commit eb49c566e1f03f2aa427461bb2fe2c2b96aa315e Author: Nathan McCarty Date: Mon Dec 20 13:37:26 2021 -0500 Initial Commit diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..41fbeb0 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +**/result diff --git a/applications/communications.nix b/applications/communications.nix new file mode 100644 index 0000000..e6ca49e --- /dev/null +++ b/applications/communications.nix @@ -0,0 +1,62 @@ +# Communications software +{ config, pkgs, unstable, ... }: +{ + # Pull in personal overlay + # nixpkgs.overlays = [ (import ../../overlays/personal/overlay.nix) ]; + + environment.systemPackages = with pkgs; + let + ## Wayland workaround chromium desktop items + # Facebook messenger + fbChromeDesktopItem = pkgs.makeDesktopItem { + name = "messenger-chrome"; + desktopName = "Messenger (chrome)"; + exec = "${pkgs.chromium}/bin/chromium --enable-features=UseOzonePlatform -ozone-platform=wayland --app=\"https://messenger.com\""; + terminal = false; + }; + # Teams + teamsItem = pkgs.makeDesktopItem { + name = "teams-wayland"; + desktopName = "Teams (Wayland)"; + exec = "${pkgs.chromium}/bin/chromium --enable-features=UseOzonePlatform -ozone-platform=wayland --app=\"https://teams.microsoft.com\""; + terminal = false; + }; + ## Pass wayland options to existing applications + signalWaylandItem = pkgs.makeDesktopItem { + name = "signal-desktop-wayland"; + desktopName = "Signal (Wayland)"; + exec = "${pkgs.signal-desktop}/bin/signal-desktop --enable-features=UseOzonePlatform -ozone-platform=wayland"; + terminal = false; + icon = "signal-desktop"; + type = "Application"; + }; + zulipWayland = pkgs.makeDesktopItem { + name = "zulip-wayland"; + desktopName = "Zulip (Wayland)"; + exec = "${unstable.zulip}/bin/zulip --enable-features=UseOzonePlatform --ozone-platform=wayland"; + terminal = false; + icon = "zulip"; + type = "Application"; + }; + in + [ + # Discord + discord + unstable.betterdiscordctl + # Use unstable element for latest features + unstable.element-desktop-wayland + # Desktop signal client + signal-desktop + signalWaylandItem + # Desktop telegram client + tdesktop + # zulip + unstable.zulip + zulipWayland + # chromium + chromium + # Wayland workaround packages + fbChromeDesktopItem + teamsItem + ]; +} diff --git a/applications/devel-core.nix b/applications/devel-core.nix new file mode 100644 index 0000000..fd39166 --- /dev/null +++ b/applications/devel-core.nix @@ -0,0 +1,25 @@ +# Core development libraries +{ config, pkgs, unstable, ... }: +{ + environment.systemPackages = with pkgs; [ + # Full version of git + unstable.gitFull + # Git addons + git-secret + unstable.git-lfs + # General development requirements + python3Full + cmake + gcc + unstable.libvterm-neovim + libtool + binutils + clang + gnumake + nixpkgs-fmt + # jq for interacting with JSON + jq + # Direnv for nix-shell niceness + direnv + ]; +} diff --git a/applications/devel-rust.nix b/applications/devel-rust.nix new file mode 100644 index 0000000..5929bb6 --- /dev/null +++ b/applications/devel-rust.nix @@ -0,0 +1,26 @@ +# Utilities for developing in rust +{ config, pkgs, unstable, fenix, ... }: +{ + environment.systemPackages = with pkgs; [ + # Use rustup to get the compiler + rustup + # Install the latest rust analyzer + fenix.rust-analyzer + # Sccache and lld for faster builds + sccache + lld_12 + # Misc cargo utilites + cargo-binutils # Allow invoking