Initial commit

2025-09-01 14:21:12 +03:00
commit 5787dcd528
47 changed files with 3079 additions and 0 deletions
--- a/roles/desktop.nix
+++ b/roles/desktop.nix
@@ -0,0 +1,197 @@
+{
+  pkgs,
+  lib,
+  config,
+  ...
+}:
+let
+  specialisations = builtins.map (name: ../specialisations + "/${name}") (
+    builtins.attrNames (builtins.readDir ../specialisations)
+  );
+in
+{
+  imports = [
+    ./default.nix
+  ]
+  ++ specialisations;
+
+  swappiness = lib.mkDefault 20;
+
+  boot = {
+    kernelPackages = lib.mkDefault pkgs.linuxPackages_latest;
+    tmp = {
+      cleanOnBoot = lib.mkDefault true;
+      tmpfsSize = lib.mkDefault "50%";
+      useTmpfs = lib.mkDefault true;
+    };
+
+    consoleLogLevel = lib.mkDefault 1;
+
+    loader = {
+      systemd-boot = {
+        enable = lib.mkDefault true;
+        configurationLimit = lib.mkDefault 10;
+      };
+
+      efi.canTouchEfiVariables = lib.mkDefault true;
+    };
+  };
+
+  hardware = {
+    enableRedistributableFirmware = lib.mkDefault true;
+    bluetooth = {
+      enable = lib.mkDefault true;
+      powerOnBoot = true;
+      settings = {
+        General = {
+          IdleTimeout = 0;
+          ControllerMode = "dual";
+          MultiProfile = "multiple";
+          FastConnectable = true;
+        };
+      };
+    };
+  };
+
+  networking = {
+    networkmanager = {
+      enable = lib.mkDefault true;
+      plugins = lib.mkForce [ ];
+    };
+    firewall = {
+      enable = false;
+    };
+  };
+
+  i18n = {
+    defaultLocale = "ru_RU.UTF-8";
+    supportedLocales = [
+      "en_US.UTF-8/UTF-8"
+      "ru_RU.UTF-8/UTF-8"
+    ];
+  };
+
+  security = {
+    rtkit.enable = true;
+
+    sudo = {
+      enable = true;
+      extraConfig = ''
+        Defaults:root,%wheel env_keep=HTTPS_PROXY
+        Defaults:root,%wheel env_keep=no_proxy
+      '';
+    };
+
+    pam = {
+      yubico.enable = true;
+      yubico.mode = "challenge-response";
+    };
+  };
+
+  services = {
+    pulseaudio.enable = false;
+    pcscd.enable = true;
+    resolved = {
+      enable = true;
+      fallbackDns = [
+        # "192.168.1.5"
+        "1.1.1.1"
+        "8.8.8.8"
+      ];
+    };
+
+    pipewire = {
+      wireplumber.enable = true;
+      audio.enable = true;
+
+      enable = true;
+      alsa.enable = true;
+      alsa.support32Bit = true;
+      pulse.enable = true;
+      jack.enable = true;
+    };
+
+    libinput.enable = true;
+
+    btrfs.autoScrub.interval = "weekly";
+
+    flatpak.enable = true;
+
+    printing = {
+      enable = lib.mkDefault true;
+      openFirewall = true;
+      drivers = with pkgs; [
+        gutenprint
+      ];
+      cups-pdf.enable = true;
+      browsing = lib.mkDefault true;
+    };
+
+    udev = {
+      extraRules = ''
+        KERNEL=="i2c-[0-9]*", GROUP="i2c", MODE="0660"
+      '';
+    };
+  };
+
+  powerManagement = {
+    enable = true;
+  };
+
+  users.groups = {
+    ssh = {
+      name = "ssh";
+    };
+  };
+
+  environment.systemPackages = with pkgs; [
+    mesa
+    steam-run
+
+    obsidian
+    telegram-desktop
+    keepassxc
+    gimp
+    mpv
+    ffmpeg
+    yt-dlp
+    avidemux
+    krita
+    krita-plugin-gmic
+
+    # onlyoffice-desktopeditors
+    libreoffice-qt-fresh
+    thunderbird-latest
+
+    # Fonts
+    nerd-fonts.fira-code
+    nerd-fonts.jetbrains-mono
+  ];
+
+  programs = {
+    nix-ld = {
+      enable = true;
+      libraries = [
+
+      ];
+    };
+
+    yubikey-touch-detector = {
+      enable = config.security.pam.yubico.enable;
+      libnotify = true;
+    };
+  };
+
+  environment.pathsToLink = [
+    "/share/xdg-desktop-portal"
+    "/share/applications"
+  ];
+
+  hardware = {
+    graphics = {
+      enable = true;
+    };
+  };
+
+  xdg.portal.enable = true;
+}