{
config,
lib,
pkgs,
...
}:
{
imports = [
./programs.nix
./desktop.nix
./wifi.nix
./zerotier.nix
./fonts.nix
./polkit.nix
./audio.nix
./fingerprint.nix
./steam.nix
./graphics.nix
./libvirt.nix
];
time.timeZone = "America/New_York";
# temp workaround for building while in nixos-enter
#services.logrotate.checkConfig = false;
networking = {
hostId = "58f50a15";
firewall.enable = true;
useNetworkd = true;
};
boot = {
kernelPackages = lib.mkForce pkgs.linuxPackages_zen;
useSystemdBoot = true;
default = true;
};
i18n = {
defaultLocale = "en_US.utf8";
supportedLocales = [ "en_US.UTF-8/UTF-8" ];
};
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
services = {
calibre-web = {
enable = true;
listen = {
ip = "127.0.0.1";
};
options = {
calibreLibrary = "/var/lib/calibre-server";
};
};
calibre-server = {
enable = true;
user = "calibre-web";
group = "calibre-web";
};
gvfs.enable = true;
fwupd = {
enable = true;
package =
(import (builtins.fetchTarball {
url = "https://github.com/NixOS/nixpkgs/archive/bb2009ca185d97813e75736c2b8d1d8bb81bde05.tar.gz";
sha256 = "sha256:003qcrsq5g5lggfrpq31gcvj82lb065xvr7bpfa8ddsw8x4dnysk";
}) { inherit (pkgs) system; }).fwupd;
};
fprintd.enable = lib.mkForce false;
openssh.enable = lib.mkForce false;
journald.storage = "volatile";
spotifyd = {
enable = true;
settings = {
global = {
username = "snowinginwonderland@gmail.com";
password_cmd = "cat ${config.sops.secrets."apps/spotify".path}";
use_mpris = false;
};
};
#systemd.services.spotifyd.serviceConfig = systemd.services.spotifyd.
};
rad-dev.yubikey = {
enable = true;
enable-desktop-app = true;
};
};
users.users.alice.extraGroups = [ "calibre-web" ];
system.autoUpgrade.enable = false;
system.stateVersion = "24.05";
sops = {
defaultSopsFile = ./secrets.yaml;
secrets = {
"apps/spotify" = {
group = "audio";
restartUnits = [ "spotifyd.service" ];
mode = "0440";
};
};
};
}