# Configuratoin for my thinkpad t470s { pkgs, config, inputs, ... }: { imports = [ # Import neccessities ./hardware-configuration.nix # Import own modules ../../users.nix # ../../modules/workstation.nix ../../modules/tweaks.nix ../../modules/laptop.nix ../../common.nix inputs.sops-nix.nixosModules.sops ]; sops = { defaultSopsFile = ../../../secrets.yaml; defaultSopsFormat = "yaml"; # hard code the username here age.keyFile = "/home/jonas/.config/sops/age/keys.txt"; templates = { "davtemp" = { owner = "root"; content = ''${config.sops.placeholder.davurl} ${config.sops.placeholder.jondav} ${config.sops.placeholder.jondavpass}''; mode = "0600"; path = "/etc/davfs2/secrets"; }; }; secrets = { davurl = { owner = "jonas"; }; jondav = { owner = "jonas"; }; jondavpass = { owner = "jonas"; }; }; }; networking.firewall.allowedTCPPorts = [ # Opening ssh and the web 80 443 # Dev ports 8888 2345 8080 ]; programs.gnupg.agent = { enable = true; pinentryPackage = with pkgs; pinentry-all; enableSSHSupport = true; }; # Scanning over the network support hardware.sane.enable = true; hardware.sane.extraBackends = [ pkgs.sane-airscan ]; hardware.sane.disabledDefaultBackends = [ "escl" ]; services.udev.packages = [ pkgs.sane-airscan ]; services.avahi.enable = true; services.avahi.nssmdns = true; services.davfs2.enable = true; # ensure the mountpoint directory exists systemd.tmpfiles.rules = [ "d /mnt/webdav 0755 jonas users -" #"d /var/cache/davfs2/sync.hahn1.one+mnt-webdav+jonas 0700 jonas users -" ]; # Just works systemd.mounts = [ { description = "Webdav mount point"; #after = [ "network-online.target" ]; wants = [ "network-online.target" ]; what = "https://sync.hahn1.one"; where = "/mnt/webdav"; type = "davfs"; options = "uid=1000,gid=1000,file_mode=0664,dir_mode=2775,_netdev"; mountConfig.TimeoutSec = "15s"; #wantedBy = [ "multi-user.target" ]; } ]; # systemd.automounts = [ # { # where = "/mnt/webdav"; # wantedBy = [ "multi-user.target" ]; # automountConfig = { # TimeoutIdleSec = "20m"; # }; # } # ]; nixpkgs.config.allowUnfree = true; services = { syncthing = { enable = true; user = "jonas"; # Have to set the bandwidth for the syncing manually for laptops #guiAddress = "0.0.0.0:8384"; dataDir = "/home/jonas/synced"; configDir = "/home/jonas/.config/syncthing"; overrideDevices = true; # overrides any devices added or deleted through the WebUI overrideFolders = false; # overrides any folders added or deleted through the WebUI settings = { devices = { "stranox" = { id = "KTFN5YR-NU2Y6EV-WU6D635-H2AUZTJ-KL6UIVE-L7N2EU5-GPY34N7-ZQ36MAI"; }; }; folders = { # This is the mail folder to keep synced accross everything # Auto opt in for the sync folder that is on the server # Further down the line you can split your sync setup into multiple folders ## "synced" = { # path = "/home/jonas/syncedokay"; # devices = [ "stranox" ]; # ignorePerms = true; # #fsWatcherDelayS="10"; # # Try to save battery with this # # Remember to also look at options that are not in the # # nixos options search # fsWatcherEnabled = true; # #disableFsync = true; # pullerPauseS = 600; # rescanIntervalS = 1200; # versioning = { # type = "staggered"; # }; #}; }; }; }; }; ###### TEMP AREA # security.krb5 = { # enable = true; # settings = { # libdefaults = { # default_realm = "UNI-GOETTINGEN.DE"; # Replace with actual realm # }; # }; # }; # Thinkpad specific fingerprint reader does not work yet # For further information see: https://gitlab.freedesktop.org/3v1n0/libfprint-tod-vfs0090 #services.fprintd = { # enable = true; # tod = { # enable = true; # driver = pkgs.libfprint-2-tod1-vfs0090; # }; #}; ##### networking.hostName = "thinix"; batMode = "double"; networking = { networkmanager = { wifi.powersave = true; }; }; services.dnsmasq.enable = true; # Setting up swap in case of emergency swapDevices = [ { device = "/swapfile"; size = 4096; # size in MB (4096 MB = 4 GB) } ]; # this does not work with flakes #system.copySystemConfiguration = true; system.stateVersion = "24.11"; }