defenestrate/final/configuration.nix

133 lines
4.8 KiB
Nix

{ config, pkgs, artiq, ... }:
{
imports =
[
./hardware-configuration.nix
];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.systemd-boot.memtest86.enable = true;
boot.kernelParams = ["intel_idle.max_cstate=1"];
boot.kernelPackages = pkgs.linuxPackages_latest;
hardware.cpu.intel.updateMicrocode = true;
networking.hostName = "artiq";
networking.networkmanager.enable = true;
systemd.suppressedSystemUnits = [
"hibernate.target"
"suspend.target"
"suspend-then-hibernate.target"
"sleep.target"
"hybrid-sleep.target"
"systemd-hibernate.service"
"systemd-hybrid-sleep.service"
"systemd-suspend.service"
"systemd-suspend-then-hibernate.service"
];
console.font = "Lat2-Terminus16";
console.keyMap = "us";
i18n.defaultLocale = "en_US.UTF-8";
time.timeZone = "UTC";
nixpkgs.config.allowUnfree = true;
environment.systemPackages = with pkgs; [
wget
vim
gitAndTools.gitFull
usbutils
pciutils
vlc
file
lm_sensors
acpi
imagemagick
firefox
chromium
(artiq.inputs.nixpkgs.legacyPackages.x86_64-linux.python3.withPackages(ps: with ps; [
numpy
scipy
matplotlib
jupyter
pyserial
spyder
artiq.packages.x86_64-linux.artiq
]))
artiq.packages.x86_64-linux.openocd-bscanspi
texlive.combined.scheme-full
psmisc
xc3sprog
gtkwave
unzip
zip
pavucontrol
rink
gimp
gnome-tweaks
libreoffice-fresh
vscodium
];
environment.sessionVariables = artiq.qtPaths;
programs.wireshark.enable = true;
programs.wireshark.package = pkgs.wireshark;
services.openssh.enable = true;
services.openssh.settings.PasswordAuthentication = false;
services.xserver.enable = true;
services.xserver.xkb.layout = "us";
services.xserver.displayManager.gdm.enable = true;
services.displayManager.autoLogin.enable = true;
services.displayManager.autoLogin.user = "rabi";
# https://github.com/NixOS/nixpkgs/issues/103746
systemd.services."getty@tty1".enable = false;
systemd.services."autovt@tty1".enable = false;
services.xserver.desktopManager.gnome.enable = true;
environment.gnome.excludePackages = [ pkgs.epiphany ];
programs.fish.enable = true;
programs.command-not-found.enable = false; # broken with flakes, https://github.com/NixOS/nixpkgs/issues/39789
users.mutableUsers = true;
users.defaultUserShell = pkgs.fish;
users.users.root.initialPassword = "rabi";
users.extraGroups.plugdev = { };
users.extraUsers.rabi = {
isNormalUser = true;
extraGroups = ["networkmanager" "wheel" "plugdev" "dialout" "wireshark"];
initialPassword = "rabi";
openssh.authorizedKeys.keys = [
# m-labs sb
"ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBF/YybP+fQ0J+bNqM5Vgx5vDmVqVWsgUdF1moUxghv7d73GZAFaM6IFBdrXTAa33AwnWwDPMrTgP1V6SXBkb3ciJo/lD1urJGbydbSI5Ksq9d59wvOeANvyWYrQw6+eqTQ=="
# m-labs therobs12
"ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBK1tUg7TtceARRnGI80Ai5kNFolFfZ++LH9v1UoRCiJdxeQWPdNYO0Gj7+ejJvgZXwvN4yHGgcZHraEml4Mj/dKrEMFygfuYLDRmXtPFwX6TNMrWlxMhPzuNY+yCaxlqYg=="
# quartiq rj
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC27krR8G8Pb59YuYm7+X2mmNnVdk/t9myYgO8LH0zfb2MeeXX5+90nW9kMjKflJss/oLl8dkD85jbJ0fRbRkfJd20pGCqCUuYAbYKkowigFVEkbrbWSLkmf+clRjzJOuBuUA0uq0XKS17uMC3qhu+dDdBOAIKb3L83NfVE8p8Pjb4BPktQrdxefM43/x4jTMuc7tgxVmTOEge3+rmVPK2GnLkUBgBn8b6S+9ElPd63HXI5J5f61v21l5N9V0mhTu1pv6PiDRdFIlFDK9dLVZcZ2qlzpKmCnFrOoreBEgre44SpfFe5/MMItxvWiVsj/rij/rHZZiol1k7JiQCnEHeCCbjjvcBBka5HxZgcb3vBZVceTOawrmjbdbA2dq35sUptz/bEgdZ1UVCmVpWsdROAlEDBmSSbcVwxzcvhoKnkpbuP4Q0V3tVKSLW053ADFNB4frtwY5nAZfsVErFLLphjwb8nlyJoDRNapQrn5syEiW0ligX2AAskZTYIl2A5AYyWPrmX6HJOPqZGatMU3qQiRMxs+hFqhyyCmBgl0kcsgW09MBKtJWk1Fbii98MHqgRUN9R7AUiYy5p78Pnv9DC8DT8Ubl9zoP0g5d40P9NGK2LAhMxLXvtckJ4ERqbSEcNZJw+q4jBrOHnMTz+NLdAUiEtru+6T2OdhaHv+eiNlFQ=="
# quartiq rj
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMUaB2G1jexxfkdlly3fdWslH54/s/bOuvk9AxqpjtAY"
# quartiq pk
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIu6yhjCoZ62eamYrAXtFefDhplTRUIdD4tncwlkyAEH"
];
};
security.sudo.wheelNeedsPassword = false;
services.udev.packages = [ artiq.packages.x86_64-linux.openocd-bscanspi ];
nix.settings.trusted-public-keys = ["nixbld.m-labs.hk-1:5aSRVA5b320xbNvu30tqxVPXpld73bhtOeH6uAjRyHc="];
nix.settings.substituters = ["https://nixbld.m-labs.hk"];
nix.extraOptions = ''
experimental-features = nix-command flakes
'';
nix.nixPath = [ "nixpkgs=${pkgs.path}" ];
# This value determines the NixOS release with which your system is to be
# compatible, in order to avoid breaking some software such as database
# servers. You should change this only after NixOS release notes say you
# should.
system.stateVersion = "24.11"; # Did you read the comment?
}