050", ENV{ID_MODEL_ID}=="0407", RUN+="${lockscreen-all}"
    SUBSYSTEM=="usb", ATTRS{idVendor}=="e621", ATTRS{idProduct}=="0000", TAG+="uaccess"
    SUBSYSTEM=="hidraw*", ATTRS{idVendor}=="e621", ATTRS{idProduct}=="0000", TAG+="uaccess"
    SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", ATTRS{idVendor}=="057e", ATTRS{idProduct}=="0337", TAG+="uaccess"
    SUBSYSTEM=="hidraw*", ATTRS{idVendor}=="057e", ATTRS{idProduct}=="0306", TAG+="uaccess"
    SUBSYSTEM=="hidraw*", ATTRS{idVendor}=="057e", ATTRS{idProduct}=="0330", TAG+="uaccess"
  '';
  services.udev.packages = [pkgs.dolphinEmuMaster];
  programs.steam.enable = system == "x86_64-linux";
  nixpkgs.overlays = [
    (curr: prev: {
      steam = prev.steam.override {
        extraPkgs = pkgs:
          with pkgs; [
            mono
            fuse
          ];
      };
    })
  ];
  services.flatpak.enable = true;
  programs.java.enable = true;
  hardware.opengl.driSupport = true;
  hardware.opengl.driSupport32Bit = lib.mkForce (system == "x86_64-linux");
  home-manager.users.darkkirb = import ./home-manager/darkkirb.nix {
    desktop = true;
    inherit args;
  };

  # For syncthing
  networking.firewall.allowedTCPPorts = [22000];
  networking.firewall.allowedUDPPorts = [22000];

  environment.systemPackages = with pkgs; [
    pinentry-qt
    dolphinEmuMaster
  ];
  programs.gnupg.agent.pinentryFlavor = "qt";

  xdg.portal = {
    enable = true;
    wlr.enable = true;
    # gtk portal needed to make gtk apps happy
    extraPortals = [pkgs.xdg-desktop-portal-gtk];
  };
  programs.dconf.enable = true;
  services.xserver = {
    enable = true;
    libinput.enable = true;
    layout = "de";
    xkbVariant = "neo";
    displayManager.lightdm.enable = lib.mkForce false;
  };
  boot.kernelPackages = pkgs.zfsUnstable.latestCompatibleLinuxPackages;
  i18n.inputMethod = {
    enabled = "ibus";
    ibus.engines = with pkgs.ibus-engines; [anthy];
  };
  security.polkit.enable = true;
  services.dbus.enable = true;
  services.dbus.packages = with pkgs; [dconf];
  # Futureproofing: on non-x86 machines, emulate x86
  boot.binfmt.emulatedSystems =
    if system != "x86_64-linux"
    then [
      "x86_64-linux"
      "i686-linux"
    ]
    else [];
}
reformat repo 2022-06-12 16:39:15 +01:00			`{`
add fairfax hd 2022-06-14 07:42:42 +01:00			`system,`
			`nix-packages,`
reformat repo 2022-06-12 16:39:15 +01:00			`config,`
			`pkgs,`
reinstall nutty-noon 2023-02-18 09:56:19 +01:00			`lib,`
reformat repo 2022-06-12 16:39:15 +01:00			`...`
			`} @ args: let`
try to add u2f and also lock screen when yubikey is removed 2022-02-02 20:01:25 +01:00			`lockscreen-all = pkgs.writeScript "lockscreen-all" ''`
			`#!${pkgs.bash}/bin/bash`

			`if ${pkgs.coreutils}/bin/[ -z "$(${pkgs.usbutils}/bin/lsusb \| grep Yubico)" ]; then`
			`${pkgs.systemd}/bin/loginctl list-sessions \| ${pkgs.gnugrep}/bin/grep '^\ ' \| ${pkgs.gawk}/bin/awk '{print $1}' \| ${pkgs.findutils}/bin/xargs -i ${pkgs.systemd}/bin/loginctl lock-session {}`
			`fi`
			`'';`
reformat repo 2022-06-12 16:39:15 +01:00			`in {`
Add desktop fonts 2022-01-18 13:55:16 +00:00			`imports = [`
add pipewire 2022-01-18 20:57:00 +01:00			`./services/pipewire.nix`
