nixos/hosts/citadel/default.nix

219 lines
6.9 KiB
Nix
Raw Normal View History

2024-09-15 10:12:56 +01:00
{
inputs,
lib,
pkgs,
config,
configVars,
2025-01-16 13:51:46 +00:00
outputs,
2024-09-15 10:12:56 +01:00
...
}: let
2024-07-20 12:38:57 +01:00
# Disko setup
fsType = "btrfs"; # one of ext4 or btrfs. Use btrfs if using impermanence
dev = "/dev/nvme0n1"; # depends on target hardware
encrypted = true; # currrently only applies to btrfs
2024-09-15 10:12:56 +01:00
btrfsMountDevice =
if encrypted
then "/dev/mapper/crypted"
else "/dev/root_vg/root";
2024-07-20 12:38:57 +01:00
user = "sam";
impermanence = true;
2025-01-15 23:59:48 +00:00
piholeIp = configVars.networking.addresses.pihole.ip;
gatewayIp = configVars.networking.addresses.gateway.ip;
2024-09-15 10:12:56 +01:00
in {
imports = [
# Create users for this host
../common/users/${user}
2024-07-20 12:38:57 +01:00
2024-09-15 10:12:56 +01:00
# Disk configuration
inputs.disko.nixosModules.disko
(import ../common/disks {
device = dev;
impermanence = impermanence;
fsType = fsType;
encrypted = encrypted;
})
2024-07-20 12:38:57 +01:00
2024-09-15 10:12:56 +01:00
# Impermanence
(import ../common/disks/btrfs/impermanence.nix {
btrfsMountDevice = btrfsMountDevice;
lib = lib;
})
2024-07-20 12:38:57 +01:00
2024-09-15 10:12:56 +01:00
# Import core options
./hardware-configuration.nix
../common/core
2024-07-20 12:38:57 +01:00
2024-09-15 10:12:56 +01:00
# Import optional options
../common/optional/persistence.nix
../common/optional/pipewire.nix
../common/optional/openssh.nix
../common/optional/dwm.nix
# ../common/optional/fileserver/media.nix
# ../common/optional/fileserver/homeshare.nix
# ../common/optional/fileserver/photos.nix
2024-09-15 10:12:56 +01:00
../common/optional/printing.nix
../common/optional/backlight.nix
../common/optional/xmodmap-arrow-remaps.nix
2024-10-19 13:33:51 +01:00
../common/optional/nix-ld.nix
2024-11-12 21:18:21 +00:00
../common/optional/gaming.nix
../common/optional/powersave.nix
../common/optional/restic-backup.nix
2025-01-08 11:59:40 +00:00
# This machine is used for remote building
2025-01-12 20:27:21 +00:00
../common/optional/distributed-builds/remote-builder-machine.nix
2025-01-16 13:51:46 +00:00
# ../../modules/nixos
outputs.nixosModules.nixosAutoUpgrade
2024-09-15 10:12:56 +01:00
];
2024-07-20 12:38:57 +01:00
boot = {
2024-09-15 10:12:56 +01:00
blacklistedKernelModules = ["snd_hda_intel" "snd_soc_skl"];
kernelModules = ["iwlwifi"];
initrd.kernelModules = ["thinkpad-acpi" "acpi-call"];
2024-07-20 12:38:57 +01:00
kernelPackages = pkgs.linuxPackagesFor pkgs.linux_latest;
2024-07-20 23:50:33 +01:00
extraModulePackages = [
config.boot.kernelPackages.acpi_call
];
2024-07-20 12:38:57 +01:00
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
timeout = 3;
};
};
2024-11-12 19:41:27 +00:00
swapDevices = [
{
device = "/.swapvol/swapfile";
size = 4 * 1024;
2024-11-12 19:41:27 +00:00
}
];
2025-01-16 13:51:46 +00:00
system.services.nixosAutoUpgrade = {
enable = true;
persistent = true;
2025-01-16 17:51:47 +00:00
reboot = false;
2025-01-16 18:51:56 +00:00
pushUpdates = false;
2025-01-16 13:51:46 +00:00
configDir = "/etc/nixos";
2025-01-16 23:30:20 +00:00
onCalendar = "*-*-* 08:00:00";
2025-01-16 13:51:46 +00:00
user = "sam";
};
2024-07-20 17:38:49 +01:00
services = {
libinput.touchpad.accelSpeed = "0.5";
xserver = {
xkb.options = "caps:swapescape";
dpi = 196;
upscaleDefaultCursor = true;
2024-11-12 19:41:27 +00:00
# FIXME this doesnt work for some reason
# displayManager.sessionCommands = pkgs.writeShellScriptBin "key-remaps" ''
# ${pkgs.xorg.xmodmap}/bin/xmodmap -e "keycode 64 = Mode_switch"
# ${pkgs.xorg.xmodmap}/bin/xmodmap -e "keycode 43 = h H Left H"
# ${pkgs.xorg.xmodmap}/bin/xmodmap -e "keycode 44 = j J Down J"
# ${pkgs.xorg.xmodmap}/bin/xmodmap -e "keycode 45 = k K Up K"
# ${pkgs.xorg.xmodmap}/bin/xmodmap -e "keycode 46 = l L Right L"
# '';
2024-07-20 17:38:49 +01:00
