{ config, lib, pkgs, ... }: let nixKey = "/var/lib/nix/binary-cache-key"; in { imports = [ ./overlays/packages.nix ]; nixpkgs.config.allowUnfree = true; # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.memtest86.enable = true; boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.efiSysMountPoint = "/boot"; nix.settings.extra-experimental-features = "nix-command flakes"; nix.settings.trusted-users = [ "audrey" ]; nix.settings.max-jobs = 1; nix.settings.cores = 0; nix.settings.secret-key-files = [ nixKey ]; systemd.services.nix-key-setup = { description = "Generate a nix build signing key"; script = '' test -f ${nixKey} && test -f ${nixKey}.pub && exit 0 || true mkdir -p "$(dirname "${nixKey}")" ${config.nix.package}/bin/nix-store --generate-binary-cache-key ${config.networking.hostName} ${nixKey} ${nixKey}.pub ''; wantedBy = [ "multi-user.target" ]; }; # Select internationalisation properties. i18n.defaultLocale = "en_US.UTF-8"; console = { font = "Lat2-Terminus16"; #keyMap = "us"; useXkbConfig = true; # use xkb.options in tty. }; # Configure keymap in X11 services.xserver.xkb.layout = "us"; services.xserver.xkb.options = "caps:escape"; users.defaultUserShell = pkgs.zsh; # Define a user account. Don't forget to set a password with ‘passwd’. users.users.audrey = { uid = 1000; description = "Audrey Dutcher"; isNormalUser = true; extraGroups = [ "wheel" "docker" ]; }; environment.systemPackages = with pkgs; [ wget ripgrep fd curl btop nixfmt-rfc-style file stdenv.cc patchelf meld # language servers nil rust-analyzer lua-language-server clang-tools bash-language-server pyright csharp-ls gopls typescript-language-server #ocamllsp (python3.withPackages (p: with p; [ virtualenvwrapper pylint pytest ipdb ipython ])) pre-commit ]; programs = { zsh = { enable = true; enableCompletion = true; syntaxHighlighting.enable = true; vteIntegration = true; enableLsColors = true; histSize = 10000; promptInit = '' . ${pkgs.python3Packages.virtualenvwrapper}/bin/virtualenvwrapper.sh '' + builtins.readFile ./dotfiles/zsh-prompt.sh; shellInit = builtins.readFile ./dotfiles/zsh-init.sh; shellAliases = { nixos-edit = "(cd ~/nixos-config && vim configuration.nix)"; nixos-apply = "sudo nixos-rebuild switch --flake ~/nixos-config#$HOST"; ls = "ls --group-directories-first --color=auto"; ll = "ls -lh"; lh = "ll -ab"; l = "ls -ab"; grep = "grep --color=auto"; egrep = "egrep --color=auto"; objdump = "objdump -M intel"; gits = "git status"; pag = "ps aux | grep -v grep | grep -i"; hd = "hexdump -C"; man = "MAN_POSIXLY_CORRECT=1 man"; nose = "pytest -v --capture=no --pdbcls=IPython.terminal.debugger:TerminalPdb"; mkvirtualenv = "mkvirtualenv -r /etc/venv-default.txt"; }; }; tmux = { enable = true; extraConfig = builtins.readFile ./dotfiles/tmux.conf; }; htop.enable = true; git = { enable = true; lfs.enable = true; config = { user.email = "audrey@rhelmot.io"; user.name = "Audrey Dutcher"; core.editor = "nvim"; init.defaultBranch = "main"; blame.markUnblamableLines = true; merge.tool = "meld"; credential.helper = "store"; url."ssh://git@".insteadOf = "git://"; }; }; neovim = { enable = true; defaultEditor = true; vimAlias = true; viAlias = true; configure = { # lmao customRC = '' ${builtins.readFile ./dotfiles/nvim-init.vim} lua << EOF ${builtins.readFile ./dotfiles/nvim-init.lua} EOF ''; packages.myVimPackage = with pkgs.vimPlugins; { start = [ rust-vim vim-tmux-navigator popup-nvim vim-sleuth nvim-lspconfig rust-tools-nvim nvim-lint nvim-cmp lsp-status-nvim telescope-nvim nvim-treesitter.withAllGrammars sweetie-nvim vim-nix csharpls-extended-lsp-nvim ]; opt = []; }; }; }; }; environment.etc."gdb/gdbinit".source = ./dotfiles/gdb-init.gdb; environment.etc."venv-default.txt".source = ./dotfiles/venv-default.txt; security.pam.u2f = { enable = true; settings.authfile = ./dotfiles/u2f-keys; settings.cue = true; }; # Enable the OpenSSH daemon. services.openssh.enable = true; services.fwupd.enable = true; services.hardware.bolt.enable = true; }