{ inputs, pkgs, ... }: { boot.loader = { systemd-boot.enable = true; efi.canTouchEfiVariables = true; }; nixpkgs.config.allowUnfree = true; nix = { # hardlink duplicate files in the nix store settings.auto-optimise-store = true; extraOptions = '' experimental-features = nix-command flakes # keep intermediary deps alive (no redownloading to rebuild after gc) keep-outputs = true keep-derivations = true ''; # flake registries are used by the new nix commands. # this binds the nixpkgs registry to the one in `flake.nix`. registry = { nixpkgs.flake = inputs.nixpkgs; }; # the nix path is used to discover channels for the old nix commands. # this binds the nix path to the channels following `flake.nix` declared below. nixPath = [ "nixpkgs=/etc/nix/inputs/nixpkgs" ]; }; # add entries for `nixPath` above. environment.etc = { "nix/inputs/nixpkgs".source = inputs.nixpkgs.outPath; }; # allow processes to request scheduling priority security.rtkit.enable = true; services.pipewire = { enable = true; alsa.enable = true; alsa.support32Bit = true; pulse.enable = true; jack.enable = true; }; networking = { networkmanager = { enable = true; dns = "systemd-resolved"; }; nameservers = [ "9.9.9.9" ]; }; services.resolved = { enable = true; dnssec = "true"; fallbackDns = [ "9.9.9.9" ]; extraConfig = '' DNSOverTLS=yes ''; }; }