1 files changed, 164 insertions, 0 deletions

diff --git a/system/default.nix b/system/default.nix
new file mode 100644
index 0000000..2124703
--- /dev/null
+++ b/system/default.nix
@@ -0,0 +1,164 @@
+{ config, pkgs, ... }:
+
+{
+  # allow flakes
+  nix.settings.experimental-features = [ "nix-command" "flakes" ];
+
+  # allow unfree packages
+  nixpkgs.config.allowUnfree = true;
+
+  # hostname
+  networking.hostName = config.hostName;
+
+  # common system packages
+  environment.systemPackages = with pkgs; [
+    # editor
+    vim
+    # lib
+    libz
+    openssl
+    shared-mime-info
+    # shell
+    bash
+    zsh
+    # utility
+    acpi
+    alsa-utils
+    curl
+    dig
+    file
+    fuse
+    htop
+    killall
+    mlocate
+    ntfs3g
+    openssh
+    p7zip
+    ripgrep
+    sbctl
+    tree
+    unzip
+    wget
+  ];
+
+  # nix-ld
+  programs.nix-ld.enable = true;
+
+  # appimage
+  programs.appimage = {
+    enable = true;
+    binfmt = true;
+  };
+
+  # use the latest kernel
+  boot.kernelPackages = pkgs.linuxPackages_latest;
+
+  # sysrq
+  boot.kernel.sysctl."kernel.sysrq" = 246;
+
+  # timezone
+  time.timeZone = "America/New_York";
+
+  # locale
+  i18n.defaultLocale = "en_US.UTF-8";
+
+  # services
+  networking.networkmanager.enable = true;
+  networking.networkmanager.dns = "systemd-resolved";
+  networking.firewall.enable = false;
+  services.fwupd.enable = true;
+  services.libinput.enable = true;
+  services.pipewire = {
+    enable = true;
+    alsa.enable = true;
+    pulse.enable = true;
+    jack.enable = true;
+  };
+  services.upower = {
+    enable = true;
+    percentageLow = 20;
+    percentageCritical = 10;
+    percentageAction = 4;
+    criticalPowerAction = "Hibernate";
+  };
+  services.resolved.enable = true;
+
+  # printing
+  services.printing.enable = true;
+  services.avahi = {
+    enable = true;
+    nssmdns4 = true;
+    openFirewall = true;
+  };
+
+  # docker
+  virtualisation.docker.enable = true;
+  virtualisation.docker.storageDriver = "btrfs";
+
+  # create user account
+  users.users.${config.user} = {
+    isNormalUser = true;
+    description = config.fullName;
+    extraGroups = [ "networkmanager" "wheel" "sys" "video" "audio" "docker" "libvirtd" ];
+    home = config.homePath;
+    shell = pkgs.zsh;
+  };
+
+  # certs
+  security.pki.certificateFiles = [
+    ../files/certs/freyanet.crt
+    ../files/certs/tinternet.crt
+  ];
+
+  # mime
+  environment.pathsToLink = [
+    "/share/mime"
+  ];
+
+  # fonts
+  fonts.packages = with pkgs; [
+    corefonts
+    dejavu_fonts
+    fira-code
+    fira-code-symbols
+    jetbrains-mono
+    material-icons
+    nerd-fonts.fira-code
+    noto-fonts
+    noto-fonts-cjk-sans
+    noto-fonts-emoji
+    twemoji-color-font
+    vistafonts
+  ];
+
+  fonts.fontconfig = {
+    enable = true;
+    defaultFonts = {
+      serif = [
+        "Twemoji"
+        "DejaVu Serif"
+      ];
+      sansSerif = [
+        "Twemoji"
+        "DejaVu Sans"
+      ];
+      monospace = [
+        "Fira Code"
+        "FiraCode Nerd Font Mono"
+        "Font Awesome 6 Pro Regular"
+        "Twemoji"
+        "DejaVu Sans Mono"
+      ];
+      emoji = [
+        "Twemoji"
+        "Noto Color Emoji"
+      ];
+    };
+  };
+
+  # vms
+  programs.virt-manager.enable = true;
+  users.groups.libvirtd.members = [config.user];
+  virtualisation.libvirtd.enable = true;
+  virtualisation.spiceUSBRedirection.enable = true;
+}