{ pkgs, ... }: { imports = [ ./hardware-configuration.nix ]; my = { user = { username = "errie"; homeModule = ./home; extraGroups = [ "dialout" ]; }; secure-boot.enable = true; bootloader.type = "systemdBoot"; fs = { luks.enable = true; ssd.enable = true; bootPartition = true; snapshots = true; type = "btrfs"; }; laptop = { enable = true; amd.enable = true; }; networking = { networkManager.enable = true; i2p.enable = true; eddie = let forwardedPorts = [ 14110 50459 ]; in { enable = true; allowedTCPPorts = forwardedPorts; allowedUDPPorts = forwardedPorts; }; }; bin-compat.enable = true; docker.enable = true; interception.enable = true; location.enable = true; virt-manager.enable = true; wireshark.enable = true; syncthing = { enable = true; asUser = true; }; cli = { fish.enable = true; nix-index.enable = true; sudo.insults.enable = true; }; desktop = { enable = true; audio.enable = true; bluetooth.enable = true; gaming.enable = true; hyprland.enable = true; # TODO: reenable after cve is addressed (too lazy to check if actually affected) printing.enable = false; }; }; boot.kernelPackages = pkgs.linuxPackages; environment.systemPackages = with pkgs; [ dos2unix amdgpu_top framework-tool fw-ectool (p7zip.override {enableUnfree = true;}) ]; programs = { git.package = pkgs.gitFull; }; hardware.sensor.iio.enable = true; services = { fwupd.enable = true; fprintd.enable = true; flatpak.enable = true; openssh = { enable = true; settings = { PasswordAuthentication = false; }; }; }; system.stateVersion = "23.11"; }