{ inputs, lib, pkgs, configVars, outputs, ... }: let # Disko setup fsType = "btrfs"; # one of ext4 or btrfs. Use btrfs if using impermanence dev = "/dev/nvme0n1"; # depends on target hardware encrypted = true; # currrently only applies to btrfs btrfsMountDevice = if encrypted then "/dev/mapper/crypted" else "/dev/root_vg/root"; user = "sam"; impermanence = true; piholeIp = configVars.networking.addresses.pihole.ip; gatewayIp = configVars.networking.addresses.gateway.ip; semitaIp = configVars.networking.addresses.semita.ip; in { imports = [ # Create users for this host ../common/users/${user} # Disk configuration inputs.disko.nixosModules.disko (import ../common/disks { device = dev; impermanence = impermanence; fsType = fsType; encrypted = encrypted; }) # Impermanence (import ../common/disks/btrfs/impermanence.nix { btrfsMountDevice = btrfsMountDevice; lib = lib; }) # Import core options ./hardware-configuration.nix ../common/core # Import optional options ../common/optional/persistence.nix ../common/optional/pipewire.nix ../common/optional/openssh.nix ../common/optional/dwm.nix # ../common/optional/printing.nix ../common/optional/docker.nix ../common/optional/nix-ld.nix ../common/optional/gaming.nix ../common/optional/restic-backup.nix # # # bind mounts # ../common/optional/fileserver/bind-mounts/homeshare.nix ../common/optional/fileserver/nfs-server/homeshare.nix # nixos-containers ../common/optional/nixos-containers/nix-bitcoin.nix ../common/optional/nixos-containers/postgres.nix ../common/optional/nixos-containers/baseddata-worker.nix ../common/optional/nixos-containers/semitamaps-worker.nix ../common/optional/nixos-containers/backup-server.nix ../common/optional/nixos-containers/docker.nix ../common/optional/nixos-containers/pihole.nix ../common/optional/nixos-containers/metrics-server.nix # # Build nix derivations on remote machine # ../common/optional/distributed-builds/local-machine.nix outputs.nixosModules.nixosAutoUpgrade ]; fileSystems."/mnt/main-ssd" = { device = "/dev/disk/by-uuid/ba884006-e813-4b67-9fe6-62aea08b3b59"; fsType = "ext4"; }; services.tailscale.useRoutingFeatures = "server"; boot = { blacklistedKernelModules = ["snd_hda_intel" "snd_soc_skl"]; kernelPackages = pkgs.linuxPackagesFor pkgs.linux_latest; loader = { systemd-boot.enable = true; efi.canTouchEfiVariables = true; timeout = 3; }; }; services = { xserver = { dpi = 144; upscaleDefaultCursor = true; }; # enable oom killer when system ram drops below 5% free earlyoom = { enable = true; freeMemThreshold = 5; # <%5 free }; }; services.prometheus = { exporters = { node = { enable = true; enabledCollectors = ["systemd"]; openFirewall = true; }; }; }; system.services.nixosAutoUpgrade = { enable = true; persistent = true; reboot = false; pushUpdates = true; configDir = "/etc/nixos"; onCalendar = "*-*-* 06:00:00"; user = "sam"; }; environment.variables = { GDK_SCALE = "1"; GDK_DPI_SCALE = "1"; _JAVA_OPTIONS = "-Dsun.java2d.uiScale=1.8"; QT_AUTO_SCREEN_SCALE_FACTOR = "1"; XCURSOR_SIZE = "32"; }; hardware.firmware = [ pkgs.sof-firmware ]; swapDevices = [ { device = "/.swapvol/swapfile"; size = 4 * 1024; } ]; # Add hardware support for intel gpus as specified here: https://nixos.wiki/wiki/Jellyfin nixpkgs.config.packageOverrides = pkgs: { vaapiIntel = pkgs.vaapiIntel.override {enableHybridCodec = true;}; }; hardware.graphics = { enable = true; extraPackages = with pkgs; [ intel-media-driver intel-vaapi-driver vaapiVdpau libvdpau-va-gl intel-compute-runtime # only available on unstable unstable.vpl-gpu-rt intel-media-sdk ]; }; programs.fuse.userAllowOther = true; boot.kernel.sysctl = { "net.ipv4.ip_forward" = true; "net.ipv6.conf.all.forwarding" = true; }; networking = { hostName = "semita"; nameservers = ["${piholeIp}" "${gatewayIp}" "8.8.8.8"]; defaultGateway = "${gatewayIp}"; useDHCP = false; bridges = { br0 = { interfaces = ["eth0"]; }; }; interfaces.br0 = { ipv4.addresses = [ { "address" = "${semitaIp}"; "prefixLength" = 24; } ]; }; }; services.libinput.enable = true; }