{ config, pkgs, lib, ... }: let nixosHardwareVersion = "7f1836531b126cfcf584e7d7d71bf8758bb58969"; sopsNixVersion = "8f093d0d2f08f37317778bd94db5951d6cce6c46"; timeZone = "Europe/Berlin"; defaultLocale = "en_US.UTF-8"; storageConfig = import ./config/storage.nix; storageModel = import ./intermediate/storage.nix; in { imports = [ "${fetchTarball "https://github.com/NixOS/nixos-hardware/archive/${nixosHardwareVersion}.tar.gz"}/raspberry-pi/4" "${fetchTarball "https://github.com/Mic92/sops-nix/archive/${sopsNixVersion}.tar.gz"}/modules/sops" ./system ./services ./programs ]; fileSystems = storageModel.fileSystems; swapDevices = [ { device = "${storageConfig.ssd.path}/swapfile"; size = 8192; } ]; networking.hostName = "raspberry"; environment.systemPackages = with pkgs; [ docker-compose docker-client podman podman-compose ]; time.timeZone = timeZone; virtualisation.docker = { enable = true; autoPrune.enable = true; daemon.settings = { "log-driver" = "json-file"; "log-opts" = { "max-size" = "10m"; "max-file" = "3"; }; }; }; virtualisation.podman = { enable = true; defaultNetwork.settings.dns_enabled = false; }; i18n = { defaultLocale = defaultLocale; extraLocaleSettings = { LC_ADDRESS = defaultLocale; LC_IDENTIFICATION = defaultLocale; LC_MEASUREMENT = defaultLocale; LC_MONETARY = defaultLocale; LC_NAME = defaultLocale; LC_NUMERIC = defaultLocale; LC_PAPER = defaultLocale; LC_TELEPHONE = defaultLocale; LC_TIME = defaultLocale; }; }; users = { mutableUsers = false; }; # Enable passwordless sudo. security.sudo.extraRules = [ { users = ["nudelerde"]; commands = [ { command = "ALL"; options = ["NOPASSWD"]; } ]; } ]; nix.gc = { automatic = true; dates = "weekly"; options = "--delete-older-than +5"; # Keep last 5 generations }; nix.settings.experimental-features = [ "nix-command" "flakes" ]; # Enable GPU acceleration hardware.raspberry-pi."4".fkms-3d.enable = true; system.stateVersion = "23.11"; }