.

configuration.nix

@@ -0,0 +1,143 @@
+# Edit this configuration file to define what should be installed on
+# your system. Help is available in the configuration.nix(5) man page, on
+# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
+
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+{
+  sops.defaultSopsFile = ./secrets/home.yaml;
+  sops.age.keyFile = "/.persist/root/.config/sops/age/keys.txt";
+  sops.secrets."root/ssh/desktop" = {
+    path = "/root/.ssh/desktop";
+    mode = "0600";
+  };
+  nix.settings.experimental-features = [
+    "nix-command"
+    "flakes"
+  ];
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+
+  boot.initrd.systemd.enable = true;
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  # Set your time zone.
+  time.timeZone = "America/Sao_Paulo";
+
+  # Select internationalisation properties.
+  i18n.defaultLocale = "en_US.UTF-8";
+  #console = {
+  #  # font = "Lat2-Terminus16";
+  #  keyMap = "us";
+  #  useXkbConfig = true; # use xkb.options in tty.
+  #};
+
+  # services.xserver.xkb.layout = "us";
+  # services.xserver.xkb.options = "eurosign:e,caps:escape";
+  services.printing.enable = true;
+
+  services = {
+    xserver.xkb = {
+      layout = "us";
+      variant = "altgr-intl";
+    };
+    pipewire = {
+      enable = true;
+      alsa.enable = true;
+      alsa.support32Bit = true;
+      pulse.enable = true;
+      # jack.enable = true;
+    };
+    logind.settings.Login = {
+      HandlePowerKey = "ignore";
+      HandlePowerKeyLongPress = "ignore";
+      HandleRebootKey = "ignore";
+      HandleRebootKeyLongPress = "ignore";
+      HandleHibernateKey = "ignore";
+      HandleHibernateKeyLongPress = "ignore";
+    };
+    getty = {
+      autologinUser = "user";
+      autologinOnce = true;
+    };
+    # greetd = {
+    #   enable = true;
+    #   settings = rec {
+    #     initial_session = {
+    #       command = "${pkgs.niri}/bin/niri-session";
+    #       user = "user";
+    #     };
+    #     default_session = initial_session;
+    #   };
+    # };
+    tailscale.enable = true;
+  };
+
+  hardware = {
+    graphics = {
+      enable = true;
+      enable32Bit = true;
+    };
+    bluetooth = {
+      enable = true;
+      powerOnBoot = true;
+      settings = {
+        General = {
+          Enable = "Source,Sink,Media,Socket";
+        };
+      };
+    };
+  };
+
+  xdg.portal = {
+    enable = true;
+    xdgOpenUsePortal = true;
+    # config.common.default = [ "*" ];
+    extraPortals = [
+      pkgs.xdg-desktop-portal-gnome
+      pkgs.gnome-keyring
+      pkgs.xdg-desktop-portal-gtk
+    ];
+  };
+
+  qt = {
+    enable = true;
+  };
+
+  fonts.packages = with pkgs; [
+    fira-code-symbols
+    nerd-fonts.monaspace
+  ];
+
+  environment.sessionVariables = {
+    NIXOS_OZONE_WL = "1";
+    EDITOR = "nvim";
+    GTK_IM_MODULE = "simple";
+  };
+
+  security.pki.certificateFiles = [ ./templates/certs/hydra_root_ca.crt ];
+
+  system.stateVersion = "25.11";
+
+  systemd = {
+    user.services.polkit-gnome-authentication-agent-1 = {
+      description = "polkit-gnome-authentication-agent-1";
+      wantedBy = [ "graphical-session.target" ];
+      wants = [ "graphical-session.target" ];
+      after = [ "graphical-session.target" ];
+      serviceConfig = {
+        Type = "simple";
+        ExecStart = "${pkgs.polkit_gnome}/libexec/polkit-gnome-authentication-agent-1";
+        Restart = "on-failure";
+        RestartSec = 1;
+        TimeoutStopSec = 10;
+      };
+    };
+  };
+  services.openssh.enable = true;
+}