From 68e72081779ca23455aed029678eff4458cb2694 Mon Sep 17 00:00:00 2001 From: GHOSCHT <31184695+GHOSCHT@users.noreply.github.com> Date: Sun, 24 Dec 2023 11:16:59 +0100 Subject: [PATCH] Add baseline configuration --- flake.lock | 16 +++++ flake.nix | 3 +- home/ghoscht/adalbert.nix | 41 ++++++++++++ hosts/adalbert/default.nix | 74 ++++++--------------- hosts/common/global/default.nix | 31 +++++++++ hosts/common/global/fish.nix | 17 +++++ hosts/common/global/locale.nix | 19 ++++++ hosts/common/global/nix.nix | 28 ++++++++ hosts/common/global/podman.nix | 10 +++ hosts/common/global/power-button.nix | 10 +++ hosts/common/global/tailscale.nix | 10 +++ hosts/common/optional/desktop/awesome.nix | 15 +++++ hosts/common/optional/desktop/flatpak.nix | 12 ++++ hosts/common/optional/desktop/global.nix | 18 +++++ hosts/common/optional/desktop/gnome.nix | 16 +++++ hosts/common/optional/desktop/pipewire.nix | 11 +++ hosts/common/optional/desktop/wayland.nix | 15 +++++ hosts/common/optional/desktop/x11.nix | 28 ++++++++ hosts/common/optional/desktop/xdg.nix | 14 ++++ hosts/common/optional/docker.nix | 5 ++ hosts/common/optional/encrypted-root.nix | 7 ++ hosts/common/optional/gamemode.nix | 3 + hosts/common/optional/kde-connect.nix | 22 ++++++ hosts/common/optional/printing.nix | 24 +++++++ hosts/common/optional/quietboot.nix | 33 +++++++++ hosts/common/optional/rgb.nix | 12 ++++ hosts/common/optional/systemd-boot.nix | 9 +++ hosts/common/optional/systemd-exit-node.nix | 6 ++ hosts/common/optional/wireshark.nix | 5 ++ hosts/common/optional/x11-no-suspend.nix | 7 ++ hosts/common/users/ghoscht/default.nix | 44 ++++++++++++ 31 files changed, 510 insertions(+), 55 deletions(-) create mode 100644 home/ghoscht/adalbert.nix create mode 100644 hosts/common/global/default.nix create mode 100644 hosts/common/global/fish.nix create mode 100644 hosts/common/global/locale.nix create mode 100644 hosts/common/global/nix.nix create mode 100644 hosts/common/global/podman.nix create mode 100644 hosts/common/global/power-button.nix create mode 100644 hosts/common/global/tailscale.nix create mode 100644 hosts/common/optional/desktop/awesome.nix create mode 100644 hosts/common/optional/desktop/flatpak.nix create mode 100644 hosts/common/optional/desktop/global.nix create mode 100644 hosts/common/optional/desktop/gnome.nix create mode 100644 hosts/common/optional/desktop/pipewire.nix create mode 100644 hosts/common/optional/desktop/wayland.nix create mode 100644 hosts/common/optional/desktop/x11.nix create mode 100644 hosts/common/optional/desktop/xdg.nix create mode 100644 hosts/common/optional/docker.nix create mode 100644 hosts/common/optional/encrypted-root.nix create mode 100644 hosts/common/optional/gamemode.nix create mode 100644 hosts/common/optional/kde-connect.nix create mode 100644 hosts/common/optional/printing.nix create mode 100644 hosts/common/optional/quietboot.nix create mode 100644 hosts/common/optional/rgb.nix create mode 100644 hosts/common/optional/systemd-boot.nix create mode 100644 hosts/common/optional/systemd-exit-node.nix create mode 100644 hosts/common/optional/wireshark.nix create mode 100644 hosts/common/optional/x11-no-suspend.nix create mode 100644 hosts/common/users/ghoscht/default.nix diff --git a/flake.lock b/flake.lock index a7f5119..7f00ae0 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,20 @@ { "nodes": { + "hardware": { + "locked": { + "lastModified": 1702453208, + "narHash": "sha256-0wRi9SposfE2wHqjuKt8WO2izKB/ASDOV91URunIqgo=", + "owner": "nixos", + "repo": "nixos-hardware", + "rev": "7763c6fd1f299cb9361ff2abf755ed9619ef01d6", + "type": "github" + }, + "original": { + "owner": "nixos", + "repo": "nixos-hardware", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -55,6 +70,7 @@ }, "root": { "inputs": { + "hardware": "hardware", "home-manager": "home-manager", "nixpkgs": "nixpkgs", "nixpkgs-unstable": "nixpkgs-unstable" diff --git a/flake.nix b/flake.nix index c3054b2..81dec07 100644 --- a/flake.nix +++ b/flake.nix @@ -13,8 +13,7 @@ home-manager.url = "github:nix-community/home-manager/release-23.11"; home-manager.inputs.nixpkgs.follows = "nixpkgs"; - # TODO: Add any other flake you might need - # hardware.url = "github:nixos/nixos-hardware"; + hardware.url = "github:nixos/nixos-hardware"; # Shameless plug: looking for a way to nixify your themes and make # everything match nicely? Try nix-colors! diff --git a/home/ghoscht/adalbert.nix b/home/ghoscht/adalbert.nix new file mode 100644 index 0000000..47e35e9 --- /dev/null +++ b/home/ghoscht/adalbert.nix @@ -0,0 +1,41 @@ +{ + inputs, + outputs, + ... +}: { + imports = [ + ./global + ]; + + # colorscheme = inputs.nix-colors.colorschemes.paraiso; + # wallpaper = outputs.wallpapers.cyberpunk-city-red; + # + # # ------ ----- ------ + # # | DP-3 | | DP-1| | DP-2 | + # # ------ ----- ------ + # monitors = [ + # { + # name = "DP-3"; + # width = 1920; + # height = 1080; + # x = 0; + # workspace = "3"; + # enabled = false; + # } + # { + # name = "DP-1"; + # width = 2560; + # height = 1080; + # x = 1920; + # workspace = "1"; + # primary = true; + # } + # { + # name = "DP-2"; + # width = 1920; + # height = 1080; + # x = 4480; + # workspace = "2"; + # } + # ]; +} diff --git a/hosts/adalbert/default.nix b/hosts/adalbert/default.nix index 7381192..e0d16f0 100644 --- a/hosts/adalbert/default.nix +++ b/hosts/adalbert/default.nix @@ -14,14 +14,24 @@ # outputs.nixosModules.example # Or modules from other flakes (such as nixos-hardware): - # inputs.hardware.nixosModules.common-cpu-amd - # inputs.hardware.nixosModules.common-ssd + inputs.hardware.nixosModules.common-cpu-amd + inputs.hardware.nixosModules.common-gpu-nvidia + inputs.hardware.nixosModules.common-pc-ssd # You can also split up your configuration and import pieces of it here: # ./users.nix # Import your generated (nixos-generate-config) hardware configuration ./hardware-configuration.nix + + ../common/global + ../common/users/ghoscht + ../common/optional/desktop/awesome.nix + + ../common/optional/systemd-boot.nix + ../common/optional/wireshark.nix + ../common/optional/gamemode.nix + ../common/optional/kde-connect.nix ]; nixpkgs = { @@ -49,62 +59,20 @@ }; }; - # This will add each flake input as a registry - # To make nix3 commands consistent with your flake - nix.registry = (lib.mapAttrs (_: flake: {inherit flake;})) ((lib.filterAttrs (_: lib.isType "flake")) inputs); - - # This will additionally add your inputs to the system's legacy channels - # Making legacy nix commands consistent as well, awesome! - nix.nixPath = ["/etc/nix/path"]; - environment.etc = - lib.mapAttrs' - (name: value: { - name = "nix/path/${name}"; - value.source = value.flake; - }) - config.nix.registry; - - nix.settings = { - # Enable flakes and new 'nix' command - experimental-features = "nix-command flakes"; - # Deduplicate and optimize nix store - auto-optimise-store = true; - }; - - # FIXME: Add the rest of your current configuration - networking.hostName = "adalbert"; - # TODO: This is just an example, be sure to use whatever bootloader you prefer - boot.loader.systemd-boot.enable = true; + # Force disable Nvidia PRIME, needed by nix-hardware + hardware.nvidia.prime.offload.enable = false; - # TODO: