i am missing something enabling my bluetooth on configuration.nix i get plasma 6 bluetooth settings and gui but still cant find my bluetooth adapter. what i am missing on settings
{
config,
pkgs,
lib,
inputs, # Added inputs to access sops and nix-index-database from your flake
...
}:
let
sources = import ./lon.nix;
lanzaboote = import sources.lanzaboote { inherit pkgs; };
in
{
imports = [
./hardware-configuration.nix
./nvidia.nix
lanzaboote.nixosModules.lanzaboote
];
# =============================================================
# BOOTLOADER, SECURE BOOT & TPM UNLOCK
# =============================================================
boot.loader.systemd-boot.enable = lib.mkForce false;
boot.lanzaboote = {
enable = true;
pkiBundle = "/var/lib/sbctl";
};
boot.loader.efi.canTouchEfiVariables = true;
boot.kernelPackages = pkgs.linuxPackages_latest;
# 1. Enable TPM2 tools in the OS
security.tpm2 = {
enable = true;
pkcs11.enable = true;
tctiEnvironment.enable = true;
};
boot.initrd = {
# 2. Enable systemd in initrd (Required for TPM2 unlock)
systemd.enable = true;
# 3. Load TPM drivers early
kernelModules = [ "tpm_tis" ];
# 4. Configure BOTH drives to unlock via TPM so boot is silent
luks.devices = {
# ROOT DRIVE (Your OS) - UUID ending in 93cc1
"luks-f1a43e56-d2f9-4b0e-9238-82b840993cc1" = {
device = "/dev/disk/by-uuid/f1a43e56-d2f9-4b0e-9238-82b840993cc1";
crypttabExtraOpts = [ "tpm2-device=auto" ];
};
# SWAP DRIVE - UUID ending in ef52
"luks-8edb1b27-5162-4113-8d34-8b440a45ef52" = {
device = "/dev/disk/by-uuid/8edb1b27-5162-4113-8d34-8b440a45ef52";
crypttabExtraOpts = [ "tpm2-device=auto" ];
};
};
};
# =============================================================
# PLYMOUTH & SILENT BOOT (WINDOWS-LIKE LOADING SCREEN)
# =============================================================
boot.plymouth = {
enable = true;
theme = "breeze";
};
# Set timeout to 0; hold SPACE during boot to see the generation menu
boot.loader.timeout = 0;
# Suppress kernel text for a clean transition to Plasma
boot.consoleLogLevel = 0;
boot.initrd.verbose = false;
boot.kernelParams = [
"quiet"
"splash"
"boot.shell_on_fail"
"loglevel=3"
"rd.systemd.show_status=false"
"rd.udev.log_level=3"
"udev.log_priority=3"
];
# =============================================================
# POWER USER TOOLS (Nix-Index & Comma)
# =============================================================
# Allows you to run any command with ',' without installing it first
programs.nix-index-database.comma.enable = true;
programs.nix-index.enable = true;
# =============================================================
# SECRET MANAGEMENT (SOPS-NIX MODULE)
# =============================================================
sops = {
defaultSopsFile = ./secrets.yaml;
validateSopsFiles = false;
age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
secrets = {
phatle_password = {
neededForUsers = true;
};
# Backs up the machine identity (Root owned)
"ssh_host_private_key" = {
owner = "root";
mode = "0600";
};
# Places your Codeberg key (User owned)
"ssh_keys_codeberg" = {
owner = "phatle";
mode = "0600";
};
# The specialized Deploy Key for automation (System decrypts, User owns)
"nixos_deploy_key" = {
owner = "phatle";
mode = "0400";
};
};
};
# =============================================================
# NETWORKING & PERFORMANCE
# =============================================================
networking.hostName = "nixos";
networking.networkmanager.enable = true;
networking.firewall.enable = true;
networking.enableIPv6 = true;
boot.kernel.sysctl = {
"net.core.default_qdisc" = "fq";
"net.ipv4.tcp_congestion_control" = "bbr";
"net.ipv6.conf.all.use_tempaddr" = lib.mkForce 2;
"net.ipv6.conf.default.use_tempaddr" = lib.mkForce 2;
};
# Localization and Time
time.timeZone = "Europe/Helsinki";
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "fi_FI.UTF-8";
LC_IDENTIFICATION = "fi_FI.UTF-8";