};
2025-01-16 13:51:46 +00:00
# enable oom killer when system ram drops below 5% free
earlyoom = {
enable = true;
freeMemThreshold = 5; # <%5 free
};
2024-07-20 17:38:49 +01:00
};
2024-11-12 21:18:21 +00:00
# fix cpu throttling on Lenovo Thinkpad
# see: https://github.com/erpalma/throttled
services.throttled.enable = true;
2024-07-20 17:38:49 +01:00
environment.variables = {
GDK_SCALE = "2.2";
GDK_DPI_SCALE = "0.8";
_JAVA_OPTIONS = "-Dsun.java2d.uiScale=2.2";
QT_AUTO_SCREEN_SCALE_FACTOR = "1";
XCURSOR_SIZE = "64";
};
hardware = {
2024-07-20 23:51:40 +01:00
bluetooth = {
enable = true;
powerOnBoot = true;
};
enableRedistributableFirmware = true;
firmware = [
pkgs.sof-firmware
];
};
2024-07-20 12:38:57 +01:00
2024-11-12 19:41:27 +00:00
# nvidia
hardware.opengl = {
enable = true;
};
services.xserver.videoDrivers = ["nvidia"];
2024-11-12 19:41:27 +00:00
hardware.nvidia = {
prime = {
offload = {
enable = true;
enableOffloadCmd = true;
};
intelBusId = "PCI:0:2:0";
nvidiaBusId = "PCI:1:0:0";
};
nvidiaPersistenced = true;
2024-11-12 19:41:27 +00:00
modesetting.enable = true;
powerManagement.enable = true;
powerManagement.finegrained = true;
2024-11-12 19:41:27 +00:00
open = false;
nvidiaSettings = true;
# # FIXME issue with stable nvidia driver and latest linux kernel
# # use mkDriver to specify newer nvidia driver that is compatible
# # see: https://github.com/NixOS/nixpkgs/issues/341844#issuecomment-2351075413
# # and https://discourse.nixos.org/t/builder-for-nvidia-x11-550-78-6-10-drv-failed-with-exit-code-2/49360/32
# package = config.boot.kernelPackages.nvidiaPackages.mkDriver {
# version = "555.58.02";
# sha256_64bit = "sha256-xctt4TPRlOJ6r5S54h5W6PT6/3Zy2R4ASNFPu8TSHKM=";
# sha256_aarch64 = "sha256-wb20isMrRg8PeQBU96lWJzBMkjfySAUaqt4EgZnhyF8=";
# openSha256 = "sha256-8hyRiGB+m2hL3c9MDA/Pon+Xl6E788MZ50WrrAGUVuY=";
# settingsSha256 = "sha256-ZpuVZybW6CFN/gz9rx+UJvQ715FZnAOYfHn5jt5Z2C8=";
# persistencedSha256 = "sha256-a1D7ZZmcKFWfPjjH1REqPM5j/YLWKnbkP9qfRyIyxAw=";
# };
2024-11-12 19:41:27 +00:00
};
# https://bbs.archlinux.org/viewtopic.php?id=297276 for NVreg_EnableGpuFirmware fix
# https://discourse.nixos.org/t/how-to-use-nvidia-prime-offload-to-run-the-x-server-on-the-integrated-board/9091/15
# for udev rules to disable dGPU when not in use
boot.extraModprobeConfig = ''
options nvidia NVreg_EnableGpuFirmware=0
'';
services.udev.extraRules = ''
# Remove NVIDIA USB xHCI Host Controller devices, if present
ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x0c0330", ATTR{remove}="1"
# Remove NVIDIA USB Type-C UCSI devices, if present
ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x0c8000", ATTR{remove}="1"
# Remove NVIDIA Audio devices, if present
ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x040300", ATTR{remove}="1"
# Enable runtime PM for NVIDIA VGA/3D controller devices on driver bind
ACTION=="bind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030000", TEST=="power/control", ATTR{power/control}="auto"
ACTION=="bind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030200", TEST=="power/control", ATTR{power/control}="auto"
# Disable runtime PM for NVIDIA VGA/3D controller devices on driver unbind
ACTION=="unbind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030000", TEST=="power/control", ATTR{power/control}="on"
ACTION=="unbind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030200", TEST=="power/control", ATTR{power/control}="on"
'';
2024-11-12 19:41:27 +00:00
programs.fuse.userAllowOther = true;
2024-07-20 12:38:57 +01:00
networking = {
hostName = "citadel";
networkmanager.enable = true;
enableIPv6 = false;
2025-01-15 23:59:48 +00:00
nameservers = ["${piholeIp}" "${gatewayIp}" "8.8.8.8"];
2024-07-20 12:38:57 +01:00
};
services.libinput.enable = true;
}