nixos-configuration/hosts/desktop/configuration.nix

# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{
  config,
  lib,
  pkgs,
  inputs,
  ...
}: let
  persistence = {
    "snorre" = import ./persist.nix;
  };
in {
  imports = [
    # Include the results of the hardware scan.
    ./hardware-configuration.nix
    # ../../modules/drivers/nvidia.nix
    ../../modules/plymouth/blahaj.nix

    (import ../../modules/disko/delete-on-boot.nix {
      inherit lib;
      persistExtraDirectories = [];
      persistExtraFiles = [];
      users = persistence;
    })
    # ../../modules/plymouth
    #../../modules/users/main-user.nix
  ];

  services.mullvad-vpn.enable = true;

  # Use the systemd-boot EFI boot loader.
  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;
  boot.loader.timeout = 0;

  boot.blacklistedKernelModules = ["btusb"];

  boot.kernelPackages = pkgs.linuxPackages_zen;

  # boot.plymouth.enable = true;
  # boot.plymouth.theme = "nixos-bgrt";
  # boot.plymouth.themePackages = [
  #   pkgs.nixos-bgrt-plymouth
  # ];

  programs.nix-ld.enable = true;
  # programs.nix-ld.libraries = with pkgs; [
  #   # Add any missing dynamic libraries for unpackaged programs
  #   # here, NOT in environment.systemPackages
  # ];

  boot.consoleLogLevel = 0;
  boot.initrd.verbose = false;
  boot.kernelParams = [
    "i915.fastboot=1"
    "preempt=full"
    "quiet"
    "splash"
    # "boot.shell_on_fail"
    "loglevel=3"
    # "rd.systemd.show_status=false"
    # "rd.udev.log_level=3"

    # "udev.log_priority=3"
  ];

  nix.settings.experimental-features = ["nix-command" "flakes"];

  home-manager = {
    extraSpecialArgs = {inherit inputs;};
    users = {
      "snorre" = import ./home.nix;
    };
  };

  # fonts.packages = with pkgs; [
  #   (nerdfonts.override {
  #     fonts = [
  #       "Devicons"config
  #     ];
  #   })
  # ];

  programs.localsend.openFirewall = true;

  virtualisation.libvirtd.enable = true;
  programs.virt-manager.enable = true;

  programs.steam = {
    enable = true;
    gamescopeSession.enable = false;
  };

  security.chromiumSuidSandbox.enable = true; # unity3d.enable was only to allow chrome root sandboxxing
  programs.adb.enable = true;

  # nixos loves its files. So much that it opens more than 8000 of them at times. Lets increase the limit
  # security.pam.loginLimits = [{
  #   domain = "*";
  #   type = "soft";
  #   item = "nofile";
  #   value = "65536";
  # }];

  users.users."snorre" = {
    isNormalUser = true;
    hashedPassword = "$y$j9T$L2udHOsjFhnZpksLamKec/$IwNrtR9YCSx8eIau5VD3todAqFkfvSL9ONiEQNiGV.9";
    extraGroups = [
      "networkmanager"
      "audio"
      "wheel"
      "adbusers"
      "libvirtd"
    ];

    #     openssh.authorizedKeys.keyFiles = [
    #       ./ssh/authorized_keys_snorre
    #     ];

    shell = pkgs.zsh;
  };

  # Programs to enable
  # programs.zsh.enable = true; # Better shell than bash
  programs.zsh = {
    enable = true;
    # This prevents cache invalidation when also managing zsh from home-manager,
    # leading to faster startup times
    enableGlobalCompInit = false;
  };
  programs.hyprland = {
    # Hyprland desktop environment
    enable = true;
    portalPackage = pkgs.xdg-desktop-portal-hyprland;
  };

  programs.ssh.startAgent = true; # ssh-agent for interacting with github
  # security.chromiumSuidSandbox.enable = true; # unity3d.enable was only to allow chrome root sandboxxing
  # programs.noisetorch.enable = true; # Noisetorch because discord krisp doesnt work

