nixos/hosts/semita/default.nix

194 lines
4.6 KiB
Nix
Raw Normal View History

2024-09-09 11:41:10 +01:00
{
inputs,
lib,
pkgs,
configVars,
2025-01-16 18:51:56 +00:00
outputs,
2024-09-09 11:41:10 +01:00
...
}: let
2024-05-30 21:20:39 +01:00
# Disko setup
fsType = "btrfs"; # one of ext4 or btrfs. Use btrfs if using impermanence
2024-05-31 22:18:40 +01:00
dev = "/dev/nvme0n1"; # depends on target hardware
2024-05-30 21:20:39 +01:00
encrypted = true; # currrently only applies to btrfs
2024-09-09 11:41:10 +01:00
btrfsMountDevice =
if encrypted
then "/dev/mapper/crypted"
else "/dev/root_vg/root";
2024-05-31 00:17:16 +01:00
user = "sam";
2024-06-28 20:21:27 +01:00
impermanence = true;
2025-01-15 23:59:48 +00:00
piholeIp = configVars.networking.addresses.pihole.ip;
gatewayIp = configVars.networking.addresses.gateway.ip;
semitaIp = configVars.networking.addresses.semita.ip;
2024-09-09 11:41:10 +01:00
in {
imports = [
# Create users for this host
../common/users/${user}
2024-05-30 21:20:39 +01:00
2024-09-09 11:41:10 +01:00
# Disk configuration
inputs.disko.nixosModules.disko
(import ../common/disks {
device = dev;
impermanence = impermanence;
fsType = fsType;
encrypted = encrypted;
})
2024-05-30 21:20:39 +01:00
2024-09-09 11:41:10 +01:00
# Impermanence
(import ../common/disks/btrfs/impermanence.nix {
btrfsMountDevice = btrfsMountDevice;
lib = lib;
})
2024-05-30 21:20:39 +01:00
2024-09-09 11:41:10 +01:00
# Import core options
./hardware-configuration.nix
../common/core
2024-05-30 21:20:39 +01:00
2024-09-09 11:41:10 +01:00
# Import optional options
../common/optional/persistence.nix
../common/optional/pipewire.nix
../common/optional/openssh.nix
../common/optional/dwm.nix
2025-01-15 23:59:48 +00:00
# ../common/optional/printing.nix
2025-01-12 16:10:35 +00:00
../common/optional/docker.nix
2024-10-19 13:33:51 +01:00
../common/optional/nix-ld.nix
2024-11-26 20:01:55 +00:00
../common/optional/gaming.nix
../common/optional/restic-backup.nix
2025-01-19 11:33:03 +00:00
#
# # bind mounts
# ../common/optional/fileserver/bind-mounts/homeshare.nix
2025-01-19 11:33:03 +00:00
../common/optional/fileserver/nfs-server/homeshare.nix
2025-01-18 00:24:28 +00:00
2025-01-12 16:10:35 +00:00
# nixos-containers
../common/optional/nixos-containers/nix-bitcoin.nix
../common/optional/nixos-containers/postgres.nix
../common/optional/nixos-containers/baseddata-worker.nix
2025-01-15 13:26:25 +00:00
../common/optional/nixos-containers/semitamaps-worker.nix
../common/optional/nixos-containers/backup-server.nix
2025-01-12 16:10:35 +00:00
../common/optional/nixos-containers/docker.nix
../common/optional/nixos-containers/pihole.nix
../common/optional/nixos-containers/metrics-server.nix
2025-01-12 16:10:35 +00:00
# # Build nix derivations on remote machine
2025-01-12 20:27:21 +00:00
# ../common/optional/distributed-builds/local-machine.nix
2025-01-16 18:51:56 +00:00
