diff --git a/configuration.nix b/configuration.nix index af9e440..fc3e18a 100644 --- a/configuration.nix +++ b/configuration.nix @@ -18,6 +18,8 @@ ./modules/programs.nix ]; + chaotic.mesa-git.enable = true; + boot = { initrd.kernelModules = [ ]; initrd.verbose = false; @@ -90,8 +92,12 @@ }; libvirtd = { enable = true; - qemu.swtpm.enable = true; - + qemu = { + swtpm.enable = true; + }; + extraConfig = '' + unix_sock_group = "qemu-libvirtd" + ''; }; }; @@ -103,7 +109,7 @@ "networkmanager" "wheel" "docker" - "libvirtd" + "qemu-libvirtd" ]; shell = pkgs.zsh; #packages = with pkgs; [ ]; @@ -111,10 +117,12 @@ # Allow unfree packages nixpkgs = { - config.allowUnfree = true; - config.permittedInsecurePackages = [ - "ventoy-gtk3-1.1.07" - ]; + config = { + allowUnfree = true; + permittedInsecurePackages = [ + "ventoy-gtk3-1.1.07" + ]; + }; }; environment = { @@ -125,8 +133,10 @@ }; hardware = { - amdgpu.initrd.enable = true; - amdgpu.overdrive.enable = true; + amdgpu = { + initrd.enable = true; + overdrive.enable = true; + }; bluetooth = { enable = true; package = pkgs.bluez.overrideAttrs (old: { @@ -160,6 +170,15 @@ enable = true; }; + security.polkit.extraConfig = '' + polkit.addRule(function(action, subject) { + if (action.id == "org.libvirt.unix.manage" && + subject.isInGroup("qemu-libvirtd")) { + return polkit.Result.YES; + } + }); + ''; + # Open ports in the firewall. # networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ]; @@ -173,14 +192,14 @@ "nix-command" ]; warn-dirty = false; - substituters = [ - "https://nyx.chaotic.cx" - "https://cache.nixos.org/" - ]; - trusted-public-keys = [ - "chaotic-nyx.cachix.org-1:Z94nz89Kd721HGLrYPYiWnL3izUZoofuA+3ykIbE+Bs=" - "cache.nixos.org-1:6NCHdD59MDW/s82/h4RZcnxaz2bYcxoZb0qwYf5ED+w=" - ]; + /* + substituters = [ + "https://cache.nixos.org/" + ]; + trusted-public-keys = [ + "cache.nixos.org-1:6NCHdD59MDW/s82/h4RZcnxaz2bYcxoZb0qwYf5ED+w=" + ]; + */ }; system.stateVersion = "25.05"; diff --git a/flake.lock b/flake.lock index 95ab20b..32fa5cc 100644 --- a/flake.lock +++ b/flake.lock @@ -136,15 +136,15 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1762168314, - "narHash": "sha256-+DX6mIF47gRGoK0mqkTg1Jmcjcup0CAXJFHVkdUx8YA=", - "owner": "nixos", + "lastModified": 1762406524, + "narHash": "sha256-dKJcd9A4Qk/RH3c1awJW0bLngEJO6/TJlrwvGy6U1FA=", + "owner": "NixOS", "repo": "nixpkgs", - "rev": "94fc102d2c15d9c1a861e59de550807c65358e1b", + "rev": "f7213c5cd417469224ae36fcaecc142f7a6a95c2", "type": "github" }, "original": { - "owner": "nixos", + "owner": "NixOS", "ref": "nixos-unstable-small", "repo": "nixpkgs", "type": "github" diff --git a/flake.nix b/flake.nix index e1796e9..44e8825 100644 --- a/flake.nix +++ b/flake.nix @@ -1,14 +1,12 @@ { inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable-small"; - + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable-small"; + chaotic.url = "github:chaotic-cx/nyx/nyxpkgs-unstable"; + nix-flatpak = { url = "github:gmodena/nix-flatpak"; inputs.nixpkgs.follows = "nixpkgs"; }; - - # Keeping this for the binary cache! - chaotic.url = "github:chaotic-cx/nyx/nyxpkgs-unstable"; }; outputs = { self, nixpkgs, nix-flatpak, chaotic, ... }: { @@ -17,10 +15,8 @@ system = "x86_64-linux"; modules = [ ./configuration.nix - nix-flatpak.nixosModules.nix-flatpak - - # This module adds the Chaotic overlay AND the necessary binary cache. chaotic.nixosModules.default + nix-flatpak.nixosModules.nix-flatpak ]; }; }; diff --git a/modules/packages.nix b/modules/packages.nix index acd0af0..3cb0ceb 100644 --- a/modules/packages.nix +++ b/modules/packages.nix @@ -8,7 +8,6 @@ { environment.gnome.excludePackages = with pkgs; [ decibels - evince epiphany geary gnome-connections @@ -55,12 +54,14 @@ curl czkawka ddcutil + discord-krisp distrobox docker-compose dog eza ffmpeg ffmpegthumbnailer + file flat-remix-gnome flat-remix-gtk flatpak-xdg-utils @@ -84,6 +85,7 @@ krita kooha lact + libnotify libreoffice linux-firmware lm_sensors @@ -125,6 +127,7 @@ vkbasalt vlc vscode-fhs + wireshark wev weylus wget