  # Fuck nano, all my homies hate nano
  programs.nano.enable = false;

  # I want my steams and other non-libre software
  nixpkgs.config.allowUnfree = true;

  # List packages installed in system profile. To search, run:
  # $ nix search wget
  environment.systemPackages = with pkgs; [
    wget
    curl
    git
    # ranger

    # libsecret manager
    # pass-secret-service
    keepassxc
    libsecret

    # ((drv: pkgs.symlinkJoin {
    #   name = drv.name;
    #   paths = [ drv ];
    #   postBuild = "rm -rf $out/share/applications";
    # }) pkgs.neovim)

    neovim

    # graphics
    mesa

    # Notifications
    libnotify

    # For enabling and styling QT
    libsForQt5.qtstyleplugin-kvantum
    libsForQt5.qt5ct
    catppuccin-kvantum

    # Gnome keyring makes it so we dont have to keep logging into programs
    gnome-keyring
    # Ui for when programs want sudo
    hyprpolkitagent
  ];

  programs.gamemode = {
    enable = true;
    enableRenice = true;

    settings = {
      general = {
        renice = 3;
      };

      custom = {
        # start = "${pkgs.libnotify}/bin/notify-send 'GameMode started'";
        # end = "${pkgs.libnotify}/bin/notify-send 'GameMode ended'";

        start = let
          script = pkgs.writeScriptBin "gamemode_start.sh" ''
            ${pkgs.libnotify}/bin/notify-send "GameMode started"
            ${pkgs.libnotify}/bin/notify-send "user is: $USER"
            /home/$USER/.nix-profile/bin/hyprctl keyword input:touchpad:disable_while_typing false
          '';
        in "${script}/bin/gamemode_start.sh";

        end = let
          script = pkgs.writeScriptBin "gamemode_end.sh" ''
            ${pkgs.libnotify}/bin/notify-send "GameMode end"
            /home/$USER/.nix-profile/bin/hyprctl keyword input:touchpad:disable_while_typing true
          '';
        in "${script}/bin/gamemode_end.sh";
      };
    };
  };

  # Session variables for qt and hyprland
  environment.sessionVariables = {
    XDG_CURRENT_DESKTOP = "Hyprland";
    XDG_SESSION_DESKTOP = "Hyprland";
    XDG_SESSION_TYPE = "wayland";
    GDK_BACKEND = "wayland";
    GTK_USE_PORTAL = "1";
    QT_QPA_PLATFORMTHEME = "qt5ct";
    QT_QPA_PLATFORM = "wayland";
    QT_WAYLAND_DISABLE_WINDOWDECORATION = "1";
    QT_AUTO_SCREEN_SCALE_FACTOR = "0";
    MOZ_ENABLE_WAYLAND = "1";
    # SSH_AUTH_SOCK = "$XDG_RUNTIME_DIR/ssh-agent";
  };

  xdg.portal = {
    enable = true;
    wlr.enable = true;
    extraPortals = [
      pkgs.xdg-desktop-portal-gtk
      (pkgs.callPackage ../../modules/portals/xdg-desktop-portal-termfilechooser.nix {})
    ];
    # xdgOpenUsePortal = true;
  };

  xdg.mime.defaultApplications = {
    "application/pdf" = "firefox.desktop";
  };

  qt = {
    enable = true;
    platformTheme = "qt5ct";
  };

  # Delete old entries to
  nix = {
    gc = {
      automatic = true;
      options = "--delete-older-than 30d";
    };
  };

  stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-material-dark-soft.yaml";
  stylix.autoEnable = true;
  stylix.polarity = "dark";
  stylix.targets.qt.platform = "qtct";

  # stylix.cursor.package = ( pkgs.callPackage ../../modules/stylix/cursors/posy-improved {} );
  # stylix.cursor.name = "Posy_Cursor";

  stylix.cursor.package = pkgs.bibata-cursors;
  stylix.cursor.name = "Bibata-Modern-Ice";
  stylix.cursor.size = 24;

  stylix.image = ./nixos-wallpaper.png;