Add .aws/credentials 2022-05-11 19:34:55 +01:00			`./desktop-secrets.nix`
Add cups 2022-05-25 09:36:03 +01:00			`./services/cups.nix`
feat(thinkrac): ✨ Add docker 2022-12-08 11:57:08 +01:00			`./services/docker.nix`
Add smb mount support 2022-12-31 10:52:01 +01:00			`./services/cifs.nix`
Add desktop fonts 2022-01-18 13:55:16 +00:00			`];`
??? 2023-01-06 10:28:49 +01:00			`fonts = {`
			`fontDir.enable = true;`
			`fontconfig = {`
			`enable = true;`
			`defaultFonts = {`
Use x86_64-linux wine on all arches 2023-01-12 14:21:58 +01:00			`emoji = ["Noto Color Emoji"];`
			`monospace = ["Fira Code" "Font Awesome 5 Free"];`
			`sansSerif = ["Noto Sans" "Font Awesome 5 Free"];`
			`serif = ["Noto Serif" "Font Awesome 5 Free"];`
??? 2023-01-06 10:28:49 +01:00			`};`
			`};`
			`fonts = with pkgs; [`
			`fira-code`
			`fira-code-symbols`
			`font-awesome`
			`noto-fonts`
			`noto-fonts-cjk`
			`noto-fonts-emoji`
			`noto-fonts-extra`
			`(nerdfonts.override {fonts = ["FiraCode" "DroidSansMono" "Noto"];})`
			`nix-packages.packages.${system}.nasin-nanpa`
			`nix-packages.packages.${system}.fairfax-hd`
			`];`
			`};`
make fairfax hd detected as a monospace font 2022-06-14 08:28:08 +01:00			`fonts.fontconfig.localConf = ''`
			`<?xml version="1.0"?>`
			`<!DOCTYPE fontconfig SYSTEM "fonts.dtd">`
			`<fontconfig>`
			`<match target="scan">`
			`<test name="family">`
			`<string>Fairfax HD</string>`
			`</test>`
			`<edit name="spacing">`
			`<int>100</int>`
			`</edit>`
			`</match>`
			`</fontconfig>`
			`'';`
switch to fcitx 2022-06-14 12:50:10 +01:00
set timezone 2022-01-18 16:19:54 +00:00			`time.timeZone = "Etc/GMT-1"; # Confusing naming, it's 1 hour east of GMT`
add pcscd 2022-02-02 10:58:25 +01:00			`services.pcscd.enable = true;`
try to add u2f and also lock screen when yubikey is removed 2022-02-02 20:01:25 +01:00
			`security.pam = {`
			`services.login.u2fAuth = true;`
			`services.sddm.u2fAuth = true;`
Revert "switch to kde" This reverts commit aa8b568e9bb5a3b7c56ee2b00f505b60c0e34625. 2022-12-31 10:18:40 +01:00			`services.swaylock.u2fAuth = true;`
try to add u2f and also lock screen when yubikey is removed 2022-02-02 20:01:25 +01:00			`u2f = {`
			`enable = true;`
make u2f required 2022-02-02 20:19:50 +01:00			`control = "required";`
try to add u2f and also lock screen when yubikey is removed 2022-02-02 20:01:25 +01:00			`};`
			`};`
			`services.udev.extraRules = ''`
			`ACTION=="remove", ENV{ID_VENDOR_ID}=="1050", ENV{ID_MODEL_ID}=="0407", RUN+="${lockscreen-all}"`
update udev rules 2022-11-08 12:56:28 +01:00			`SUBSYSTEM=="usb", ATTRS{idVendor}=="e621", ATTRS{idProduct}=="0000", TAG+="uaccess"`
			`SUBSYSTEM=="hidraw*", ATTRS{idVendor}=="e621", ATTRS{idProduct}=="0000", TAG+="uaccess"`
			`SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", ATTRS{idVendor}=="057e", ATTRS{idProduct}=="0337", TAG+="uaccess"`
			`SUBSYSTEM=="hidraw*", ATTRS{idVendor}=="057e", ATTRS{idProduct}=="0306", TAG+="uaccess"`
			`SUBSYSTEM=="hidraw*", ATTRS{idVendor}=="057e", ATTRS{idProduct}=="0330", TAG+="uaccess"`
try to add u2f and also lock screen when yubikey is removed 2022-02-02 20:01:25 +01:00			`'';`
add dolphin emu 2023-03-10 20:25:51 +01:00			`services.udev.packages = [pkgs.dolphinEmuMaster];`
