From 59888fba836f7e00794e3e7f9be171598477a15b Mon Sep 17 00:00:00 2001
From: Atridad Lahiji <me@atri.dad>
Date: Mon, 23 Dec 2024 10:44:58 -0700
Subject: [PATCH] Initial commit

---
 apps.nix          |  26 +++++++++
 configuration.nix | 138 ++++++++++++++++++++++++++++++++++++++++++++++
 dev.nix           |  43 +++++++++++++++
 mounts.nix        |   9 +++
 4 files changed, 216 insertions(+)
 create mode 100644 apps.nix
 create mode 100644 configuration.nix
 create mode 100644 dev.nix
 create mode 100644 mounts.nix

diff --git a/apps.nix b/apps.nix
new file mode 100644
index 0000000..68a7a38
--- /dev/null
+++ b/apps.nix
@@ -0,0 +1,26 @@
+{ pkgs, ... }:
+
+{
+  nixpkgs.config.permittedInsecurePackages = [
+    "openssl-1.1.1w"
+  ];
+
+  environment.systemPackages = with pkgs; [
+    pkgs.spotify
+    pkgs.bitwarden-desktop
+    pkgs.bitwarden-cli
+    pkgs.dropbox
+    pkgs.discord
+    pkgs.prismlauncher
+    libreoffice-qt
+    hunspell
+    hunspellDicts.en_US
+  ];
+
+  programs.steam = {
+    enable = true;
+    remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
+    dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
+    localNetworkGameTransfers.openFirewall = true; # Open ports in the firewall for Steam Local Network Game Transfers
+  };
+}
diff --git a/configuration.nix b/configuration.nix
new file mode 100644
index 0000000..d042d94
--- /dev/null
+++ b/configuration.nix
@@ -0,0 +1,138 @@
+# Edit this configuration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ config, pkgs, ... }:
+
+{
+  imports =
+    [ # Include the results of the hardware scan.
+      ./hardware-configuration.nix
+      ./apps.nix
+      ./dev.nix
+      ./mounts.nix
+    ];
+
+  # Bootloader.
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  networking.hostName = "himbohome"; # Define your hostname.
+  # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
+
+  # Configure network proxy if necessary
+  # networking.proxy.default = "http://user:password@proxy:port/";
+  # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
+
+  # Enable networking
+  networking.networkmanager.enable = true;
+
+  # Set your time zone.
+  time.timeZone = "America/Edmonton";
+
+  # Select internationalisation properties.
+  i18n.defaultLocale = "en_CA.UTF-8";
+
+  # Enable the X11 windowing system.
+  # You can disable this if you're only using the Wayland session.
+  services.xserver.enable = true;
+
+  # Enable the KDE Plasma Desktop Environment.
+  services.displayManager.sddm.enable = true;
+  services.desktopManager.plasma6.enable = true;
+
+  # Configure keymap in X11
+  services.xserver.xkb = {
+    layout = "us";
+    variant = "";
+  };
+
+  # Enable CUPS to print documents.
+  services.printing.enable = true;
+
+  # Enable sound with pipewire.
+  hardware.pulseaudio.enable = false;
+  security.rtkit.enable = true;
+  services.pipewire = {
+    enable = true;
+    alsa.enable = true;
+    alsa.support32Bit = true;
+    pulse.enable = true;
+    # If you want to use JACK applications, uncomment this
+    #jack.enable = true;
+
+    # use the example session manager (no others are packaged yet so this is enabled by default,
+    # no need to redefine it in your config for now)
+    #media-session.enable = true;
+  };
+
+  # Enable touchpad support (enabled default in most desktopManager).
+  # services.xserver.libinput.enable = true;
+
+  # Define a user account. Don't forget to set a password with ‘passwd’.
+  users.users.atridad = {
+    isNormalUser = true;
+    description = "Atridad Lahiji";
+    extraGroups = [ "networkmanager" "wheel" ];
+    packages = with pkgs; [
+      kdePackages.kate
+    #  thunderbird
+    ];
+  };
+
+  # Install firefox.
+  programs.firefox.enable = true;
+
+  # Allow unfree packages
+  nixpkgs.config.allowUnfree = true;
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "24.11"; # Did you read the comment?
+
+  # Enable OpenGL
+  hardware.graphics = {
+    enable = true;
+  };
+
+  # Load nvidia driver for Xorg and Wayland
+  services.xserver.videoDrivers = ["nvidia"];
+
+  hardware.nvidia = {
+
+    # Modesetting is required.
+    modesetting.enable = true;
+
+    # Nvidia power management. Experimental, and can cause sleep/suspend to fail.
+    # Enable this if you have graphical corruption issues or application crashes after waking
+    # up from sleep. This fixes it by saving the entire VRAM memory to /tmp/ instead 
+    # of just the bare essentials.
+    powerManagement.enable = false;
+
+    # Fine-grained power management. Turns off GPU when not in use.
+    # Experimental and only works on modern Nvidia GPUs (Turing or newer).
+    powerManagement.finegrained = false;
+
+    # Use the NVidia open source kernel module (not to be confused with the
+    # independent third-party "nouveau" open source driver).
+    # Support is limited to the Turing and later architectures. Full list of 
+    # supported GPUs is at: 
+    # https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus 
+    # Only available from driver 515.43.04+
+    # Currently alpha-quality/buggy, so false is currently the recommended setting.
+    open = false;
+
+    # Enable the Nvidia settings menu,
+	# accessible via `nvidia-settings`.
+    nvidiaSettings = true;
+
+    # Optionally, you may need to select the appropriate driver version for your specific GPU.
+    package = config.boot.kernelPackages.nvidiaPackages.stable;
+  };
+
+  hardware.nvidia-container-toolkit.enable = true;
+}
diff --git a/dev.nix b/dev.nix
new file mode 100644
index 0000000..154c739
--- /dev/null
+++ b/dev.nix
@@ -0,0 +1,43 @@
+{ pkgs, ... }:
+
+{
+  # Docker
+  virtualisation.docker.enable = true;
+
+  virtualisation.docker.rootless = {
+    enable = true;
+    setSocketVariable = true;
+    daemon.settings.features.cdi = true;
+  };
+  
+  # Tailscale
+  services.tailscale.enable = true;
+  services.tailscale.useRoutingFeatures = "client";
+  networking.nameservers = ["100.100.100.100"];
+  networking.search = ["heron-velociraptor.ts.net"];
+  networking.firewall.enable = false;
+
+  # SSH
+  services.openssh = {
+    enable = true;
+    ports = [ 22 ];
+    settings = {
+      PasswordAuthentication = true;
+      AllowUsers = null; # Allows all users by default. Can be [ "user1" "user2" ]
+      UseDns = true;
+      X11Forwarding = false;
+      PermitRootLogin = "yes"; # "yes", "without-password", "prohibit-password", "forced-commands-only", "no"
+    };
+  };
+
+  environment.systemPackages = with pkgs; [
+    pkgs.go
+    pkgs.gotools
+    pkgs.fnm
+    pkgs.sublime4
+    pkgs.sublime-merge
+    pkgs.rclone
+    pkgs.git
+  ];
+
+}
diff --git a/mounts.nix b/mounts.nix
new file mode 100644
index 0000000..578bc68
--- /dev/null
+++ b/mounts.nix
@@ -0,0 +1,9 @@
+{ pkgs, ... }:
+
+{
+  # Mount /dev/sda1 to /mnt/slow1
+  fileSystems."/mnt/slow1" = {
+    device = "/dev/sda1";
+    fsType = "ext4";
+  };
+}