jonas/nixos
1
0
Fork 0
mirror of https://github.com/Ascyii/nixos.git synced 2026-01-01 06:44:26 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
4ebc8b23feb231b4060d6d5819fb4e748f46376a
nixos/hosts/thinix-thinkpad/configuration.nix
Jonas Hahn 4ebc8b23fe Initial commit unclean
2025-08-30 20:31:10 +02:00

192 lines
4.3 KiB
Nix
Raw Blame History

# Configuratoin for my thinkpad t470s
{ pkgs, config, inputs, ... }:
{
imports = [
# Import neccessities
./hardware-configuration.nix
# Import own modules
../../users.nix
# ../../modules/workstation.nix
../../modules/tweaks.nix
../../modules/laptop.nix
../../common.nix
inputs.sops-nix.nixosModules.sops
];
sops = {
defaultSopsFile = ../../../secrets.yaml;
defaultSopsFormat = "yaml";
# hard code the username here
age.keyFile = "/home/jonas/.config/sops/age/keys.txt";
templates = {
"davtemp" = {
owner = "root";
content = ''${config.sops.placeholder.davurl} ${config.sops.placeholder.jondav} ${config.sops.placeholder.jondavpass}'';
mode = "0600";
path = "/etc/davfs2/secrets";
};
};
secrets = {
davurl = {
owner = "jonas";
};
jondav = {
owner = "jonas";
};
jondavpass = {
owner = "jonas";
};
};
};
networking.firewall.allowedTCPPorts = [
# Opening ssh and the web
80
443
# Dev ports
8888
2345
8080
];
programs.gnupg.agent = {
enable = true;
pinentryPackage = with pkgs; pinentry-all;
enableSSHSupport = true;
};
# Scanning over the network support
hardware.sane.enable = true;
hardware.sane.extraBackends = [ pkgs.sane-airscan ];
hardware.sane.disabledDefaultBackends = [ "escl" ];
services.udev.packages = [ pkgs.sane-airscan ];
services.avahi.enable = true;
services.avahi.nssmdns = true;
services.davfs2.enable = true;
# ensure the mountpoint directory exists
systemd.tmpfiles.rules = [
"d /mnt/webdav 0755 jonas users -"
#"d /var/cache/davfs2/sync.hahn1.one+mnt-webdav+jonas 0700 jonas users -"
];
# Just works
systemd.mounts = [
{
description = "Webdav mount point";
#after = [ "network-online.target" ];
wants = [ "network-online.target" ];
what = "https://sync.hahn1.one";
where = "/mnt/webdav";
type = "davfs";
options = "uid=1000,gid=1000,file_mode=0664,dir_mode=2775,_netdev";
mountConfig.TimeoutSec = "15s";
#wantedBy = [ "multi-user.target" ];
}
];
# systemd.automounts = [
# {
# where = "/mnt/webdav";
# wantedBy = [ "multi-user.target" ];
# automountConfig = {
# TimeoutIdleSec = "20m";
# };
# }
# ];
nixpkgs.config.allowUnfree = true;
services = {
syncthing = {
enable = true;
user = "jonas";
# Have to set the bandwidth for the syncing manually for laptops
#guiAddress = "0.0.0.0:8384";
dataDir = "/home/jonas/synced";
configDir = "/home/jonas/.config/syncthing";
overrideDevices = true; # overrides any devices added or deleted through the WebUI
overrideFolders = false; # overrides any folders added or deleted through the WebUI
settings = {
devices = {
"stranox" = { id = "KTFN5YR-NU2Y6EV-WU6D635-H2AUZTJ-KL6UIVE-L7N2EU5-GPY34N7-ZQ36MAI"; };
};
folders = {
# This is the mail folder to keep synced accross everything
# Auto opt in for the sync folder that is on the server
# Further down the line you can split your sync setup into multiple folders
## "synced" = {
# path = "/home/jonas/syncedokay";
# devices = [ "stranox" ];
# ignorePerms = true;
# #fsWatcherDelayS="10";
# # Try to save battery with this
# # Remember to also look at options that are not in the
# # nixos options search
# fsWatcherEnabled = true;
# #disableFsync = true;
# pullerPauseS = 600;
# rescanIntervalS = 1200;
# versioning = {
# type = "staggered";
# };
#};
};
};
};
};
###### TEMP AREA
# security.krb5 = {
# enable = true;
# settings = {
# libdefaults = {
# default_realm = "UNI-GOETTINGEN.DE"; # Replace with actual realm
# };
# };
# };
# Thinkpad specific fingerprint reader does not work yet
# For further information see: https://gitlab.freedesktop.org/3v1n0/libfprint-tod-vfs0090
#services.fprintd = {
# enable = true;
# tod = {
# enable = true;
# driver = pkgs.libfprint-2-tod1-vfs0090;
# };
#};
#####
networking.hostName = "thinix";
batMode = "double";
networking = {
networkmanager = {
wifi.powersave = true;
};
};
services.dnsmasq.enable = true;
# Setting up swap in case of emergency
swapDevices = [
{
device = "/swapfile";
size = 4096; # size in MB (4096 MB = 4 GB)
}
];
# this does not work with flakes
#system.copySystemConfiguration = true;
system.stateVersion = "24.11";
}
Reference in New Issue View Git Blame Copy Permalink