outputs.nixosModules.nixosAutoUpgrade
2024-09-09 11:41:10 +01:00
];
2024-05-30 21:20:39 +01:00
2025-01-15 13:26:25 +00:00
fileSystems."/mnt/main-ssd" = {
2024-10-04 17:53:32 +01:00
device = "/dev/disk/by-uuid/ba884006-e813-4b67-9fe6-62aea08b3b59";
fsType = "ext4";
};
services.tailscale.useRoutingFeatures = "server";
2024-05-30 21:20:39 +01:00
boot = {
2024-09-09 11:41:10 +01:00
blacklistedKernelModules = ["snd_hda_intel" "snd_soc_skl"];
2024-06-01 16:39:14 +01:00
kernelPackages = pkgs.linuxPackagesFor pkgs.linux_latest;
2024-05-30 21:20:39 +01:00
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
timeout = 3;
};
};
2024-07-20 17:38:49 +01:00
services = {
xserver = {
dpi = 144;
upscaleDefaultCursor = true;
};
2025-01-18 00:24:28 +00:00
# enable oom killer when system ram drops below 5% free
earlyoom = {
enable = true;
freeMemThreshold = 5; # <%5 free
};
2024-07-20 17:38:49 +01:00
};
2025-01-18 00:24:28 +00:00
services.prometheus = {
exporters = {
node = {
enable = true;
enabledCollectors = ["systemd"];
openFirewall = true;
};
};
};
2025-01-16 18:51:56 +00:00
system.services.nixosAutoUpgrade = {
enable = true;
persistent = true;
2025-01-16 18:52:50 +00:00
reboot = false;
2025-01-16 18:51:56 +00:00
pushUpdates = true;
configDir = "/etc/nixos";
2025-01-16 23:14:01 +00:00
onCalendar = "*-*-* 06:00:00";
2025-01-16 18:51:56 +00:00
user = "sam";
};
2024-07-20 17:38:49 +01:00
environment.variables = {
GDK_SCALE = "1";
GDK_DPI_SCALE = "1";
2024-07-20 17:38:49 +01:00
_JAVA_OPTIONS = "-Dsun.java2d.uiScale=1.8";
QT_AUTO_SCREEN_SCALE_FACTOR = "1";
XCURSOR_SIZE = "32";
};
2024-06-01 16:39:14 +01:00
hardware.firmware = [
pkgs.sof-firmware
];
2025-01-08 11:59:40 +00:00
swapDevices = [
{
device = "/.swapvol/swapfile";
size = 4 * 1024;
2025-01-08 11:59:40 +00:00
}
];
2024-11-26 20:01:55 +00:00
# Add hardware support for intel gpus as specified here: https://nixos.wiki/wiki/Jellyfin
nixpkgs.config.packageOverrides = pkgs: {
vaapiIntel = pkgs.vaapiIntel.override {enableHybridCodec = true;};
};
hardware.graphics = {
2024-10-06 17:26:39 +01:00
enable = true;
extraPackages = with pkgs; [
intel-media-driver
intel-vaapi-driver
vaapiVdpau
libvdpau-va-gl
intel-compute-runtime
# only available on unstable
unstable.vpl-gpu-rt
2024-10-06 17:26:39 +01:00
intel-media-sdk
];
};
programs.fuse.userAllowOther = true;
boot.kernel.sysctl = {
"net.ipv4.ip_forward" = true;
"net.ipv6.conf.all.forwarding" = true;
};
2024-05-30 21:20:39 +01:00
networking = {
hostName = "semita";
2025-01-15 23:59:48 +00:00
nameservers = ["${piholeIp}" "${gatewayIp}" "8.8.8.8"];
defaultGateway = "${gatewayIp}";
useDHCP = false;
bridges = {
br0 = {
interfaces = ["eth0"];
};
};
interfaces.br0 = {
2024-10-03 14:55:42 +01:00
ipv4.addresses = [
{
"address" = "${semitaIp}";
"prefixLength" = 24;
2024-10-03 14:55:42 +01:00
}
];
};
2024-05-30 21:20:39 +01:00
};
services.libinput.enable = true;
}