250 lines
5.5 KiB
Nix
250 lines
5.5 KiB
Nix
{
|
|
pkgs,
|
|
pkgs-unstable,
|
|
...
|
|
}: let
|
|
lock-false = {
|
|
Value = false;
|
|
Status = "locked";
|
|
};
|
|
lock-true = {
|
|
Value = true;
|
|
Status = "locked";
|
|
};
|
|
in {
|
|
# Common packages for ALL systems
|
|
environment.systemPackages = with pkgs; [
|
|
# misc
|
|
xdg-user-dirs
|
|
|
|
# networking
|
|
wget
|
|
whois
|
|
dig
|
|
|
|
# files
|
|
unzip
|
|
ncdu
|
|
|
|
# security
|
|
gnupg
|
|
openssl
|
|
kdePackages.kleopatra
|
|
|
|
# cli tools
|
|
jq
|
|
yq-go
|
|
pciutils
|
|
glxinfo
|
|
btop
|
|
alejandra
|
|
fzf
|
|
fastfetch
|
|
|
|
# Development
|
|
pkgs-unstable.code-cursor
|
|
gitkraken
|
|
git-filter-repo
|
|
git-secrets
|
|
|
|
python3
|
|
hugo
|
|
nodejs_22
|
|
pnpm
|
|
cypress
|
|
pgadmin4-desktopmode
|
|
postgresql_15
|
|
beam26Packages.erlang
|
|
beam26Packages.erlfmt
|
|
beam26Packages.erlang-ls
|
|
beam26Packages.rebar3
|
|
gnumake
|
|
gcc
|
|
libgcc
|
|
nil
|
|
sqlite
|
|
|
|
# Common programs
|
|
ghostty
|
|
obsidian
|
|
nextcloud-client
|
|
slack
|
|
libreoffice-fresh
|
|
tor-browser
|
|
ungoogled-chromium
|
|
plexamp
|
|
remmina
|
|
|
|
# Audio / Visual
|
|
loupe # Image viewer
|
|
inkscape # Vector editor
|
|
krita # Image editor
|
|
kdePackages.kolourpaint # Simple Image editor
|
|
darktable # Raw editor
|
|
imagemagick # Image processing
|
|
mpv # Video player
|
|
cava # Audio visualizer
|
|
wireplumber # Audio server
|
|
pavucontrol # Audio control
|
|
];
|
|
|
|
programs = {
|
|
# CLI tools
|
|
command-not-found = {
|
|
enable = true;
|
|
dbPath = "/run/current-system/sw/bin/sqlite3";
|
|
};
|
|
|
|
# Zoxide for quick directory navigation
|
|
zoxide = {
|
|
enable = true;
|
|
flags = ["--cmd cd"];
|
|
};
|
|
|
|
# Friendly shell
|
|
fish = {
|
|
enable = true;
|
|
interactiveShellInit = ''
|
|
set fish_greeting # Disable greeting
|
|
'';
|
|
shellAbbrs = {
|
|
# Common abbreviations
|
|
".." = "cd ..";
|
|
"..." = "cd ../..";
|
|
"...." = "cd ../../../";
|
|
"....." = "cd ../../../../";
|
|
"cp" = "cp -v";
|
|
"ll" = "ls -lh";
|
|
"l" = "ls -lah";
|
|
"mkdir" = "mkdir -p";
|
|
"mv" = "mv -v";
|
|
"rm" = "rm -v";
|
|
|
|
# Work abbreviations
|
|
"jumpc" = "ssh prod-admin-jump1.infra.csbnet.se";
|
|
"jumpn" = "ssh prod-jump-got1.infra.brainmill.com";
|
|
"proxc" = "ssh -L1337:172.18.200.21:8006 prod-admin-jump1.infra.csbnet.se";
|
|
"proxn" = "ssh -L1338:[2a09:2681:ffff:13::104]:8006 prod-jump-got1.infra.brainmill.com";
|
|
"ups1c" = "ssh -L1339:172.18.79.1:80 prod-admin-jump1.infra.csbnet.se";
|
|
"ups2c" = "ssh -L1340:172.18.79.3:80 prod-admin-jump1.infra.csbnet.se";
|
|
};
|
|
};
|
|
|
|
# Starship shell prompt
|
|
starship = {
|
