pupbrained/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

asahi

Browse source
This commit is contained in:
Mars 2024-06-13 02:30:20 -04:00
parent 122f80c49b
commit 320faef2a6
Signed by: pupbrained
GPG key ID: EF82E8CA83FF158C
13 changed files with 325 additions and 689 deletions
Download patch file Download diff file Expand all files Collapse all files

126
systems/x86_64-linux/navis/default.nix → systems/aarch64-linux/canis-nixos/default.nix
View file

@ -46,111 +46,43 @@ with lib // pkgs // inputs; {
DefaultEnvironment="PATH=${path}"
'';
age = {
secrets.passwd.file = /etc/secrets/passwd.age;
identityPaths = ["/persist/root/.ssh/id_ed25519"];
};
chaotic = {
scx = {
enable = true;
scheduler = "scx_rusty";
};
steam.extraCompatPackages = [
luxtorpeda
proton-ge-custom
];
};
virtualisation = {
spiceUSBRedirection.enable = true;
libvirtd = {
enable = true;
qemu = {
package = qemu_kvm;
swtpm.enable = true;
ovmf.enable = true;
ovmf.packages = [OVMFFull.fd];
};
};
podman = {
virtualisation.podman = {
enable = true;
dockerCompat = true;
dockerSocket.enable = true;
};
};
environment = {
sessionVariables = {
BROWSER = "firefox-nightly";
BROWSER = "firefox";
EDITOR = "nvim";
TERMINAL = "wezterm";
DIRENV_WARN_TIMEOUT = "100s";
NIXOS_OZONE_WL = "1";
};
systemPackages = [
agenix.packages.${system}.default
gnome.nautilus
internal.lightly-boehs-qt6
snowfallorg.flake
sound-theme-freedesktop
winetricks
wineWowPackages.staging
xclip
yt-dlp
];
persistence."/persist" = {
hideMounts = true;
directories = [
"/etc/NetworkManager"
"/etc/secrets"
"/etc/ssh"
"/etc/mullvad-vpn"
"/root/.ssh"
"/var/lib/bluetooth"
"/var/lib/nixos"
"/var/lib/systemd/coredump"
];
files = ["/etc/machine-id"];
};
};
boot = {
blacklistedKernelModules = ["nouveau"];
kernelPackages = linuxPackages_cachyos;
supportedFilesystems = ["btrfs" "ntfs"];
initrd.systemd = {
enable = true;
emergencyAccess = true; # No password needed because of LUKS
};
plymouth = {
enable = true;
catppuccin.enable = true;
};
extraModprobeConfig =
"options nvidia "
+ concatStringsSep " " [
"NVreg_UsePageAttributeTable=1"
"NVreg_EnablePCIeGen3=1"
"NVreg_RegistryDwords=RMUseSwI2c=0x01;RMI2cSpeed=100"
];
kernelParams = [
"intel_iommu=on"
"iommu=pt"
"kvm.ignore_msrs=1"
"modprobe.blacklist=nouveau"
];
extraModprobeConfig = "options apple_dcp show_notch=1";
loader = {
efi.canTouchEfiVariables = true;
efi.canTouchEfiVariables = false;
systemd-boot = {
enable = true;
@ -205,8 +137,6 @@ with lib // pkgs // inputs; {
min-free = "${toString (5 * 1024 * 1024 * 1024)}";
max-free = "${toString (10 * 1024 * 1024 * 1024)}";
extra-sandbox-paths = [config.programs.ccache.cacheDir];
extra-experimental-features = [
"flakes" # flakes
"nix-command" # experimental nix commands
@ -238,13 +168,11 @@ with lib // pkgs // inputs; {
};
programs = {
ccache.enable = true;
dconf.enable = true;
fish.enable = true;
gamemode.enable = true;
steam.enable = true;
steam.enable = false;
gnupg.agent.enable = true;
virt-manager.enable = true;
hyprland = {
enable = true;
@ -253,19 +181,18 @@ with lib // pkgs // inputs; {
nh = {
enable = true;
clean.enable = true;
clean.extraArgs = "--keep-since 4d --keep 3";
flake = "/home/marshall/nix-config";
};
};
networking = {
useDHCP = mkDefault true;
hostName = "navis";
firewall.enable = false;
nameservers = ["1.1.1.1" "1.0.0.1"];
networkmanager.dns = "none";
networkmanager.enable = true;
wireless.iwd = {
enable = true;
settings.General.EnableNetworkConfiguration = true;
};
};
time.timeZone = "America/New_York";
@ -275,11 +202,7 @@ with lib // pkgs // inputs; {
flatpak.enable = true;
getty.autologinUser = "marshall";
gnome.gnome-keyring.enable = true;
mullvad-vpn.enable = true;
ollama.enable = true;
openssh.enable = true;
spice-vdagentd.enable = true;
udisks2.enable = true;
greetd = {
enable = true;
@ -300,7 +223,6 @@ with lib // pkgs // inputs; {
xserver = {
enable = true;
videoDrivers = ["nvidia"];
};
pipewire = {
@ -312,43 +234,25 @@ with lib // pkgs // inputs; {
};
users = {
mutableUsers = false;
users.marshall = {
isNormalUser = true;
extraGroups = ["wheel" "gamemode" "libvirtd" "networkmanager"];
shell = fish;
hashedPasswordFile = config.age.secrets.passwd.path;
};
};
hardware = {
asahi = {
peripheralFirmwareDirectory = ./firmware;
useExperimentalGPUDriver = true;
};
bluetooth.enable = true;
i2c.enable = true;
opengl = {
enable = true;
driSupport = true;
driSupport32Bit = true;
extraPackages = [
vaapiVdpau
nvidia-vaapi-driver
];
};
nvidia-container-toolkit.enable = true;
nvidia = {
package = config.boot.kernelPackages.nvidiaPackages.beta;
modesetting.enable = true;
powerManagement.enable = true;
prime = {
sync.enable = true;
intelBusId = "PCI:0:2:0";
nvidiaBusId = "PCI:1:0:0";
};
};
};

