{ pkgs, ... }: { imports = [ ./hardware-configuration.nix ../common/global ../common/users/lander ../common/optional/fonts.nix ../common/optional/keybase.nix ../common/optional/yubikey-gpg.nix ../common/optional/virt.nix ../common/optional/restic.nix ../common/optional/steam.nix ]; networking = { hostName = "wodan"; networkmanager.enable = true; }; boot = { loader = { systemd-boot.enable = true; efi.canTouchEfiVariables = true; }; initrd.luks.devices."luks-ed2282ac-fd73-4d82-9224-b7596b5b7cac".device = "/dev/disk/by-uuid/ed2282ac-fd73-4d82-9224-b7596b5b7cac"; binfmt.emulatedSystems = [ "aarch64-linux" ]; }; services.xserver.enable = true; services.xserver.displayManager.gdm.enable = true; services.xserver.desktopManager.gnome.enable = true; services.xserver.xkb = { layout = "us"; variant = ""; }; security.pam.loginLimits = [ { domain = "@audio"; item = "memlock"; type = "-"; value = "unlimited"; } { domain = "@audio"; item = "rtprio"; type = "-"; value = "99"; } { domain = "@audio"; item = "nofile"; type = "soft"; value = "99999"; } { domain = "@audio"; item = "nofile"; type = "hard"; value = "99999"; } ]; services.pulseaudio.enable = false; security.rtkit.enable = true; services.pipewire = { enable = true; alsa.enable = true; alsa.support32Bit = true; pulse.enable = true; jack.enable = true; }; nixpkgs.config.allowUnfree = true; environment.systemPackages = with pkgs; [ (firefox.override { nativeMessagingHosts = [ passff-host ]; }) vim wget git texliveFull terraform opentofu tf-summarize awscli2 libreoffice x32edit packer ansible opensoundmeter helvum ardour yabridge yabridgectl wineWowPackages.stable winetricks kicad ]; nix.settings.experimental-features = [ "nix-command" "flakes" ]; services.tailscale.enable = true; services.mullvad-vpn = { enable = true; package = pkgs.mullvad-vpn; }; services.printing.enable = true; services.printing.drivers = [ pkgs.brlaser pkgs.hplip ]; services.avahi = { enable = true; nssmdns4 = true; openFirewall = true; }; system.stateVersion = "24.05"; }