{ config, pkgs, ... }: # rollback to a previously working channel version, useful # when "doas nixos-rebuild switch --upgrade" breaks: # # $ doas nix-channel --rollback let work = { packages = with pkgs; { proprietary = [ slack zoom-us ]; }; }; in { imports = [ /etc/nixos/hardware-configuration.nix ]; # Use the systemd-boot EFI boot loader. boot = { loader = { efi.canTouchEfiVariables = true; grub = { enable = true; version = 2; efiSupport = true; device = "nodev"; }; }; initrd.luks.devices = { crypted = { device = "/dev/nvme0n1p2"; preLVM = true; }; }; }; hardware = { bluetooth.enable = true; pulseaudio = { package = pkgs.pulseaudioFull; enable = true; extraConfig = '' # Switch between headset and headphone mode (e.g. for calls and music) automatically load-module module-bluetooth-policy auto_switch=2 # Echo cancellation and noise cleanup of mic load-module module-echo-cancel aec_method=webrtc # https://til.flourishing.stream/2020/05/24/cancelamento-de-ruido-pulseaudio/ ### Enable Echo/Noise-Cancellation load-module module-echo-cancel use_master_format=1 aec_method=webrtc aec_args="analog_gain_control=0\ digital_gain_control=1" source_name=echoCancel_source sink_name=echoCancel_sink set-default-source echoCancel_source set-default-sink echoCancel_sink ''; }; }; networking = { hostName = "usurpador"; networkmanager.enable = true; }; console = { keyMap = "br-abnt2"; }; # Select internationalisation properties. i18n = { defaultLocale = "fr_FR.UTF-8"; }; # Set your time zone. time.timeZone = "America/Sao_Paulo"; documentation = { enable = true; man.enable = true; dev.enable = true; man.generateCaches = true; nixos.includeAllModules = true; }; fonts = { enableDefaultFonts = true; enableGhostscriptFonts = true; }; environment = { enableDebugInfo = true; systemPackages = let pkgs-19 = import (fetchTarball "https://github.com/NixOS/nixpkgs/archive/b0d748e244df6c977b2a1db3873ffdc271e59615.tar.gz") { }; in with pkgs; [ ## DVCS pkgs-19.bitkeeper ## CLI tools bash-completion nix-bash-completions rq st xsel kubernetes ## xmonad xclip xorg.xmodmap xorg.xmessage xorg.xbacklight lightdm haskellPackages.xmobar ] ++ work.packages.proprietary; }; nixpkgs = let allow-unfree = builtins.length work.packages.proprietary > 0; in { config = { android_sdk.accept_license = allow-unfree; allowUnfree = allow-unfree; }; }; programs = { bash.enableCompletion = true; }; services = { upower.enable = true; flatpak.enable = true; openssh = { enable = true; settings = { PermitRootLogin = "no"; PasswordAuthentication = false; }; }; # required by vagrant+libvirt nfs.server.enable = true; # Required for local network printer avahi = { enable = true; nssmdns = true; extraServiceFiles = { ssh = "${pkgs.avahi}/etc/avahi/services/ssh.service"; }; hostName = "usurpadinho"; publish = { enable = true; addresses = true; domain = true; userServices = true; workstation = true; hinfo = true; }; reflector = true; }; printing = { enable = true; drivers = let epson-201401w = with pkgs; stdenv.mkDerivation rec { v = "201401w"; pname = "epson-${v}"; version = "1.0.0"; src = fetchurl { urls = [ "https://download.ebz.epson.net/dsc/op/stable/SRPMS/epson-inkjet-printer-${v}-${version}-1lsb3.2.src.rpm" "https://download3.ebz.epson.net/dsc/f/03/00/03/45/41/92e9c9254f0ee4230a069545ba27ec2858a2c457/epson-inkjet-printer-201401w-1.0.0-1lsb3.2.src.rpm" ]; sha256 = "0c60m1sd59s4sda38dc5nniwa7dh1b0kv1maajr0x9d38gqlyk3x"; }; nativeBuildInputs = [ rpmextract