BIN
systems/aarch64-linux/canis-nixos/firmware/all_firmware.tar.gz Executable file
View file

Binary file not shown.

BIN
systems/aarch64-linux/canis-nixos/firmware/kernelcache.release.mac14g Executable file
View file

Binary file not shown.

54
systems/aarch64-linux/canis-nixos/hardware.nix Normal file
View file

@ -0,0 +1,54 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
lib,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
powerManagement.cpuFreqGovernor = "conservative";
boot.initrd.availableKernelModules = ["usb_storage"];
boot.initrd.kernelModules = [];
boot.kernelModules = [];
boot.extraModulePackages = [];
fileSystems."/" = {
device = "/dev/disk/by-uuid/bc2d65bb-2316-404d-aff4-cba0cca8f6b5";
fsType = "btrfs";
options = ["subvol=root"];
};
fileSystems."/home" = {
device = "/dev/disk/by-uuid/bc2d65bb-2316-404d-aff4-cba0cca8f6b5";
fsType = "btrfs";
options = ["subvol=home"];
};
fileSystems."/nix" = {
device = "/dev/disk/by-uuid/bc2d65bb-2316-404d-aff4-cba0cca8f6b5";
fsType = "btrfs";
options = ["subvol=nix"];
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/23FC-1D19";
fsType = "vfat";
options = ["fmask=0022" "dmask=0022"];
};
swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.wlan0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
}

96
systems/x86_64-linux/navis/hardware.nix
View file

@ -1,96 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
boot.tmp.useTmpfs = true;
fileSystems."/" = {
device = "/dev/disk/by-uuid/d375c3a3-63a3-47f8-8b77-58fabbb8f67b";
fsType = "btrfs";
options = ["subvol=root"];
};
boot.initrd.systemd.services.wipe-root = {
requires = ["dev-mapper-enc.device"];
after = ["dev-mapper-enc.device"];
wantedBy = ["initrd.target"];
script = lib.mkAfter ''
mkdir /btrfs_tmp
mount /dev/disk/by-uuid/d375c3a3-63a3-47f8-8b77-58fabbb8f67b /btrfs_tmp
if [[ -e /btrfs_tmp/root ]]; then
mkdir -p /btrfs_tmp/old_roots
timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
fi
delete_subvolume_recursively() {
IFS=$'\n'
for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
delete_subvolume_recursively "/btrfs_tmp/$i"
done
btrfs subvolume delete "$1"
}
for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
delete_subvolume_recursively "$i"
done
btrfs subvolume create /btrfs_tmp/root
umount /btrfs_tmp
'';
};
boot.initrd.luks.devices."enc".device = "/dev/disk/by-uuid/9952fcd1-46eb-4c9c-ab7d-361d31fdb9a2";
fileSystems."/home" = {
device = "/dev/disk/by-uuid/d375c3a3-63a3-47f8-8b77-58fabbb8f67b";
fsType = "btrfs";
options = ["subvol=home" "compress=zstd"];
};
fileSystems."/nix" = {
device = "/dev/disk/by-uuid/d375c3a3-63a3-47f8-8b77-58fabbb8f67b";
fsType = "btrfs";
options = ["subvol=nix" "compress=zstd" "noatime"];
};
fileSystems."/persist" = {
device = "/dev/disk/by-uuid/d375c3a3-63a3-47f8-8b77-58fabbb8f67b";
neededForBoot = true;
fsType = "btrfs";
options = ["subvol=persist" "compress=zstd"];
};
fileSystems."/var/log" = {
device = "/dev/disk/by-uuid/d375c3a3-63a3-47f8-8b77-58fabbb8f67b";
fsType = "btrfs";
options = ["subvol=log" "compress=zstd" "noatime"];
neededForBoot = true;
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/12CE-A600";
fsType = "vfat";
options = ["fmask=0022" "dmask=0022"];
};
swapDevices = [];
networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}