.

2026-03-16 12:19:11 -03:00 · 2026-03-16 12:19:11 -03:00 · 73ff9ee8ee
commit 73ff9ee8ee
31 changed files with 4906 additions and 0 deletions
--- a/packages.nix
+++ b/packages.nix
@ -0,0 +1,248 @@
+{ config, pkgs, ... }:
+{
+  environment.systemPackages = with pkgs; [
+    bat
+    black
+    blade-formatter
+    cmake
+    cifs-utils
+    coreutils
+    bluetuith
+    bluez
+    bluez-tools
+    cargo
+    clang
+    clang-tools
+    clevis
+    cliphist
+    distrobox
+    dos2unix
+    dnsutils
+    dunst
+    (import ./templates/extract.sh.nix { inherit pkgs; })
+    eza
+    fd
+    ffmpeg
+    fira-code-symbols
+    fish
+    fractal
+    freetube
+    fuzzel
+    fzf
+    git
+    gh
+    ghostty
+    go
+    google-chrome
+    gopass
+    gopass-jsonapi
+    gopls
+    hyprpicker
+    htmx-lsp2
+    imagemagick
+    inkscape
+    pavucontrol
+    pciutils
+    poppler
+    jetbrains.datagrip
+    jq
+    lazygit
+    (pkgs.writeShellScriptBin "lf" ''
+      cd_file="/tmp/lf-lastdir-$$"
+
+      ${pkgs.lf}/bin/lf "$@"
+
+      if [ -f "$cd_file" ]; then
+        cd "$(cat "$cd_file")"
+        rm "$cd_file"
+      fi
+    '')
+    libreoffice
+    libvirt
+    linux-firmware
+    lldb
+    lua-language-server
+    luarocks
+    lutris
+    mpv
+    nerd-fonts.monaspace
+    niri
+    niri-scratchpad
+    nixd
+    nixfmt
+    (wrapOBS {
+      plugins = with obs-studio-plugins; [
+        wlrobs
+        obs-pipewire-audio-capture
+      ];
+    })
+    # ols
+    php
+    php84Packages.composer
+    php84Packages.php-cs-fixer
+    phpactor
+    podman-compose
+    podman-tui
+    prettierd
+    playerctl
+    qemu_full
+    qmk
+    quickshell
+    resvg
+    ripgrep
+    ripdrag
+    rust-analyzer
+    sshfs
+    starship
+    step-cli
+    stow
+    stylua
+    sops
+    swayimg
+    texlab
+    texlive.combined.scheme-full
+    tmux
+    thunderbird
+    tor-browser
+    ungoogled-chromium
+    unzip
+    virt-manager
+    virt-viewer
+    vscode-langservers-extracted
+    watchexec
+    wayland
+    wgsl-analyzer
+    # wineWowPackages.waylandFull
+    wineWow64Packages.waylandFull
+    winetricks
+    wl-clipboard
+    xxd
+    xdg-user-dirs
+    xwayland-satellite
+    yazi
+    zathura
+    # zig_0_15
+    # zls_0_15
+    zoxide
+  ];
+
+  hardware.keyboard.qmk.enable = true;
+
+  programs = {
+    fish.enable = true;
+    virt-manager.enable = true;
+    direnv.enable = true;
+    gnupg.agent = {
+      enable = true;
+      enableSSHSupport = true;
+    };
+    nix-ld.enable = true;
+    niri.enable = true;
+    dconf.enable = true;
+    thunar.enable = true;
+  };
+
+  virtualisation.containers.enable = true;
+  virtualisation.podman = {
+    enable = true;
+    dockerCompat = true;
+    # rootless = {
+    #   enable = true;
+    #   setSocketVariable = true;
+    # };
+    defaultNetwork.settings.dns_enabled = true;
+    # storageDriver = "btrfs";
+  };
+
+  virtualisation.spiceUSBRedirection.enable = true;
+  virtualisation.libvirtd = {
+    enable = true;
+    extraConfig = ''
+      user="user"
+    '';
+    onBoot = "ignore";
+    onShutdown = "shutdown";
+    qemu = {
+      package = pkgs.qemu_full;
+      verbatimConfig = ''
+        cgroup_device_acl = [
+        "/dev/null", "/dev/full", "/dev/zero",
+        "/dev/random", "/dev/urandom", "/dev/ptmx",
+        "/dev/kvm", "/dev/kvmfr0"
+        ]
+      '';
+      runAsRoot = true;
+      swtpm.enable = true;
+    };
+  };
+
+  programs.steam = {
+    enable = true;
+    remotePlay.openFirewall = true;
+    dedicatedServer.openFirewall = true;
+    localNetworkGameTransfers.openFirewall = true;
+  };
+
+  programs.firejail = {
+    enable = true;
+    wrappedBinaries = {
+      chromium-sandbox = {
+        executable = "${pkgs.chromium}/bin/chromium";
+        profile = "${pkgs.firejail}/etc/firejail/chromium-browser.profile";
+        extraArgs = [
+          "--netns=wg0ns"
+          "--whitelist=/home/user/downloads"
+          "--env=TGK_THEME=Adwaita:dark"
+          "--dns=10.2.0.1"
+          "--private=/data/sandbox/chromium"
+        ];
+      };
+      google-chrome-stable = {
+        # executable = "${chrome-argumented}/bin/google-chrome-stable";
+        executable = "${pkgs.google-chrome}/bin/google-chrome-stable";
+        profile = "${pkgs.firejail}/etc/firejail/google-chrome-stable.profile";
+        extraArgs = [
+          "--env=GTK_THEME=Adwaita:dark"
+          "--netns=wg-br0ns"
+          "--dns=10.2.0.1"
+          "--whitelist=/home/user/downloads"
+          "--whitelist=/home/user/pictures"
+        ];
+      };
+      tor-browser = {
+        executable = "${pkgs.tor-browser}/bin/tor-browser";
+        profile = "${pkgs.firejail}/etc/firejail/tor-browser-en-us.profile";
+        extraArgs = [
+          "--netns=wg0ns"
+          "--dns=1.1.1.1"
+        ];
+      };
+      freetube = {
+        executable = "${pkgs.freetube}/bin/freetube";
+        profile = "${pkgs.firejail}/etc/firejail/freetube.profile";
+        extraArgs = [
+          "--netns=wg0ns"
+          "--dns=1.1.1.1"
+        ];
+      };
+    };
+  };
+
+  # services.ollama = {
+  #   enable = true;
+  #   package = pkgs.ollama-cuda;
+  #   home = "/data/ollama";
+  #   user = "ollama";
+  #   group = "user";
+  #   loadModels = [
+  #     "llama3"
+  #   ];
+  # };
+  # services.open-webui = {
+  #   enable = true;
+  #   port = 11347;
+  #   environment = {
+  #     OLLAMA_API_BASE_URL = "${config.services.ollama.host}:${toString config.services.ollama.port}";
+  #   };
+  # };
+}