the llvm tools included with the toolchain + cargo-edit # Command line Cargo.toml manipulation + cargo-asm # Dump the generated assembly + cargo-fuzz # front end for fuzz testing rust + cargo-license # Audit the licenses of dependencies + cargo-criterion # Benchmarking front end + cargo-audit # Check dependencies for known CVEs + cargo-bloat # Find out what's taking up space in the executable + cargo-udeps # Find unused dependencies + cargo-expand # Dump expanded macros + unstable.cargo-tarpaulin # Code coverage + cargo-play # Quickly execute code outside of a crate + ]; +} diff --git a/applications/emacs.nix b/applications/emacs.nix new file mode 100644 index 0000000..131acee --- /dev/null +++ b/applications/emacs.nix @@ -0,0 +1,7 @@ +{ config, pkgs, unstable, ... }: +{ + # Install emacs + environment.systemPackages = with pkgs; [ + unstable.emacsPgtkGcc + ]; +} diff --git a/applications/image-editing.nix b/applications/image-editing.nix new file mode 100644 index 0000000..9ca5da8 --- /dev/null +++ b/applications/image-editing.nix @@ -0,0 +1,16 @@ +# Image editing applications +{ config, pkgs, unstable, ... }: +{ + environment.systemPackages = with pkgs; [ + # RawTherapee for raw editing + unstable.rawtherapee + # Gimp for complex editing + unstable.gimp-with-plugins + # Krita for drawing + unstable.krita + # Pinta for basic image editing + unstable.pinta + # Command line tools for image conversion and handling + imagemagickBig + ]; +} diff --git a/applications/media.nix b/applications/media.nix new file mode 100644 index 0000000..d4606c9 --- /dev/null +++ b/applications/media.nix @@ -0,0 +1,15 @@ +# Media players and other applications +{ config, pkgs, unstable, ... }: +{ + # imports = [ ../../sensitive/mopidy.nix ]; + environment.systemPackages = with pkgs; [ + # Spotify + spotify + # Latest version of vlc + unstable.vlc + # Plex client + plex-media-player + # OBS studio for screen recording + unstable.obs-studio + ]; +} diff --git a/applications/syncthing.nix b/applications/syncthing.nix new file mode 100644 index 0000000..602189f --- /dev/null +++ b/applications/syncthing.nix @@ -0,0 +1,14 @@ +{ config, pkgs, unstable, ... }: +{ + # Enable synthing service and tray + services.syncthing = { + enable = true; + user = "nathan"; + configDir = "/home/nathan/.config/syncthing"; + }; + # Install synthing and syncthing-tray + environment.systemPackages = with pkgs; [ + syncthing + unstable.syncthingtray + ]; +} diff --git a/applications/utils-core.nix b/applications/utils-core.nix new file mode 100644 index 0000000..00f03a1 --- /dev/null +++ b/applications/utils-core.nix @@ -0,0 +1,34 @@ +# Basic, must have, command-line utilities +{ config, pkgs, unstable, ... }: +{ + environment.systemPackages = with pkgs; [ + # Basic command line utilities + wget + tmux + nano + unzip + any-nix-shell + htop + # Spell check + hunspell + hunspellDicts.en-us + # Rust rewrites of common shell utilities + unstable.starship + exa + bat + fd + sd + du-dust + ripgrep + tokei + unstable.procs + hyperfine + unstable.bottom + # Pandoc for documentation + unstable.pandoc + # For nslookup + dnsutils + # Feh image viewer + feh + ]; +} diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..7a440d6 --- /dev/null +++ b/flake.lock @@ -0,0 +1,99 @@ +{ + "nodes": { + "emacs": { + "locked": { + "lastModified": 