{ config , pkgs , nixpkgs , nixpkgs-unstable , nixos-hardware , ... }: { imports = [ (nixos-hardware + "/common/pc/ssd") (nixos-hardware + "/common/cpu/amd") ./settings/base.nix ./settings/configuration/berlin.nix ./settings/configuration/british-english.nix ./settings/configuration/nix.nix ./settings/configuration/user.nix ./settings/hardware/audio.nix ./settings/hardware/bare-metal.nix ./settings/hardware/personal-computer.nix ./settings/hardware/bluetooth.nix ./settings/hardware/iwd.nix ./settings/hardware/mouse.nix ./settings/hardware/systemd-boot.nix ./settings/hardware/nvidia-gpu.nix ./settings/hardware/keyboard.nix ./settings/hardware/keyboardio-model01.nix ./settings/hardware/trackball.nix ./settings/hardware/trezor.nix ./settings/services/samba.nix ./settings/services/syncthing.nix ./settings/services/zeroconf.nix ./settings/user-interface.nix ./settings/programs/base.nix ./settings/programs/gnupg.nix ./settings/programs/kde.nix ./settings/programs/shell.nix ./settings/gaming.nix ./settings/programs/tor.nix ./settings/programs/barrier.nix ]; services.xserver.screenSection = '' Option "MetaModes" "2560x1440_165 +0+0 { ForceCompositionPipeline=On }" ''; services.xserver.monitorSection = '' Option "DPMS" ''; boot.loader.grub.useOSProber = false; boot.loader.grub.extraEntries = '' menuentry "Windows" { chainloader ($drive1)//EFI/Microsoft/Boot/bootmgfw.efi } ''; boot.kernelPackages = pkgs.linuxPackages_zen; boot.extraModulePackages = with config.boot.kernelPackages; [ zenpower ]; boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "sd_mod" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-amd" ]; fileSystems = { "/" = { device = "/dev/disk/by-partlabel/nixos-root"; fsType = "f2fs"; options = [ "atgc" "gc_merge" "lazytime" "nodiscard" ]; }; "/boot" = { device = "/dev/disk/by-partlabel/efi-boot"; fsType = "vfat"; }; "/home" = { device = "/dev/disk/by-partlabel/home"; fsType = "ext4"; options = [ "lazytime" "nodiscard" ]; }; "/mnt/data" = { device = "/dev/disk/by-partlabel/data"; fsType = "ntfs3"; options = [ "uid=1000" "gid=100" "x-systemd-automount" "nofail" ]; }; }; swapDevices = [ { label = "swap"; discardPolicy = "once"; } ]; services.xserver = { xautolock.enable = pkgs.lib.mkForce false; }; services.postgresql = { enableTCPIP = true; authentication = '' # TYPE DATABASE USER ADDRESS METHOD host all all samenet md5 ''; }; services.openssh = { enable = true; openFirewall = false; startWhenNeeded = true; }; systemd.services."ssh-no-sleep@" = { bindsTo = [ "sshd@%i.service" ]; wantedBy = [ "sshd@.service" ]; serviceConfig.ExecStart = "${pkgs.systemd}/bin/systemd-inhibit --mode block --what sleep --who 'ssh session '%I --why 'session still active' ${pkgs.coreutils}/bin/sleep infinity"; }; networking.nftables = { enable = true; }; networking.firewall = { allowedTCPPorts = [ 80 443 139 445 1024 ]; extraInputRules = '' ip saddr 172.30.42.0/24 accept ip6 saddr { fd00::/8, fe80::/10 } accept ''; }; hardware.firmware = with pkgs; [ linux-firmware # for iwlwifi ]; networking = { hostName = "prefect"; }; services.ddclient = { enable = true; package = (pkgs.ddclient.overrideAttrs (old: { patches = (old.patches or [ ]) ++ [ ../patches/ddclient-noipv4.patch ]; })); use = "no"; protocol = "nsupdate"; verbose = true; zone = "alanpearce.eu"; server = "pappel.alanpearce.eu"; passwordFile = "/etc/secrets/ddns.key"; domains = [ "prefect.home.alanpearce.eu" ]; extraConfig = '' usev4=disabled usev6=cmdv6 cmdv6=${pkgs.writeScript "getipv6" '' #!/bin/sh set -eo pipefail ip --oneline address show dev enp7s0 to 2000::/3 primary \ | awk '{ print $4 }' \ | cut -d/ -f1 ''} ttl=3600 ''; }; systemd.services.ddclient.path = with pkgs; [ iproute2 coreutils gawk ]; system.stateVersion = "23.05"; }