Configure your system-wide user settings (groups, etc), add more users as needed. - users.users = { - # FIXME: Replace with your username - ghoscht = { - # TODO: You can set an initial password for your user. - # If you do, you can skip setting a root password by passing '--no-root-passwd' to nixos-install. - # Be sure to change it (using passwd) after rebooting! - initialPassword = "yoi"; - isNormalUser = true; - openssh.authorizedKeys.keys = [ - # TODO: Add your SSH public key(s) here, if you plan on using SSH to connect - ]; - # TODO: Be sure to add any other groups you need (such as networkmanager, audio, docker, etc) - extraGroups = ["wheel"]; - }; + programs = { + adb.enable = true; + dconf.enable = true; + kdeconnect.enable = true; }; - # This setups a SSH server. Very important if you're setting up a headless system. - # Feel free to remove if you don't need it. - services.openssh = { - enable = true; - settings = { - # Forbid root login through SSH. - PermitRootLogin = "no"; - # Use keys only. Remove if you want to SSH using password (not recommended) - PasswordAuthentication = false; - }; + hardware = { + opengl.enable = true; + opentabletdriver.enable = true; }; # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion diff --git a/hosts/common/global/default.nix b/hosts/common/global/default.nix new file mode 100644 index 0000000..7ad5703 --- /dev/null +++ b/hosts/common/global/default.nix @@ -0,0 +1,31 @@ +# This file (and the global directory) holds config that i use on all hosts +{ + inputs, + outputs, + ... +}: { + imports = + [ + inputs.home-manager.nixosModules.home-manager + ./fish.nix + ./locale.nix + ./nix.nix + ./podman.nix + ./power-button.nix + ] + ++ (builtins.attrValues outputs.nixosModules); + + home-manager.extraSpecialArgs = {inherit inputs outputs;}; + + nixpkgs = { + overlays = builtins.attrValues outputs.overlays; + config = { + allowUnfree = true; + }; + }; + + # Fix for qt6 plugins + environment.profileRelativeSessionVariables = { + QT_PLUGIN_PATH = ["/lib/qt-6/plugins"]; + }; +} diff --git a/hosts/common/global/fish.nix b/hosts/common/global/fish.nix new file mode 100644 index 0000000..4bf0acf --- /dev/null +++ b/hosts/common/global/fish.nix @@ -0,0 +1,17 @@ +{ + inputs, + pkgs, + ... +}: { + programs.fish = { + enable = true; + vendor = { + completions.enable = true; + config.enable = true; + functions.enable = true; + }; + useBabelfish = true; + }; + users.defaultUserShell = pkgs.fish; + environment.shells = with pkgs; [fish]; +} diff --git a/hosts/common/global/locale.nix b/hosts/common/global/locale.nix new file mode 100644 index 0000000..4bd5946 --- /dev/null +++ b/hosts/common/global/locale.nix @@ -0,0 +1,19 @@ +{lib, ...}: { + time.timeZone = "Europe/Berlin"; + + i18n = { + defaultLocale = "en_US.UTF-8"; + extraLocaleSettings = { + LC_ADDRESS = "de_DE.UTF-8"; + LC_IDENTIFICATION = "de_DE.UTF-8"; + LC_MEASUREMENT = "de_DE.UTF-8"; + LC_MONETARY = "de_DE.UTF-8"; + LC_NAME = "de_DE.UTF-8"; + LC_NUMERIC = "de_DE.UTF-8"; + LC_PAPER = "de_DE.UTF-8"; + LC_TELEPHONE = "de_DE.UTF-8"; + LC_TIME = "de_DE.UTF-8"; + }; + }; + console.keyMap = "de"; +} diff --git a/hosts/common/global/nix.nix b/hosts/common/global/nix.nix new file mode 100644 index 0000000..08f9cfb --- /dev/null +++ b/hosts/common/global/nix.nix @@ -0,0 +1,28 @@ +{ + inputs, + lib, + ... +}: { + nix = { + settings = { + auto-optimise-store = lib.mkDefault true; + experimental-features = ["nix-command" "flakes" "repl-flake"]; + warn-dirty = false; + system-features = ["kvm" "big-parallel" "nixos-test"]; + }; + gc = { + automatic = true; + dates = "weekly"; + # Keep the last 3 generations + options = "--delete-older-than +3"; + }; + + # This will add each flake input as a registry + # To make nix3 commands consistent with your flake + registry = (lib.mapAttrs (_: flake: {inherit flake;})) ((lib.filterAttrs (_: lib.isType "flake")) inputs); + + # Add nixpkgs input to NIX_PATH + # This lets nix2 commands still use + nixPath = ["nixpkgs=${inputs.nixpkgs.outPath}"]; + }; +} diff --git a/hosts/common/global/podman.nix b/hosts/common/global/podman.nix new file mode 100644 index 0000000..8a57d28 --- /dev/null +++ b/hosts/common/global/podman.nix @@ -0,0 +1,10 @@ +{config, ...}: let + dockerEnabled = config.virtualisation.docker.enable; +in { + virtualisation.podman = { + enable = true; + dockerCompat = !dockerEnabled; + dockerSocket.enable = !dockerEnabled; + defaultNetwork.settings.dns_enabled = true; + }; +} diff --git a/hosts/common/global/power-button.nix b/hosts/common/global/power-button.nix new file mode 100644 index 0000000..1b36859 --- /dev/null +++ b/hosts/common/global/power-button.nix @@ -0,0 +1,10 @@ +{ + inputs, + lib, + ... +}: { + services.logind.extraConfig = '' + # don’t shutdown when power button is short-pressed + HandlePowerKey=ignore + ''; +} diff --git a/hosts/common/global/tailscale.nix b/hosts/common/global/tailscale.nix new file mode 100644 index 0000000..139680d --- /dev/null +++ b/hosts/common/global/tailscale.nix @@ -0,0 +1,10 @@ +{lib, ...}: { + services.tailscale = { + enable = true; + useRoutingFeatures = lib.mkDefault "client"; + }; + networking.firewall = { + checkReversePath = "loose"; + allowedUDPPorts = [41641]; # Facilitate firewall punching + }; +} diff --git a/hosts/common/optional/desktop/awesome.nix b/hosts/common/optional/desktop/awesome.nix new file mode 100644 index 0000000..bf428bf --- /dev/null +++ b/hosts/common/optional/desktop/awesome.nix @@ -0,0 +1,15 @@ +{ + config, + lib, + pkgs, + ... +}: { + imports = [./global.nix ./x11.nix]; + + services = { + xserver = { + # dpi = 180; + windowManager.awesome.enable = true; + }; + }; +} diff --git a/hosts/common/optional/desktop/flatpak.nix b/hosts/common/optional/desktop/flatpak.nix new file mode 100644 index 0000000..062dd87 --- /dev/null +++ b/hosts/common/optional/desktop/flatpak.nix @@ -0,0 +1,12 @@ +{ + config, + lib, + pkgs, + ... +}: { + # Enable Flatpak + services.flatpak.enable = true; + + # Create folder where all fonts are linked to /run/current-system/sw/share/X11/fonts + fonts.fontDir.enable = true; +} diff --git a/hosts/common/optional/desktop/global.nix b/hosts/common/optional/desktop/global.nix new file mode 100644 index 0000000..51f9ada --- /dev/null +++ b/hosts/common/optional/desktop/global.nix @@ -0,0 +1,18 @@ +{ + config, + lib, + pkgs, + ... +}: { + imports = [./pipewire.nix ../printing.nix ./flatpak.nix ./xdg.nix]; + + # Enable networking + networking.networkmanager.enable = true; + + # Enable for GTK + programs.dconf.enable = true; + + services.xserver = { + displayManager.sddm.enable = true; + }; +} diff --git a/hosts/common/optional/desktop/gnome.nix b/hosts/common/optional/desktop/gnome.nix new file mode 100644 index 0000000..c57bf1c --- /dev/null +++ b/hosts/common/optional/desktop/gnome.nix @@ -0,0 +1,16 @@ +{ + config, + lib, + pkgs, + ... +}: { + imports = [./global.nix ./x11.nix ./wayland.nix]; + + services = { + xserver = { + desktopManager.gnome = { + enable = true; + }; + }; + }; +} diff --git a/hosts/common/optional/desktop/pipewire.nix b/hosts/common/optional/desktop/pipewire.nix new file mode 100644 index 0000000..e35a788 --- /dev/null +++ b/hosts/common/optional/desktop/pipewire.nix @@ -0,0 +1,11 @@ +{ + security.rtkit.enable = true; + hardware.pulseaudio.enable = false; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + jack.enable = true; + }; +} diff --git a/hosts/common/optional/desktop/wayland.nix b/hosts/common/optional/desktop/wayland.nix new file mode 100644 index 0000000..e7d1a6c --- /dev/null +++ b/hosts/common/optional/desktop/wayland.nix @@ -0,0 +1,15 @@ +{ + config, + lib, + pkgs, + ... +}: { + # Hint electron apps to use wayland + environment.sessionVariables.NIXOS_OZONE_WL = "1"; + + environment.systemPackages = with pkgs; [ + xwaylandvideobridge + libsForQt5.qt5.qtwayland + qt6.qtwayland + ]; +} diff --git a/hosts/common/optional/desktop/x11.nix b/hosts/common/optional/desktop/x11.nix new file mode 100644 index 0000000..57c15e8 --- /dev/null +++ b/hosts/common/optional/desktop/x11.nix @@ -0,0 +1,28 @@ +{ + config, + lib, + pkgs, + ... +}: { + services = { + # Enable the X11 windowing system. + xserver = { + enable = true; + # Enable touchpad support + libinput.enable = true; + # Remove xterm terminal + excludePackages = with pkgs; [xterm]; + modules = [pkgs.xf86_input_wacom]; + wacom.enable = true; + }; + }; + + # Install installation + environment = { + systemPackages = with pkgs; [ + # X11 + xorg.xkbutils + xorg.xkill + ]; + }; +} diff --git a/hosts/common/optional/desktop/xdg.nix b/hosts/common/optional/desktop/xdg.nix new file mode 100644 index 0000000..7e964b7 --- /dev/null +++ b/hosts/common/optional/desktop/xdg.nix @@ -0,0 +1,14 @@ +{ + config, + lib, + pkgs, + ... +}: { + xdg.portal = { + enable = true; + xdgOpenUsePortal = true; + wlr.enable = true; + extraPortals = with pkgs; [xdg-desktop-portal-gtk]; + configPackages = with pkgs; [gnome.gnome-session]; + }; +} diff --git a/hosts/common/optional/docker.nix b/hosts/common/optional/docker.nix new file mode 100644 index 0000000..a0f86ac --- /dev/null +++ b/hosts/common/optional/docker.nix @@ -0,0 +1,5 @@ +{ + virtualisation.docker = { + enable = true; + }; +} diff --git a/hosts/common/optional/encrypted-root.nix b/hosts/common/optional/encrypted-root.nix new file mode 100644 index 0000000..8989ae4 --- /dev/null +++ b/hosts/common/optional/encrypted-root.nix @@ -0,0 +1,7 @@ +{config, ...}: let + hostname = config.networking.hostName; +in { + boot.initrd = { + luks.devices."${hostname}".device = "/dev/disk/by-label/${hostname}_crypt"; + }; +} diff --git a/hosts/common/optional/gamemode.nix b/hosts/common/optional/gamemode.nix new file mode 100644 index 0000000..4280b04 --- /dev/null +++ b/hosts/common/optional/gamemode.nix @@ -0,0 +1,3 @@ +{ + programs.gamemode.enable = true; +} diff --git a/hosts/common/optional/kde-connect.nix b/hosts/common/optional/kde-connect.nix new file mode 100644 index 0000000..3ed1be8 --- /dev/null +++ b/hosts/common/optional/kde-connect.nix @@ -0,0 +1,22 @@ +{ + config, + lib, + pkgs, + ... +}: { + programs.kdeconnect.enable = true; + + # Create system services for KDE connect + systemd.user.services.kdeconnect = { + description = "Adds communication between your desktop and your smartphone"; + after = ["graphical-session-pre.target"]; + partOf = ["graphical-session.target"]; + wantedBy = ["graphical-session.target"]; + + serviceConfig = { + #Environment = "PATH=${config.home.profileDirectory}/bin"; + ExecStart = "${pkgs.plasma5Packages.kdeconnect-kde}/libexec/kdeconnectd"; + Restart = "on-abort"; + }; + }; +} diff --git a/hosts/common/optional/printing.nix b/hosts/common/optional/printing.nix new file mode 100644 index 0000000..b58fb83 --- /dev/null +++ b/hosts/common/optional/printing.nix @@ -0,0 +1,24 @@ +{ + config, + lib, + pkgs, + ... +}: { + services = { + # Printer Setup + printing.enable = true; + avahi = { + enable = true; + nssmdns = true; + # for a WiFi printer + openFirewall = true; + }; + udev.packages = [pkgs.utsushi]; + }; + + # Scanner Setup + hardware.sane = { + enable = true; + extraBackends = [pkgs.utsushi]; + }; +} diff --git a/hosts/common/optional/quietboot.nix b/hosts/common/optional/quietboot.nix new file mode 100644 index 0000000..35786bb --- /dev/null +++ b/hosts/common/optional/quietboot.nix @@ -0,0 +1,33 @@ +{ + pkgs, + config, + ... +}: { + console = { + useXkbConfig = true; + earlySetup = false; + }; + + boot = { + plymouth = { + enable = true; + theme = "spinner-monochrome"; + themePackages = [ + (pkgs.plymouth-spinner-monochrome.override { + inherit (config.boot.plymouth) logo; + }) + ]; + }; + loader.timeout = 0; + kernelParams = [ + "quiet" + "loglevel=3" + "systemd.show_status=auto" + "udev.log_level=3" + "rd.udev.log_level=3" + "vt.global_cursor_default=0" + ]; + consoleLogLevel = 0; + initrd.verbose = false; + }; +} diff --git a/hosts/common/optional/rgb.nix b/hosts/common/optional/rgb.nix new file mode 100644 index 0000000..8bb5d2f --- /dev/null +++ b/hosts/common/optional/rgb.nix @@ -0,0 +1,12 @@ +{ + config, + lib, + pkgs, + ... +}: { + services.hardware.openrgb = { + enable = true; + package = pkgs.openrgb-with-all-plugins; + motherboard = lib.mkDefault config.variables.machine.motherboard; + }; +} diff --git a/hosts/common/optional/systemd-boot.nix b/hosts/common/optional/systemd-boot.nix new file mode 100644 index 0000000..40d04b2 --- /dev/null +++ b/hosts/common/optional/systemd-boot.nix @@ -0,0 +1,9 @@ +{ + boot.loader = { + systemd-boot = { + enable = true; + consoleMode = "max"; + }; + efi.canTouchEfiVariables = true; + }; +} diff --git a/hosts/common/optional/systemd-exit-node.nix b/hosts/common/optional/systemd-exit-node.nix new file mode 100644 index 0000000..e984366 --- /dev/null +++ b/hosts/common/optional/systemd-exit-node.nix @@ -0,0 +1,6 @@ +{ + imports = [../global/tailscale.nix]; + services.tailscale = { + useRoutingFeatures = "both"; + }; +} diff --git a/hosts/common/optional/wireshark.nix b/hosts/common/optional/wireshark.nix new file mode 100644 index 0000000..44223ce --- /dev/null +++ b/hosts/common/optional/wireshark.nix @@ -0,0 +1,5 @@ +{ + programs.wireshark = { + enable = true; + }; +} diff --git a/hosts/common/optional/x11-no-suspend.nix b/hosts/common/optional/x11-no-suspend.nix new file mode 100644 index 0000000..0005eed --- /dev/null +++ b/hosts/common/optional/x11-no-suspend.nix @@ -0,0 +1,7 @@ +{ + services.xserver.serverFlagsSection = '' + Option "StandbyTime" "0" + Option "SuspendTime" "0" + Option "OffTime" "0" + ''; +} diff --git a/hosts/common/users/ghoscht/default.nix b/hosts/common/users/ghoscht/default.nix new file mode 100644 index 0000000..c5f4043 --- /dev/null +++ b/hosts/common/users/ghoscht/default.nix @@ -0,0 +1,44 @@ +{ + pkgs, + config, + ... +}: let + ifTheyExist = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups; +in { + users.users.ghoscht = { + isNormalUser = true; + shell = pkgs.fish; + extraGroups = + [ + "wheel" + "video" + "audio" + "camera" + ] + ++ ifTheyExist [ + "minecraft" + "network" + "networkmanager" + "wireshark" + "i2c" + "mysql" + "docker" + "podman" + "git" + "libvirtd" + "deluge" + "lp" + "scanner" + "kvm" + "libvirtd" + "tty" + "dialout" + ]; + + packages = [pkgs.home-manager]; + }; + + home-manager.users.ghoscht = import ../../../../home/ghoscht/${config.networking.hostName}.nix; + + security.pam.services = {}; +}