nixos-config/config/desktop.nix

156 lines
4.3 KiB
Nix

{
system,
nix-packages,
config,
pkgs,
lib,
...
} @ args: let
lockscreen-all = pkgs.writeScript "lockscreen-all" ''
#!${pkgs.bash}/bin/bash
if ${pkgs.coreutils}/bin/[ -z "$(${pkgs.usbutils}/bin/lsusb | grep Yubico)" ]; then
${pkgs.systemd}/bin/loginctl list-sessions | ${pkgs.gnugrep}/bin/grep '^\ ' | ${pkgs.gawk}/bin/awk '{print $1}' | ${pkgs.findutils}/bin/xargs -i ${pkgs.systemd}/bin/loginctl lock-session {}
fi
'';
in {
imports = [
./services/pipewire.nix
./desktop-secrets.nix
./services/cups.nix
./services/docker.nix
./services/cifs.nix
./services/kubo-local.nix
];
fonts = {
fontDir.enable = true;
fontconfig = {
enable = true;
defaultFonts = {
emoji = ["Noto Color Emoji"];
monospace = ["Fira Code" "Font Awesome 5 Free"];
sansSerif = ["Noto Sans" "Font Awesome 5 Free"];
serif = ["Noto Serif" "Font Awesome 5 Free"];
};
};
fonts = with pkgs; [
fira-code
fira-code-symbols
font-awesome
noto-fonts
noto-fonts-cjk
noto-fonts-emoji
noto-fonts-extra
(nerdfonts.override {fonts = ["FiraCode" "DroidSansMono" "Noto"];})
nasin-nanpa
fairfax-hd
];
};
fonts.fontconfig.localConf = ''
<?xml version="1.0"?>
<!DOCTYPE fontconfig SYSTEM "fonts.dtd">
<fontconfig>
<match target="scan">
<test name="family">
<string>Fairfax HD</string>
</test>
<edit name="spacing">
<int>100</int>
</edit>
</match>
</fontconfig>
'';
time.timeZone = "Etc/GMT-1"; # Confusing naming, it's 1 hour east of GMT
services.pcscd.enable = true;
security.pam = {
services.login.u2fAuth = true;
services.sddm.u2fAuth = true;
services.swaylock.u2fAuth = true;
u2f = {
enable = true;
control = "required";
};
};
services.udev.extraRules = ''
ACTION=="remove", ENV{ID_VENDOR_ID}=="1050", ENV{ID_MODEL_ID}=="0407", RUN+="${lockscreen-all}"
SUBSYSTEM=="usb", ATTRS{idVendor}=="e621", ATTRS{idProduct}=="0000", TAG+="uaccess"
SUBSYSTEM=="hidraw*", ATTRS{idVendor}=="e621", ATTRS{idProduct}=="0000", TAG+="uaccess"
SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", ATTRS{idVendor}=="057e", ATTRS{idProduct}=="0337", TAG+="uaccess"
SUBSYSTEM=="hidraw*", ATTRS{idVendor}=="057e", ATTRS{idProduct}=="0306", TAG+="uaccess"
SUBSYSTEM=="hidraw*", ATTRS{idVendor}=="057e", ATTRS{idProduct}=="0330", TAG+="uaccess"
'';
services.udev.packages = [pkgs.dolphinEmuMaster];
programs.steam.enable = system == "x86_64-linux";
nixpkgs.overlays = [
(curr: prev: {
steam = prev.steam.override {
extraPkgs = pkgs:
with pkgs; [
mono
fuse
];
};
})
];
services.flatpak.enable = true;
programs.java.enable = true;
hardware.opengl.driSupport = true;
hardware.opengl.driSupport32Bit = lib.mkForce (system == "x86_64-linux");
home-manager.users.darkkirb = import ./home-manager/darkkirb.nix {
desktop = true;
inherit args;
};
# For syncthing
networking.firewall.allowedTCPPorts = [22000];
networking.firewall.allowedUDPPorts = [22000];
environment.systemPackages = with pkgs; [
pinentry-qt
dolphinEmuMaster
];
programs.gnupg.agent.pinentryFlavor = "qt";
xdg.portal = {
enable = true;
wlr.enable = true;
# gtk portal needed to make gtk apps happy
extraPortals = [pkgs.xdg-desktop-portal-gtk];
};
programs.dconf.enable = true;
services.xserver = {
enable = true;
libinput.enable = true;
layout = "de";
xkbVariant = "neo";
displayManager.lightdm.enable = lib.mkForce false;
};
boot.kernelPackages = pkgs.zfsUnstable.latestCompatibleLinuxPackages;
i18n.inputMethod = {
enabled = "ibus";
ibus.engines = with pkgs.ibus-engines; [anthy];
};
security.polkit.enable = true;
services.dbus.enable = true;
services.dbus.packages = with pkgs; [dconf];
# Futureproofing: on non-x86 machines, emulate x86
boot.binfmt.emulatedSystems =
if system != "x86_64-linux"
then [
"x86_64-linux"
"i686-linux"
]
else [];
virtualisation = {
waydroid.enable = true;
lxd.enable = true;
};
programs.gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
}