1640083461, + "narHash": "sha256-e3HJoCajImuDWOk6nnb6nJNzh0AD6PjL+Er4gzGT7ss=", + "owner": "nix-community", + "repo": "emacs-overlay", + "rev": "043268ac469364214a02918717d74d9a0cc1af3d", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "emacs-overlay", + "type": "github" + } + }, + "fenix": { + "inputs": { + "nixpkgs": [ + "nixpkgs-unstable" + ], + "rust-analyzer-src": "rust-analyzer-src" + }, + "locked": { + "lastModified": 1640067945, + "narHash": "sha256-V3aybCE3rPXraX8sSzamdsGuIuTQI77tliyyufZR+mU=", + "owner": "nix-community", + "repo": "fenix", + "rev": "433679b1d41fc1d40a2f6382305f4a10ccc57457", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "fenix", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1639989170, + "narHash": "sha256-REf0rqdJs6XIPo/zc/FhJMecggjEXi45QyiV207y30Y=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "86453059bf8312f0f5bf1fe8a2f52da2be664489", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-21.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1639966735, + "narHash": "sha256-FmVGFiyqE+pjQUTCTY0H75hqrnBnbEf3VVRB4dsd4KI=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "d87b72206aadebe6722944f541f55d33fd7046fb", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "emacs": "emacs", + "fenix": "fenix", + "nixpkgs": "nixpkgs", + "nixpkgs-unstable": "nixpkgs-unstable" + } + }, + "rust-analyzer-src": { + "flake": false, + "locked": { + "lastModified": 1639175515, + "narHash": "sha256-Yj38u9BpKfyGrcSEaoSEnOns885xn/Ask6lR5rsxS8k=", + "owner": "rust-analyzer", + "repo": "rust-analyzer", + "rev": "d03397fe1173eaeb2e04c9e55ac223289e7e08ee", + "type": "github" + }, + "original": { + "owner": "rust-analyzer", + "ref": "nightly", + "repo": "rust-analyzer", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..b6ab859 --- /dev/null +++ b/flake.nix @@ -0,0 +1,79 @@ +{ + description = "Nathan's system configurations"; + + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/nixos-21.11"; + nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; + fenix = { + url = "github:nix-community/fenix"; + inputs.nixpkgs.follows = "nixpkgs-unstable"; + }; + emacs = { + url = "github:nix-community/emacs-overlay"; + inputs.nixpkgs.follows = "nixpkgs-unstable"; + }; + }; + + outputs = { self, nixpkgs, nixpkgs-unstable, fenix, emacs }: + + { + nixosConfigurations.levitation = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { + unstable = import nixpkgs-unstable { + config = { allowUnfree = true; }; + overlays = [ emacs.overlay ]; + system = "x86_64-linux"; + }; + fenix = fenix.packages.x86_64-linux; + }; + modules = [ + ./hardware/levitation.nix + ./modules/user.nix + ./modules/common.nix + ./modules/audio.nix + ./modules/sway.nix + ./modules/fonts.nix + ./modules/gpg.nix + ./modules/logitech.nix + ./modules/qemu.nix + ./modules/docker.nix + ./modules/ssh.nix + ./applications/utils-core.nix + ./applications/communications.nix + ./applications/devel-core.nix + ./applications/devel-rust.nix + ./applications/emacs.nix + ./applications/image-editing.nix + ./applications/media.nix + ./applications/syncthing.nix + ({ pkgs, ... }: { + ## Boot, drivers, and host name + # Use the systemd-boot EFI boot loader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + # Enable AMD gpu drivers early + boot.initrd.kernelModules = [ "amdgpu" ]; + # Use the zen kernel + boot.kernelPackages = pkgs.linuxPackages_zen; + # Define the hostname, enable dhcp + networking = { + hostName = "levitation"; + domain = "mccarty.io"; + useDHCP = false; + interfaces.enp5s0.useDHCP = true; + }; + ## System specific configuration + programs = { + steam.enable = true; + adb.enable = true; + }; + ## Left over uncategorized packages + environment.systemPackages = with pkgs; [ + firefox-wayland + ]; + }) + ]; + }; + }; +} diff --git a/hardware/levitation.nix b/hardware/levitation.nix new file mode 100644 index 0000000..a34b543 --- /dev/null +++ b/hardware/levitation.nix @@ -0,0 +1,71 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { + device = "/dev/mapper/crypt-pv"; + fsType = "btrfs"; + options = [ "subvol=root" ]; + }; + + boot.initrd.luks.devices."crypt-pv".device = "/dev/disk/by-uuid/15e9f417-b35a-40fe-a066-595be13cf230"; + + fileSystems."/home" = + { + device = "/dev/mapper/crypt-pv"; + fsType = "btrfs"; + options = [ "subvol=home" ]; + }; + + fileSystems."/nix" = + { + device = "/dev/mapper/crypt-pv"; + fsType = "btrfs"; + options = [ "subvol=nix" ]; + }; + + fileSystems."/etc" = + { + device = "/dev/mapper/crypt-pv"; + fsType = "btrfs"; + options = [ "subvol=etc" ]; + }; + + fileSystems."/var" = + { + device = "/dev/mapper/crypt-pv"; + fsType = "btrfs"; + options = [ "subvol=var" ]; + }; + + fileSystems."/boot" = + { + device = "/dev/disk/by-uuid/1425-B41E"; + fsType = "vfat"; + }; + + swapDevices = + [{ + device = "/dev/disk/by-partuuid/f9d26ecd-7df5-48ad-bc19-b9ac4e91b0ee"; + randomEncryption = { + cipher = "aes-xts-plain64"; + enable = true; + source = "/dev/random"; + }; + }]; + + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/modules/audio.nix b/modules/audio.nix new file mode 100644 index 0000000..e4e28a4 --- /dev/null +++ b/modules/audio.nix @@ -0,0 +1,64 @@ +## Setup pipewire, including bluetooth audio +{ config, pkgs, unstable, ... }: +{ + # Disable normal audio subsystem explicitly + sound.enable = false; + # Turn on rtkit, so that audio processes can be upgraded to real time + security.rtkit.enable = true; + # Turn on pipewire + services.pipewire = { + enable = true; + # Turn on all the emulation layers + alsa = { + enable = true; + support32Bit = true; + }; + pulse.enable = true; + jack.enable = true; + # Turn on the media session manager, and setup bluetooth + media-session = { + enable = true; + # Configure bluetooth support + config.bluez-monitor.rules = [ + { + # Matches all cards + matches = [{ "device.name" = "~bluez_card.*"; }]; + actions = { + "update-props" = { + "bluez5.reconnect-profiles" = [ "a2dp_sink" ]; + # SBC-XQ is not expected to work on all headset + adapter combinations. + "bluez5.sbc-xq-support" = true; + }; + }; + } + { + matches = [ + # Matches all sources + { "node.name" = "~bluez_input.*"; } + # Matches all outputs + { "node.name" = "~bluez_output.*"; } + ]; + actions = { + "node.pause-on-idle" = false; + }; + } + ]; + }; + }; + # Turn on bluetooth services + services.blueman.enable = true; + hardware.bluetooth = { + enable = true; + package = pkgs.bluezFull; + }; + # Add pulse audio packages, but do not enable them + environment.systemPackages = [ + pkgs.pulseaudio + ]; + # Add noisetorch for microphone noise canceling + programs.noisetorch = { + enable = true; + # Use latest noisetorch, its a fast moving target + package = unstable.noisetorch; + }; +} diff --git a/modules/common.nix b/modules/common.nix new file mode 100644 index 0000000..0e82341 --- /dev/null +++ b/modules/common.nix @@ -0,0 +1,27 @@ +{ config, pkgs, ... }: +{ + # Allow unfree