source: dotfiles/nix/configuration.nix@ 3a31a31

# Edit this configuration file to define what should be installed on
# your system.  Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running ‘nixos-help’).

{ config, pkgs, ... }:

{
  imports =
    [ # Include the results of the hardware scan.
      ./hardware-configuration.nix
       <nixos-hardware/lenovo/thinkpad/x200s>
       <home-manager/nixos>
       
    ];

  nix = {
    package = pkgs.nixUnstable;
    extraOptions = ''
      experimental-features = nix-command flakes
    '';
  };
  
  # Bootloader
  boot.kernelPackages = pkgs.linuxPackages_latest;
  boot.loader.grub.enable = true;
  boot.loader.grub.device = "/dev/sdb";
  boot.loader.grub.useOSProber = true;
  boot.kernel.sysctl = { "net.ipv4.ip_forward" = 1; };

  networking.hostName = "nixos"; # Define your hostname.
  #networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.

  # Configure network proxy if necessary
  # networking.proxy.default = "http://user:password@proxy:port/";
  # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";

  # Enable networking
  networking.networkmanager.enable = true;

  # Select internationalisation properties.
  i18n.defaultLocale = "en_US.UTF-8";
  console = {
    font = "Lat2-Terminus16";
    keyMap = "us";
  };

  fonts.fonts = with pkgs; [
    unifont
    dejavu_fonts
  ];

  fonts.fontDir.enable = true;

  # Set your time zone.
  time.timeZone = "Europe/Moscow";

  services.lorri.enable = true;

  # Configure keymap in X11
  services.xserver = {
    enable = true;
    layout = "us,ru";
    xkbOptions = "grp:shifts_toggle,caps:ctrl_modifier";
    videoDrivers = [ "intel" ];

    windowManager.ratpoison.enable = true;
    displayManager.startx.enable = true;
    displayManager.defaultSession = "none+ratpoison";
  };

  powerManagement = {
    enable = true;
    cpuFreqGovernor = "ondemand";
  };

  # Define a user account. Don't forget to set a password with ‘passwd’.
  users.users.w96k = {
    isNormalUser = true;
    description = "Mikhail Kirillov";
    extraGroups = [ "networkmanager" "wheel" "audio" "docker" "libvirtd"];
  };

  nix.trustedUsers = [ "root" "w96k" ];

  home-manager.useGlobalPkgs = true;

  home-manager.users.w96k = { pkgs, ... }: {
    home.stateVersion = "22.05";
    home.packages = [
    pkgs.gparted
    pkgs.python3
    pkgs.nodejs
    # pkgs.php81
    # # Minimal requirements for symfony
    # pkgs.php81Extensions.redis
    # pkgs.php81Extensions.amqp
    # pkgs.php81Extensions.xsl
    pkgs.php81Packages.psysh
    pkgs.gimp
    pkgs.php81Packages.composer
    pkgs.direnv
    pkgs.openjdk17
    pkgs.firefox
    pkgs.tdesktop
    pkgs.imagemagick
    pkgs.arandr
    pkgs.symfony-cli
    pkgs.shellcheck
    pkgs.gnome.gnome-boxes
    pkgs.cachix
    pkgs.tor-browser-bundle-bin
    pkgs.htop
    pkgs.ghc
    pkgs.nix-prefetch-scripts
    pkgs.libreoffice
    pkgs.mpv
    pkgs.musescore
    pkgs.yarn
    pkgs.postgresql
    pkgs.unzip
    pkgs.sloc
    ];

    programs.git = {
      enable = true;
      userName = "Mikhail Kirillov";
      userEmail = "w96k.ru@gmail.com";
    };
    programs.autorandr.enable = true;
    programs.direnv.enable = true;
    programs.direnv.nix-direnv.enable = true;
    programs.bash.enable = true;
    programs.emacs = {
      enable = true;
      extraPackages = epkgs: with epkgs; [
      flycheck
      avy
      anaconda-mode
      auctex
      beginend
      composer
      cinspect
      debian-el
      dpkg-dev-el
      edebug-inline-result
      magit
      git-dwim
      gitpatch
      goto-chg
      debbugs
      direnv
      docker
      docker-cli
      docker-tramp
      mastodon
      exec-path-from-shell
      expand-region
      geiser
      geiser-guile
      guix
      gnuplot
      isearch-mb
      minibuffer-line
      org-roam
      org-roam-ui
      org-download
      org-babel-eval-in-repl
      on-screen
      pdf-tools
      lsp-mode
      lsp-java
      company
      company-quickhelp
      # ac-php
      # php-mode
      # php-quickhelp
      phan
      php-cs-fixer
      # company-php
      # php-eldoc
      realgud
      kiwix
      slime
      simple-httpd
      sudo-edit
      imenu-list
      telega
      mini-frame
      mini-modeline
      undo-tree
      yasnippet
      yasnippet-snippets
      vimrc-mode
      no-littering
      web-mode
      reverse-im
      restclient
      # php-scratch
      yaml-mode
      php-quickhelp
      nix-mode
    ];
};
  };

