{ config, pkgs, unstablePkgs, ... }: let keys = import ./ssh-keys.nix; in { imports = [ ./hardware-configuration.nix ]; networking = { hostId = "7be305c3"; hostName = "sandy"; networkmanager.enable = true; }; boot.loader = { systemd-boot.enable = true; efi.canTouchEfiVariables = true; }; time.timeZone = "America/Chicago"; i18n = { defaultLocale = "en_US.UTF-8"; extraLocaleSettings = { LC_ADDRESS = "en_US.UTF-8"; LC_IDENTIFICATION = "en_US.UTF-8"; LC_MEASUREMENT = "en_US.UTF-8"; LC_MONETARY = "en_US.UTF-8"; LC_NAME = "en_US.UTF-8"; LC_NUMERIC = "en_US.UTF-8"; LC_PAPER = "en_US.UTF-8"; LC_TELEPHONE = "en_US.UTF-8"; LC_TIME = "en_US.UTF-8"; }; }; nixpkgs.config.allowUnfree = true; nix = { package = pkgs.nixFlakes; extraOptions = '' experimental-features = nix-command flakes ''; }; programs.zsh.enable = true; services = { openssh.enable = true; tailscale.enable = true; zfs.autoSnapshot.enable = true; hardware.bolt.enable = true; nscd.enable = true; blueman.enable = true; xrdp = { enable = true; defaultWindowManager = "startplasma-x11"; openFirewall = true; }; pipewire = { enable = true; alsa.enable = true; alsa.support32Bit = true; pulse.enable = true; }; xserver = { enable = true; displayManager.lightdm.enable = true; displayManager.startx.enable = true; desktopManager.plasma5.enable = true; desktopManager.mate.enable = true; displayManager.defaultSession = "plasmawayland"; displayManager.autoLogin.enable = true; displayManager.autoLogin.user = "hodgson"; layout = "us"; xkbVariant = ""; }; # emacs = { # enable = true; # install = true; # startWithGraphical = true; # }; avahi = { enable = true; nssmdns = true; openFirewall = true; publish = { enable = true; userServices = true; }; }; printing = { enable = true; listenAddresses = [ "*:631" ]; allowFrom = [ "all" ]; browsing = true; defaultShared = true; openFirewall = true; drivers = with pkgs; [ epson-escpr2 epson-escpr epson-201106w gutenprint ]; }; }; sound.enable = true; hardware = { pulseaudio.enable = false; printers = { }; bluetooth = { enable = true; powerOnBoot = true; }; }; security.pam.services.kwallet = { name = "kwallet"; enableKwallet = true; }; security = { rtkit.enable = true; sudo.wheelNeedsPassword = false; }; users.users.nshields = { isNormalUser = true; shell = pkgs.zsh; description = "Nikolai Shields"; extraGroups = [ "lp" "docker" "networkmanager" "wheel" "podman" ]; openssh.authorizedKeys.keys = keys.nshields; }; users.users.benson = { isNormalUser = true; shell = pkgs.zsh; description = "Benson Chu"; extraGroups = [ "wheel" ]; openssh.authorizedKeys.keys = keys.benson; }; users.users.hodgson = { isNormalUser = true; shell = pkgs.zsh; description = "Peter Hodgson"; extraGroups = [ "lp" "wheel" ]; openssh.authorizedKeys.keys = keys.hodgson; }; environment.systemPackages = with pkgs; [ gnome.gnome-tweaks gnome.networkmanager-openconnect nss htop sssd nsss wl-clipboard unscd glibc glib openconnect libsForQt5.plasma-thunderbolt # essential git vim emacs tmux unstablePkgs.signal-desktop gcc # emacs dependencies ispell ripgrep cmake gnumake libtool # browsers google-chrome firefox lynx chromium # networking curl wget nmap bind # Other racket ruby (python311.withPackages (pythonPackages: with pythonPackages; [ urwid ])) (pkgs.callPackage ./mfcl2690dw/default.nix { }) tigervnc ]; networking.firewall.allowedTCPPorts = [ 22 ]; networking.firewall.allowedUDPPorts = [ ]; networking.firewall.enable = true; networking.hosts = { "10.0.0.142" = ["BRWBCF4D445BCC3.local"]; }; system.stateVersion = "23.11"; # Did you read the comment? }