autoreconfHook file ]; buildInputs = [ libjpeg cups ]; unpackPhase = '' rpmextract $src tar -zxf epson-inkjet-printer-${v}-${version}.tar.gz tar -zxf epson-inkjet-printer-filter-${version}.tar.gz for ppd in epson-inkjet-printer-${v}-${version}/ppds/*; do substituteInPlace $ppd --replace "/opt/epson-inkjet-printer-${v}" "$out" substituteInPlace $ppd --replace "/cups/lib" "/lib/cups" done cd epson-inkjet-printer-filter-${version} ''; postInstall = '' cd ../epson-inkjet-printer-${v}-${version} cp -a lib64 resource watermark $out mkdir -p $out/share/cups/model/epson-inkjet-printer-${v} cp -a ppds $out/share/cups/model/epson-inkjet-printer-${v}/ cp -a Manual.txt $out/doc/ cp -a README $out/doc/README.driver ''; }; in [ epson-201401w ]; }; xserver = { enable = true; layout = "br"; xkbOptions = "caps:swapescape"; # Touchpad support libinput.enable = true; config = '' Section "Device" Identifier "Intel Graphics" Driver "intel01" Option "Backlight" "intel_backlight" EndSection ''; windowManager.xmonad = { enable = true; enableContribAndExtras = true; }; displayManager = { defaultSession = "none+xmonad"; lightdm.enable = true; # The config inception was inspired by: # http://ubuntuforum-br.org/index.php?topic=13784.0 # Lambda symbol name taken from: # http://wiki.linuxquestions.org/wiki/List_of_Keysyms_Recognised_by_Xmodmap # To test a keycode: # xmodmap -e 'keycode 118 = bar Greek_lamda' sessionCommands = '' ${pkgs.fvwm}/bin/xpmroot ~/annex/docs/emotion.png & ''; }; }; blueman.enable = true; pcscd.enable = true; }; users = { extraUsers = let andrehUser = { andreh = { isNormalUser = true; uid = 1000; description = "EuAndreh"; extraGroups = [ "wheel" "networkmanager" "libvirtd" "docker" ]; }; }; # From the Guix manual: # https://www.gnu.org/software/guix/manual/en/html_node/Build-Environment-Setup.html#Build-Environment-Setup buildUser = (i: { "guixbuilder${i}" = { # guixbuilder$i group = "guixbuild"; # -g guixbuild extraGroups = [ "guixbuild" ]; # -G guixbuild home = "/var/empty"; # -d /var/empty shell = pkgs.shadow; # -s `which nologin` description = "Guix build user ${i}"; # -c "Guix buid user $i" isSystemUser = true; # --system }; }); # merge all users in pkgs.lib.fold (str: acc: acc // buildUser str) andrehUser # for i in `seq -w 1 10` (map (pkgs.lib.fixedWidthNumber 2) (builtins.genList (n: n + 1) 10)); extraGroups.guixbuild = { name = "guixbuild"; }; }; systemd = { services = { # Derived from Guix guix-daemon.service.in # https://git.savannah.gnu.org/cgit/guix.git/tree/etc/guix-daemon.service.in?id=00c86a888488b16ce30634d3a3a9d871ed6734a2 guix-daemon = { enable = true; description = "Build daemon for GNU Guix"; serviceConfig = { ExecStart = "/var/guix/profiles/per-user/root/current-guix/bin/guix-daemon --build-users-group=guixbuild --substitute-urls='https://substitutes.nonguix.org https://ci.guix.gnu.org https://bordeaux.guix.gnu.org'"; }; wantedBy = [ "multi-user.target" ]; }; }; user.services = { mpris-proxy = { enable = false; description = "Mpris proxy, added to support bluetooth media keys"; serviceConfig = { After = [ "network.target" "sound.target" ]; ExecStart = "${pkgs.bluez}/bin/mpris-proxy"; WantedBy = [ "default.target" ]; }; }; }; }; system = { stateVersion = "20.03"; autoUpgrade = { enable = true; dates = "0:10"; }; }; xdg.portal = { enable = true; extraPortals = [ pkgs.xdg-desktop-portal-gtk ]; }; virtualisation.libvirtd.enable = true; virtualisation.docker.enable = true; }