flake/hosts/muon/configuration.nix
2026-06-01 10:28:16 +00:00

153 lines
3.6 KiB
Nix

{
config,
lib,
pkgs,
inputs,
system,
sources,
...
}: let
cfg = config.mods;
in {
# Hardware
imports = [./hardware-configuration.nix ./openrgb.nix];
environment.systemPackages = with inputs.nix-alien.packages.${system};
with pkgs; [
nix-alien
r2modman
godot
rustdesk-flutter
motion
qmk
gnumeric
opensnitch
opensnitch-ui
mumble
];
nixpkgs.config.permittedInsecurePackages = [
"libsoup-2.74.3"
];
users.users.muon.extraGroups = ["docker"];
virtualisation.docker.enable = true;
# System
mods.user.name = "muon";
networking.hostName = cfg.user.name;
networking.hostId = "a230906f";
mods.home.file = ./home.nix;
nix.settings.trusted-users = ["root" "muon"];
# Modules
mods.desktop.enable = true;
mods.desktop.wayland.enable = false;
mods.desktop.gaming.enable = true;
mods.boot.enable = true;
mods.clamav.enable = true;
mods.theme.enable = true;
mods.theme.scheme = "woodland";
mods.theme.wallpaper = ./wallpaper.png;
mods.containers.steam.enable = false;
mods.server.astral.enable = false;
mods.server.astral.autoStart = false;
mods.server.nvr.enable = false;
mods.docker.enable = true;
mods.docker.media.enable = false;
mods.server.auth2api.enable = true;
# host defaults to 127.0.0.1 (localhost only, perfect for Claude Code)
# port defaults to 8317
# Run `auth2api --login` once after deploying to authorise your Claude account.
mods.server.sync.enable = true;
mods.tailscale.enable = true;
mods.openvpn.enable = false;
mods.wireguard.id = 2;
mods.i2p.enable = true;
services.xserver.windowManager.i3.enable = true;
services.actual.enable = true;
# Reverse proxy: *.word.local -> localhost:3030
services.nginx = {
enable = true;
recommendedProxySettings = true;
virtualHosts."~^(?<subdomain>.+)\\.word\\.local$" = {
serverName = "~^(?<subdomain>.+)\\.word\\.local$";
locations."/" = {
proxyPass = "http://127.0.0.1:3030";
proxyWebsockets = true;
};
};
};
networking.firewall.allowedTCPPorts = [80];
# Wildcard DNS: *.word.local -> 127.0.0.1 via NetworkManager's built-in dnsmasq
networking.networkmanager.dns = "dnsmasq";
# Force resolv.conf to use local dnsmasq so wildcard DNS is actually queried
networking.resolvconf.useLocalResolver = true;
environment.etc."NetworkManager/dnsmasq.d/word-local.conf".text = ''
address=/.word.local/127.0.0.1
'';
virtualisation.virtualbox.host.enable = true;
users.extraGroups.vboxusers.members = ["user-with-access-to-virtualbox"];
services.picom.enable = true;
services.picom.opacityRules = ["50:name *= '^Cheat$'"];
# Turn off screen-saver
environment.extraInit = ''
xset s off -dpms
'';
# Proprietary </3
mods.unfree.nvidia.enable = true;
mods.unfree.nvidia.driver = "legacy_580";
mods.unfree.steam.enable = true;
mods.unfree.minecraft.enable = true;
mods.flatpak.enable = true;
mods.flatpak.stremio.enable = true;
# Hardware preferences
## Mouse
services.libinput.mouse.accelProfile = "flat";
## Keyboard
hardware.keyboard.qmk.enable = true;
## Monitors
mods.monitors = {
primary = {
name = "DP-2";
config = {
enable = true;
mode = "2560x1440";
position = "0x480";
primary = true;
rate = "144.00";
};
};
secondary = {
name = "HDMI-1";
config = {
enable = true;
mode = "1920x1080";
position = "2560x0";
rate = "60.00";
rotate = "right";
};
};
};
# Version of first install
system.stateVersion = "23.05";
}