only use steam on x86_64 2023-03-27 19:59:49 +01:00			`programs.steam.enable = system == "x86_64-linux";`
Add mono to steam packages 2022-02-08 12:10:50 +01:00			`nixpkgs.overlays = [`
			`(curr: prev: {`
			`steam = prev.steam.override {`
reformat repo 2022-06-12 16:39:15 +01:00			`extraPkgs = pkgs:`
			`with pkgs; [`
			`mono`
add fuse to the steam env 2022-09-18 16:57:51 +01:00			`fuse`
reformat repo 2022-06-12 16:39:15 +01:00			`];`
Add mono to steam packages 2022-02-08 12:10:50 +01:00			`};`
			`})`
			`];`
add flatpak 2022-09-18 17:24:45 +01:00			`services.flatpak.enable = true;`
add java 2022-02-22 07:59:53 +01:00			`programs.java.enable = true;`
feat: check in grapejuice config 2022-03-05 20:16:12 +01:00			`hardware.opengl.driSupport = true;`
use mkForce for the dri support 2023-03-27 19:47:36 +01:00			`hardware.opengl.driSupport32Bit = lib.mkForce (system == "x86_64-linux");`
reformat repo 2022-06-12 16:39:15 +01:00			`home-manager.users.darkkirb = import ./home-manager/darkkirb.nix {`
			`desktop = true;`
			`inherit args;`
			`};`
feat: Switch to ibus 2022-03-20 14:38:52 +01:00
Unblock syncthing ports 2022-04-06 08:22:37 +01:00			`# For syncthing`
reformat repo 2022-06-12 16:39:15 +01:00			`networking.firewall.allowedTCPPorts = [22000];`
			`networking.firewall.allowedUDPPorts = [22000];`
update sway config 2022-07-06 07:59:56 +01:00
add with pkgs; 2022-08-14 19:11:45 +01:00			`environment.systemPackages = with pkgs; [`
Squash theme issues maybe 2023-01-10 21:05:07 +01:00			`pinentry-qt`
add dolphin emu 2023-03-10 20:25:51 +01:00			`dolphinEmuMaster`
update sway config 2022-07-06 07:59:56 +01:00			`];`
Squash theme issues maybe 2023-01-10 21:05:07 +01:00			`programs.gnupg.agent.pinentryFlavor = "qt";`
update sway config 2022-07-06 07:59:56 +01:00
			`xdg.portal = {`
			`enable = true;`
			`wlr.enable = true;`
			`# gtk portal needed to make gtk apps happy`
fixeval 2022-07-06 11:50:25 +01:00			`extraPortals = [pkgs.xdg-desktop-portal-gtk];`
update sway config 2022-07-06 07:59:56 +01:00			`};`
fix build 2022-07-06 19:08:58 +01:00			`programs.dconf.enable = true;`
reenable sddm 2022-07-10 09:34:55 +01:00			`services.xserver = {`
			`enable = true;`
			`libinput.enable = true;`
			`layout = "de";`
			`xkbVariant = "neo";`
reinstall nutty-noon 2023-02-18 09:56:19 +01:00			`displayManager.lightdm.enable = lib.mkForce false;`
reenable sddm 2022-07-10 09:34:55 +01:00			`};`
fix(thinkrac): Enable bluetooth on thinkrac 2022-12-11 20:43:40 +01:00			`boot.kernelPackages = pkgs.zfsUnstable.latestCompatibleLinuxPackages;`
add ibus 2022-11-08 10:03:55 +01:00			`i18n.inputMethod = {`
			`enabled = "ibus";`
			`ibus.engines = with pkgs.ibus-engines; [anthy];`
			`};`
fix eval 2023-01-01 14:38:29 +01:00			`security.polkit.enable = true;`
??? 2023-01-06 10:28:49 +01:00			`services.dbus.enable = true;`
Use x86_64-linux wine on all arches 2023-01-12 14:21:58 +01:00			`services.dbus.packages = with pkgs; [dconf];`
			`# Futureproofing: on non-x86 machines, emulate x86`
			`boot.binfmt.emulatedSystems =`
			`if system != "x86_64-linux"`
			`then [`
			`"x86_64-linux"`
			`"i686-linux"`
			`]`
			`else [];`
Add desktop fonts 2022-01-18 13:55:16 +00:00			`}`