|
enable = true;
|
|
transientPrompt.enable = true;
|
|
presets = ["nerd-font-symbols" "gruvbox-rainbow"];
|
|
settings = {
|
|
add_newline = false;
|
|
directory = {
|
|
fish_style_pwd_dir_length = 1;
|
|
};
|
|
};
|
|
};
|
|
# Direnv for automatic environment loading
|
|
direnv = {
|
|
enable = true;
|
|
enableFishIntegration = true;
|
|
};
|
|
|
|
# Vim editor
|
|
vim = {
|
|
enable = true;
|
|
defaultEditor = true;
|
|
};
|
|
ssh.extraConfig = "";
|
|
gnupg.agent = {
|
|
enable = true;
|
|
enableSSHSupport = true;
|
|
};
|
|
git = {
|
|
enable = true;
|
|
lfs.enable = true;
|
|
config = {
|
|
user.name = "Felix Schulze";
|
|
user.email = "admin@schulze.network";
|
|
init.defaultBranch = "main";
|
|
pull.rebase = true;
|
|
push.autoSetupRemote = true;
|
|
};
|
|
};
|
|
java.enable = true;
|
|
|
|
# programs
|
|
firefox = {
|
|
enable = true;
|
|
nativeMessagingHosts.packages = [pkgs.ff2mpv];
|
|
policies = {
|
|
/*
|
|
---- POLICIES ----
|
|
*/
|
|
|
|
DisableTelemetry = true;
|
|
DisableFirefoxStudies = true;
|
|
EnableTrackingProtection = {
|
|
Value = true;
|
|
Locked = true;
|
|
Cryptomining = true;
|
|
Fingerprinting = true;
|
|
};
|
|
|
|
DisablePocket = true;
|
|
/*
|
|
---- EXTENSIONS ----
|
|
*/
|
|
# Check about:support for extension/add-on ID strings.
|
|
# Valid strings for installation_mode are "allowed", "blocked",
|
|
# "force_installed" and "normal_installed".
|
|
ExtensionSettings = {
|
|
"*".installation_mode = "normal_installed";
|
|
# uBlock Origin:
|
|
"uBlock0@raymondhill.net" = {
|
|
install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi";
|
|
installation_mode = "force_installed";
|
|
};
|
|
# Privacy Badger:
|
|
"jid1-MnnxcxisBPnSXQ@jetpack" = {
|
|
install_url = "https://addons.mozilla.org/firefox/downloads/latest/privacy-badger17/latest.xpi";
|
|
installation_mode = "force_installed";
|
|
};
|
|
};
|
|
|
|
/*
|
|
---- PREFERENCES ----
|
|
*/
|
|
Preferences = {
|
|
"browser.newtabpage.activity-stream.showSponsoredTopSites" = lock-false;
|
|
"extensions.activeThemeID" = {
|
|
Value = "{21ab01a8-2464-4824-bccb-6db15659347e}";
|
|
Status = "locked";
|
|
};
|
|
};
|
|
};
|
|
};
|
|
thunderbird.enable = true;
|
|
steam = {
|
|
enable = true;
|
|
remotePlay.openFirewall = true;
|
|
dedicatedServer.openFirewall = true;
|
|
};
|
|
};
|
|
|
|
# enable and configure Docker
|
|
virtualisation.docker.enable = true;
|
|
|
|
# enable VMs
|
|
programs.virt-manager.enable = true;
|
|
virtualisation = {
|
|
libvirtd = {
|
|
enable = true;
|
|
qemu = {
|
|
swtpm.enable = true;
|
|
ovmf.enable = true;
|
|
ovmf.packages = [pkgs.OVMFFull.fd];
|
|
};
|
|
};
|
|
spiceUSBRedirection.enable = true;
|
|
};
|
|
}
|