{ config, pkgs, lib, inputs, ... }: { imports = [ inputs.private.nixosModules.base ]; systemd.tmpfiles.rules = lib.mapAttrsToList (key: value: "L+ /etc/channels/${key} - - - - ${value.outPath}") inputs; nix = { nixPath = [ "/etc/channels" ]; registry.nixpkgs.to = { type = "path"; path = inputs.nixpkgs.outPath; }; settings.auto-optimise-store = true; extraOptions = '' experimental-features = nix-command flakes ''; gc = { automatic = true; dates = "8:00"; options = "--delete-older-than 14d"; }; settings.trusted-users = [ "artemis" ]; }; nixpkgs = { overlays = [ inputs.artemist.overlays.default inputs.fonts.overlays.default ]; config.allowUnfreePredicate = pkg: (pkg ? passthru && pkg.passthru ? font && pkg.passthru.font) || (builtins.elem (lib.getName pkg) [ "1password" "brscan5" "brscan5-etc-files" "corefonts" "google-chrome" "jlink" "makemkv" "steamdeck-hw-theme" "steam" "steam-jupiter-original" "steam-original" "steam-run" "unrar" ]); }; console = { keyMap = "us"; earlySetup = true; }; time.timeZone = "Etc/UTC"; environment.shellAliases.cp = "cp --reflink=auto --sparse=always"; networking.firewall.enable = false; programs.fish.enable = true; users = { users.artemis = { isNormalUser = true; description = "Artemis Tosini"; uid = 1000; extraGroups = [ "wheel" "artemis" ]; shell = pkgs.fish; # hashedPassword set in private }; groups.artemis.gid = config.users.users.artemis.uid; mutableUsers = false; }; security.sudo.execWheelOnly = true; systemd.extraConfig = "DefaultLimitCORE=infinity"; security.pam.loginLimits = [{ domain = "*"; item = "core"; type = "hard"; value = "infinity"; }]; }