  networking.hostName = "desktop"; # Define your hostname.
  networking.networkmanager.enable = false; # Easiest to use and most distros use this by default.
  networking.useNetworkd = true;
  networking.useDHCP = false;
  networking.hosts."10.0.101.10" = ["server"];
  networking.interfaces = {
    enp8s0.ipv4.addresses = [
      {
        address = "10.0.101.11";
        prefixLength = 24;
      }
    ];
    wlp7s0.ipv4.addresses = [
      {
        address = "10.0.101.12";
        prefixLength = 24;
      }
    ];
  };
  networking.defaultGateway = {
    address = "10.0.101.1";
    interface = "enp8s0";
  };
  networking.nameservers = [
    "10.0.101.1"
    "4.4.4.4"
  ];
  networking.firewall = {
    enable = true;
    allowedTCPPorts = [8000];
    allowedUDPPortRanges = [
      {
        from = 8000;
        to = 8010;
      }
    ];
  };

  # Fuck off, i wanna boot
  systemd.services."NetworkManager-wait-online".enable = false;
  systemd.services."systemd-networkd-wait-online".enable = lib.mkForce false;

  # Set your time zone.
  time.timeZone = "Europe/Copenhagen";

  # Select internationalisation properties.
  i18n.defaultLocale = "en_US.UTF-8";
  # console = {
  #   keyMap = "dk";
  # };

  # Remove message when running commands as sudo
  security.sudo = {
    enable = true;
    extraConfig = ''
      Defaults	lecture = never
    '';
  };

  services.udev.extraRules = ''
    KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="6964", ATTRS{idProduct}=="0075", MODE="0660", GROUP="users", TAG+="uaccess", TAG+="udev-acl"
  '';

  services.blueman = {
    enable = false;
  };

  virtualisation.docker = {
    enable = false;
    storageDriver = "btrfs";
  };

  hardware.bluetooth.enable = false;
  hardware.bluetooth.powerOnBoot = false;
  hardware.bluetooth.settings = {
    General = {
      Experimental = true;
    };
  };

  hardware.graphics = {
    enable = true;
    extraPackages = with pkgs; [
      # intel-media-driver # LIBVA_DRIVER_NAME=iHD
      # intel-vaapi-driver # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium)
      libvdpau-va-gl
    ];
  };

  services.pipewire = {
    enable = true;
    audio.enable = true;
    alsa.enable = true;
    pulse.enable = true;
    wireplumber.enable = true;
  };

  # Some programs need SUID wrappers, can be configured further or are
  # started in user sessions.
  programs.mtr.enable = true;
  programs.gnupg.agent = {
    enable = true;
    # enableSSHSupport = true;
  };

  # services.power-profiles-daemon = {
  #   enable = true;
  # };
  services.auto-cpufreq = {
    enable = true;
    settings = {
      charger = {
        governor = "performance";
        turbo = "auto";
      };

      battery = {
        governor = "powersave";
        energy_performance_preference = "power";
        turbo = "never";
        scaling_max_freq = 1000000;
      };
    };
  };

  services.thermald.enable = true;

  services.openssh = {
    enable = true;
    settings = {
      # Require public key authentication
      PasswordAuthentication = false;
      KbdInteractiveAuthentication = false;
      AllowUsers = null;
      PermitRootLogin = "no";
    };
  };

  # Minimal TUI displaymanager for loggin in and launching hyprland
  services.greetd = {
    enable = true;
    settings = {
      default_session = {
        command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --cmd Hyprland";
        user = "snorre";
      };

      # First session auto starts hyprland
      initial_session = {
        command = "${pkgs.hyprland}/bin/Hyprland";
        user = "snorre";
      };
    };
  };

  # hardware.opengl.driSupport = true; # This is already enabled by default
  # hardware.opengl.driSupport32Bit = true; # For 32 bit applications

  # This option defines the first version of NixOS you have installed on this particular machine,
  # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
  #
  # Most users should NEVER change this value after the initial install, for any reason,
  # even if you've upgraded your system to a new NixOS release.
  #
  # This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
  # so changing it will NOT upgrade your system.
  #
  # This value being lower than the current NixOS release does NOT mean your system is
  # out of date, out of support, or vulnerable.
  #
  # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
  # and migrated your data accordingly.
  #
  # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
  system.stateVersion = "23.11"; # Did you read the comment?
}