packages + nixpkgs.config.allowUnfree = true; + # Turn on flakes support (from within a flake, lamo) + nix = { + package = pkgs.nixFlakes; + extraOptions = '' + experimental-features = nix-command flakes + ''; + }; + # Turn on compressed memory swap + zramSwap = { + enable = true; + algorithm = "zstd"; + memoryPercent = 25; + }; + # Automatically optimize and garbage collect the store + nix = { + autoOptimiseStore = true; + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + }; +} diff --git a/modules/docker.nix b/modules/docker.nix new file mode 100644 index 0000000..8f1f401 --- /dev/null +++ b/modules/docker.nix @@ -0,0 +1,10 @@ +{ config, pkgs, unstable, ... }: +{ + # Enable docker and use unstable version + virtualisation.docker = { + enable = true; + package = unstable.docker; + # Automatically prune to keep things lean + autoPrune.enable = true; + }; +} diff --git a/modules/fonts.nix b/modules/fonts.nix new file mode 100644 index 0000000..40ad2ba --- /dev/null +++ b/modules/fonts.nix @@ -0,0 +1,13 @@ +{ config, pkgs, ... }: +{ + fonts.fonts = with pkgs; [ + ## Monospace Fonts + # FiraCode with nerd-fonts patch, as well as fira-code symbols for emacs + (nerdfonts.override { fonts = [ "FiraCode" ]; }) + fira-code-symbols + # Proportional + roboto + liberation_ttf + noto-fonts + ]; +} diff --git a/modules/gpg.nix b/modules/gpg.nix new file mode 100644 index 0000000..829e7f4 --- /dev/null +++ b/modules/gpg.nix @@ -0,0 +1,36 @@ +# Configure gpg with yubikey support +{ config, pkgs, ... }: +{ + # Setup environment for gpg agent + environment.shellInit = '' + export GPG_TTY="$(tty)" + gpg-connect-agent /bye + export SSH_AUTH_SOCK="/run/user/$UID/gnupg/S.gpg-agent.ssh" + ''; + + environment.sessionVariables = { + SSH_AUTH_SOCK = "/run/user/1000/gnupg/S.gpg-agent.ssh"; + }; + + programs = { + # Disable ssh-agent, the gpg-agent will fill in + ssh.startAgent = false; + # Enable gpg-agent with ssh support + gnupg.agent = { + enable = true; + enableSSHSupport = true; + enableExtraSocket = true; + }; + }; + + # Enable ykpersonalize to work + services.udev.packages = [ pkgs.yubikey-personalization ]; + # Enable smartcard service + services.pcscd.enable = true; + + # install gnupg and yubikey personalization + environment.systemPackages = with pkgs; [ + gnupg + yubikey-personalization + ]; +} diff --git a/modules/logitech.nix b/modules/logitech.nix new file mode 100644 index 0000000..8dd107b --- /dev/null +++ b/modules/logitech.nix @@ -0,0 +1,7 @@ +{ config, pkgs, ... }: +{ + hardware.logitech.wireless = { + enable = true; + enableGraphical = true; + }; +} diff --git a/modules/qemu.nix b/modules/qemu.nix new file mode 100644 index 0000000..97d34fe --- /dev/null +++ b/modules/qemu.nix @@ -0,0 +1,12 @@ +# Setup quem/libvirt +{ config, pkgs, ... }: +{ + # Enable the kernel modules + boot.kernelModules = [ "kvm-amd" "kvm-intel" ]; + # Enable libvirt + virtualisation.libvirtd.enable = true; + # Install virt-manager + environment.systemPackages = with pkgs; [ + virtmanager + ]; +} diff --git a/modules/ssh.nix b/modules/ssh.nix new file mode 100644 index 0000000..55cce3c --- /dev/null +++ b/modules/ssh.nix @@ -0,0 +1,22 @@ +{ config, pkgs, ... }: +{ + networking.firewall = { + allowedTCPPorts = [ 22 ]; + allowedUDPPorts = [ 22 ]; + }; + + services.openssh = { + enable = true; + extraConfig = '' + StreamLocalBindUnlink yes + ''; + listenAddresses = [ + { + addr = "0.0.0.0"; + port = 22; + } + ]; + permitRootLogin = "no"; + passwordAuthentication = false; + }; +} diff --git a/modules/sway.nix b/modules/sway.nix new file mode 100644 index 0000000..7d6f434 --- /dev/null +++ b/modules/sway.nix @@ -0,0 +1,85 @@ +## Enable and setup SwayWM +{ config, pkgs, unstable, ... }: +{ + # Turn on GDM for login + services.xserver = { + enable = true; + autorun = true; + displayManager.gdm = { + enable = true; + wayland = true; + }; + # Enable plasma for the applications + desktopManager.plasma5.enable = true; + }; + # Setup drivers + hardware.opengl = { + # Enable vulkan + driSupport = true; + # Force vulkan drivers + extraPackages = [ + pkgs.amdvlk + ]; + # Same as above, but enable 32 bit legacy support (for games) + driSupport32Bit = true; + extraPackages32 = [ + pkgs.driversi686Linux.amdvlk + ]; + }; + # Basic packages that are effectively required for a graphical system + environment.systemPackages = with pkgs; [ + # GTK Theming + gtk-engine-murrine + gtk_engines + gsettings-desktop-schemas + lxappearance + kde-gtk-config + ]; + # Enable QT themeing + programs.qt5ct.enable = true; + # Enable and configure sway itself + programs.sway = { + enable = true; + # Enable the wrapper for gtk applications + wrapperFeatures.gtk = true; + # Install some applications required for sway to work how I want + extraPackages = with pkgs; [ + # Unstable waybar, its a fast moving target + unstable.waybar + # Locking and display management + wdisplays + swaylock-effects + swayidle + # Clipboard + wl-clipboard + # Notifications + mako + # Terminal + alacritty + # glib for sound stuff + glib + # Glpaper for the background + glpaper + # Screenshots + sway-contrib.grimshot + ]; + extraSessionCommands = '' + # Make qt theming work + export QT_QPA_PLATFORMTHEME="qt5ct" + # Make pipewire present a pulse audio tcp port + pactl load-module module-native-protocol-tcp + ''; + }; + + # Enable the xdg-portal + xdg = { + portal = { + enable = true; + extraPortals = with pkgs; [ + xdg-desktop-portal-wlr + xdg-desktop-portal-gtk + ]; + gtkUsePortal = true; + }; + }; +} diff --git a/modules/user.nix b/modules/user.nix new file mode 100644 index 0000000..45e7f1b --- /dev/null +++ b/modules/user.nix @@ -0,0 +1,41 @@ +# Contains general user environment configuration +{ config, pkgs, unstable, ... }: +{ + # Disable mutable users, force everything to go through the flake + users.mutableUsers = false; + + # Set time zone + time.timeZone = "America/New_York"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_US.UTF-8"; + console = { + font = "Lat2-Terminus16"; + keyMap = "us"; + }; + + # enable sudo + security.sudo.enable = true; + + # Enable fish as a login shell + environment.shells = [ pkgs.bashInteractive unstable.fish ]; + users.users.nathan = { + isNormalUser = true; + home = "/home/nathan"; + description = "Nathan McCarty"; + extraGroups = [ "wheel" "networkmanager" "audio" "docker" "libvirtd" "uinput" "adbusers" ]; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILRs6zVljIlQEZ8F+aEBqqbpeFJwCw3JdveZ8TQWfkev cardno:000615938515" + ]; + shell = unstable.fish; + hashedPassword = "$6$ShBAPGwzKZuB7eEv$cbb3erUqtVGFo/Vux9UwT2NkbVG9VGCxJxPiZFYL0DIc3t4GpYxjkM0M7fFnh.6V8MoSKLM/TvOtzdWbYwI58."; + }; + + # Install general use packages + environment.systemPackages = with pkgs; [ + # cachix for nix cache management + cachix + # Install our shell of choice + unstable.fish + ]; +}