{ self, config, pkgs, lib, ...}: { imports = [ ./hardware-configuration.nix ]; # allow spotify nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ "spotify" ]; # boot boot.loader.grub = { enable = true; device = "/dev/sda"; }; boot.loader.timeout = 1; # network networking.hostName = "stube-pc"; networking.networkmanager.enable = true; networking.firewall.enable = true; # timezone time.timeZone = "Europe/Berlin"; # configure users users.mutableUsers = false; users.users.admin = { isNormalUser = true; hashedPassword = "$y$j9T$sYhrjA6IDTFVsUTVrw6aY/$c4qBwMc6SBMip4BWIpHPwzkyVgnOaHdvYxJDUIyw7q1"; extraGroups = [ "wheel" "networkmanager" ]; createHome = true; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDbsWgnT1W25H5fDCekspaXzlIwvKh+rHygTId8xHotU admin" ]; }; users.users.stube = { isNormalUser = true; extraGroups = [ "networkmanager" ]; password = "stube"; }; # the display-manager starts the desktop environment instantaneously. # this statement delays the display-manager until the home environment for the user is set up. systemd.services."display-manager".after = [ "home-manager-stube.service" ]; console.keyMap = "de"; # audio configuration services.pipewire = { enable = true; pulse.enable = true; }; # gui configuration services.xserver = { enable = true; xkb.layout = "de"; desktopManager.xfce.enable = true; }; services.displayManager = { enable = true; defaultSession = "xfce"; autoLogin = { enable = true; user = "stube"; }; }; # remove all multi-user / displayManager functionality from lightDM (basically a kiosk setup) services.xserver.displayManager.lightdm.greeter.enable = false; services.xserver.displayManager.lightdm.autoLogin.timeout = 0; services.xserver.desktopManager.xfce.enableScreensaver = false; services.thekenlicht-daemon = { enable = true; serialPort = "/dev/serial/by-id/usb-1a86_USB2.0-Serial-if00-port0"; }; # enable gpu support hardware.opengl = { enable = true; driSupport = true; driSupport32Bit = true; }; # load additional applications environment.systemPackages = with pkgs; [ vim # text editor git # source code management for nixos-rebuild from flake xfce.xfce4-pulseaudio-plugin # pulseaudio-plugin in top panel pavucontrol # audio control panel qlcplus ]; services.udev.packages = with pkgs; [ qlcplus ]; # link current system configuration to /etc/current-nixos environment.etc."current-nixos".source = self; # persistent files environment.persistence."/persist" = { enable = true; hideMounts = true; directories = [ "/var/log" "/var/lib/nixos" "/var/lib/systemd/coredump" "/etc/NetworkManager/system-connections" ]; files = [ "/etc/machine-id" "/etc/ssh/ssh_host_rsa_key" "/etc/ssh/ssh_host_rsa_key.pub" "/etc/ssh/ssh_host_ed25519_key" "/etc/ssh/ssh_host_ed25519_key.pub" ]; }; security.polkit.enable = true; # enable ssh access for admin user services.openssh = { enable = true; openFirewall = true; settings = { PasswordAuthentication = false; AllowUsers = [ "admin" ]; }; }; system.stateVersion = "24.05"; }