LC_MEASUREMENT = "fi_FI.UTF-8";
LC_MONETARY = "fi_FI.UTF-8";
LC_NAME = "fi_FI.UTF-8";
LC_NUMERIC = "fi_FI.UTF-8";
LC_PAPER = "fi_FI.UTF-8";
LC_TELEPHONE = "fi_FI.UTF-8";
LC_TIME = "fi_FI.UTF-8";
};
console.keyMap = "fi";
# Desktop Environment
services.xserver.enable = true;
services.displayManager.sddm.enable = true;
services.desktopManager.plasma6.enable = true;
services.xserver.xkb = {
layout = "fi";
variant = "nodeadkeys";
};
# Audio
services.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
# Bluetooth & Battery Reporting (Crucial for MX Master/Keys)
hardware.bluetooth = {
enable = true;
powerOnBoot = true;
settings = {
General = {
Experimental = true;
ControllerMode = "dual";
FastConnectable = "true";
};
Policy = {
AutoEnable = "true";
};
};
};
# User Configuration
users.users.phatle = {
isNormalUser = true;
description = "Marko Jokinen";
extraGroups = [
"networkmanager"
"wheel"
"video"
];
# Triple Security: Use the path to the decrypted secret file
hashedPasswordFile = config.sops.secrets.phatle_password.path;
};
# Shell and Packages
environment.shells = with pkgs; [ zsh ];
users.defaultUserShell = pkgs.zsh;
programs.zsh.enable = true;
environment.systemPackages = with pkgs; [
(blender.override { cudaSupport = true; })
cudaPackages.cuda_cudart
cudaPackages.cuda_nvcc
cudaPackages.cudnn
sbctl
lon
nh
nix-output-monitor
nvd
git
trash-cli
home-manager
steam
usbguard
# Essential for managing your secrets
sops
age
ssh-to-age
];
nixpkgs.config.allowUnfree = true;
fonts.packages = [ pkgs.nerd-fonts.jetbrains-mono ];
# =============================================================
# AUTOMATED SYSTEM UPDATE (2h after boot)
# =============================================================
system.autoUpgrade = {
enable = true;
flake = "/home/phatle/NixOS";
flags = [
"--update-input"
"nixpkgs"
"--commit-lock-file"
];
allowReboot = false;
};
# Trigger the upgrade 2h after boot (overriding the default timer)
systemd.timers.nixos-upgrade = {
timerConfig = {
OnBootSec = "2h";
OnUnitActiveSec = "1d";
Persistent = true;
};
};
# =============================================================
# BUILD OPTIMIZATIONS
# =============================================================
nix.settings = {
experimental-features = [
"nix-command"
"flakes"
];
max-jobs = "auto";
cores = 0;
auto-optimise-store = true;
substituters = [
"https://cache.nixos.org"
"https://nix-community.cachix.org"
];
trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" ];
# Power user tip: prevents git-tracked flakes from complaining about "dirty" state
warn-dirty = false;
};
nix.gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 7d";
};
# =============================================================
# LAPTOP & PROTECTION SERVICES
# =============================================================
services.thermald.enable = true;
services.upower.enable = true;
services.fstrim.enable = true;
services.udev.extraRules = ''
ACTION=="add|change", KERNEL=="nvme[0-9]n[0-9]", ATTR{queue/scheduler}="none"
'';
zramSwap = {
enable = true;
algorithm = "zstd";
memoryPercent = 50;
};
services.earlyoom = {
enable = true;
freeMemThreshold = 10;
freeSwapThreshold = 5;
extraArgs = [
"-g"
"--avoid"
"^(plasmashell|sddm|kwin_wayland)$"
"--prefer"
"^(nix-daemon|cc1plus|rustc|python3)$"
];
};
security.apparmor.enable = true;
security.protectKernelImage = true;
services.usbguard.enable = true;
programs.dconf.enable = true;
services.fprintd.enable = true;
services.fprintd.tod.enable = true;
services.fprintd.tod.driver = pkgs.libfprint-2-tod1-goodix;
services.openssh = {
enable = true;
settings = {
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
PermitRootLogin = "no";
};
};
programs.ssh.startAgent = true;
systemd.services.nixos-upgrade.postStop = ''
if [ -d "/home/phatle/NixOS" ]; then
chown -R phatle:users /home/phatle/NixOS
fi
'';
system.stateVersion = "25.11";
}