  # nixpkgs.config.allowUnfree = true;
  # Nixos optimizations for thinkpadg
  # nixpkgs.localSystem = {
  #   system = "x86_64-linux";
  #   gcc.arch = "core2";
  #   gcc.tune = "core2";
  # };

  # Enable sound
  sound.enable = true;

  # List packages installed in system profile. To search, run:
  # $ nix search wget
  environment.systemPackages = with pkgs; [
  wget
  lm_sensors
  emacs28NativeComp
  nix-tree
  xorg.xf86inputevdev
  xorg.xf86videointel
  xorg.xorgserver
  xorg.xinit
  thinkfan
  home-manager
  neofetch
  git
  wmname
  docker-compose
  niv

  (pkgs.php81.buildEnv {
    extensions = ({ enabled, all }: enabled ++ (with all; [
      xdebug
      amqp
      redis
      xsl
    ]));
    extraConfig = ''
      xdebug.mode=debug
    '';
  })
  ];

  services.emacs.package = pkgs.emacs28NativeComp;
  services.emacs.defaultEditor = true;

  # services.postgresql = {
  #   enable = true;
  #   package = pkgs.postgresql_14;
  #   enableTCPIP = true;
  #   authentication = pkgs.lib.mkOverride 10 ''
  #     local all all trust
  #     host all all 127.0.0.1/32 trust
  #     host all all ::1/128 trust
  #   '';
  #   initialScript = pkgs.writeText "backend-initScript" ''
  #     CREATE ROLE w96k WITH LOGIN PASSWORD 'w96k' CREATEDB;
  #     CREATE DATABASE symfony;
  #     GRANT ALL PRIVILEGES ON DATABASE symfony TO w96k;
  #   '';
  # };

  services.tor.settings = {
      UseBridges = true;
      ClientTransportPlugin = "obfs4 exec ${pkgs.obfs4}/bin/obfs4proxy";
      Bridge = "obfs4 IP:ORPort [fingerprint]";
  };

  services.tor.client.enable = true;

  virtualisation.docker = {
    enable = true;
    enableOnBoot = true;
    # autoPrune.enable = true;
  };

  virtualisation.libvirtd.enable = true;

  systemd.mounts = [
  { what = "/dev/sda2";
    where = "/mnt/guix";
    mountConfig = {
      TimeoutSec = "1";
      Options = "uid=c184f446-df67-4103-b28e-465ac8776f10";
    };
  }
  ];

  # Some programs need SUID wrappers, can be configured further or are
  # started in user sessions.
  # programs.mtr.enable = true;
  programs.gnupg.agent = {
    enable = true;
    enableSSHSupport = true;
  };

  nix.autoOptimiseStore = true;
  nix.gc = {
    automatic = true;
    dates = "weekly";
    options = "--delete-older-than 60d";
  };

  # List services that you want to enable:

  # Enable the OpenSSH daemon.
  # services.openssh.enable = true;

  # Open ports in the firewall.
  # networking.firewall.allowedTCPPorts = [ ... ];
  # networking.firewall.allowedUDPPorts = [ ... ];
  # Or disable the firewall altogether.
  # networking.firewall.enable = false;

  # This value determines the NixOS release from which the default
  # settings for stateful data, like file locations and database versions
  # on your system were taken. It‘s perfectly fine and recommended to leavecatenate(variables, "bootdev", bootdev)
  # this value at the release version of the first install of this system.
  # Before changing this value read the documentation for this option
  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
  system.stateVersion = "22.05"; # Did you read the comment?
}