{ config, pkgs, ... }: { environment.systemPackages = with pkgs; [ bat black blade-formatter cmake cifs-utils coreutils bluetuith bluez bluez-tools cargo clang clang-tools clevis cliphist distrobox dos2unix dnsutils dunst (import ./templates/extract.sh.nix { inherit pkgs; }) eza fd ffmpeg fira-code-symbols fish fractal freetube fuzzel fzf git gh ghostty go google-chrome gopass gopass-jsonapi gopls hyprpicker htmx-lsp2 imagemagick inkscape pavucontrol pciutils poppler jetbrains.datagrip jq lazygit (pkgs.writeShellScriptBin "lf" '' cd_file="/tmp/lf-lastdir-$$" ${pkgs.lf}/bin/lf "$@" if [ -f "$cd_file" ]; then cd "$(cat "$cd_file")" rm "$cd_file" fi '') libreoffice libvirt linux-firmware lldb lua-language-server luarocks lutris mpv nerd-fonts.monaspace niri niri-scratchpad nixd nixfmt (wrapOBS { plugins = with obs-studio-plugins; [ wlrobs obs-pipewire-audio-capture ]; }) # ols php php84Packages.composer php84Packages.php-cs-fixer phpactor podman-compose podman-tui prettierd playerctl qemu_full qmk quickshell resvg ripgrep ripdrag rust-analyzer sshfs starship step-cli stow stylua sops swayimg texlab texlive.combined.scheme-full tmux thunderbird tor-browser ungoogled-chromium unzip virt-manager virt-viewer vscode-langservers-extracted watchexec wayland wgsl-analyzer # wineWowPackages.waylandFull wineWow64Packages.waylandFull winetricks wl-clipboard xxd xdg-user-dirs xwayland-satellite yazi zathura # zig_0_15 # zls_0_15 zoxide ]; hardware.keyboard.qmk.enable = true; programs = { fish.enable = true; virt-manager.enable = true; direnv.enable = true; gnupg.agent = { enable = true; enableSSHSupport = true; }; nix-ld.enable = true; niri.enable = true; dconf.enable = true; thunar.enable = true; }; virtualisation.containers.enable = true; virtualisation.podman = { enable = true; dockerCompat = true; # rootless = { # enable = true; # setSocketVariable = true; # }; defaultNetwork.settings.dns_enabled = true; # storageDriver = "btrfs"; }; virtualisation.spiceUSBRedirection.enable = true; virtualisation.libvirtd = { enable = true; extraConfig = '' user="user" ''; onBoot = "ignore"; onShutdown = "shutdown"; qemu = { package = pkgs.qemu_full; verbatimConfig = '' cgroup_device_acl = [ "/dev/null", "/dev/full", "/dev/zero", "/dev/random", "/dev/urandom", "/dev/ptmx", "/dev/kvm", "/dev/kvmfr0" ] ''; runAsRoot = true; swtpm.enable = true; }; }; programs.steam = { enable = true; remotePlay.openFirewall = true; dedicatedServer.openFirewall = true; localNetworkGameTransfers.openFirewall = true; }; programs.firejail = { enable = true; wrappedBinaries = { chromium-sandbox = { executable = "${pkgs.chromium}/bin/chromium"; profile = "${pkgs.firejail}/etc/firejail/chromium-browser.profile"; extraArgs = [ "--netns=wg0ns" "--whitelist=/home/user/downloads" "--env=TGK_THEME=Adwaita:dark" "--dns=10.2.0.1" "--private=/data/sandbox/chromium" ]; }; google-chrome-stable = { # executable = "${chrome-argumented}/bin/google-chrome-stable"; executable = "${pkgs.google-chrome}/bin/google-chrome-stable"; profile = "${pkgs.firejail}/etc/firejail/google-chrome-stable.profile"; extraArgs = [ "--env=GTK_THEME=Adwaita:dark" "--netns=wg-br0ns" "--dns=10.2.0.1" "--whitelist=/home/user/downloads" "--whitelist=/home/user/pictures" ]; }; tor-browser = { executable = "${pkgs.tor-browser}/bin/tor-browser"; profile = "${pkgs.firejail}/etc/firejail/tor-browser-en-us.profile"; extraArgs = [ "--netns=wg0ns" "--dns=1.1.1.1" ]; }; freetube = { executable = "${pkgs.freetube}/bin/freetube"; profile = "${pkgs.firejail}/etc/firejail/freetube.profile"; extraArgs = [ "--netns=wg0ns" "--dns=1.1.1.1" ]; }; }; }; # services.ollama = { # enable = true; # package = pkgs.ollama-cuda; # home = "/data/ollama"; # user = "ollama"; # group = "user"; # loadModels = [ # "llama3" # ]; # }; # services.open-webui = { # enable = true; # port = 11347; # environment = { # OLLAMA_API_BASE_URL = "${config.services.ollama.host}:${toString config.services.ollama.port}"; # }; # }; }