From 7e2458b32292615aa088bd61a94e98fb165b6927 Mon Sep 17 00:00:00 2001 From: unexplrd Date: Sat, 3 May 2025 21:52:55 +0300 Subject: [PATCH] hosts: move to new structure Signed-off-by: unexplrd --- hosts/dunamis/boot/default.nix | 4 +- hosts/dunamis/configuration.nix | 17 +--- hosts/dunamis/hardware.nix | 17 ---- hosts/dunamis/hardware/default.nix | 6 ++ .../default.nix => hardware/facter.nix} | 0 .../hardware/vaapi/intel-media-driver.nix | 7 ++ hosts/dunamis/networking.nix | 10 -- hosts/dunamis/networking/default.nix | 9 ++ hosts/dunamis/networking/host-name-id.nix | 6 ++ hosts/dunamis/networking/hosts.nix | 3 + hosts/dunamis/networking/network-manager.nix | 7 ++ hosts/dunamis/programs.nix | 1 + hosts/dunamis/sops.nix | 7 +- hosts/eldrid/boot.nix | 36 ------- hosts/eldrid/boot/default.nix | 39 ++++++++ hosts/eldrid/boot/loader.nix | 15 +++ hosts/eldrid/configuration.nix | 19 +--- hosts/eldrid/disko.nix | 94 ------------------- hosts/eldrid/disko/default.nix | 14 +++ hosts/eldrid/disko/disk-main.nix | 85 +++++++++++++++++ hosts/eldrid/hardware/default.nix | 13 +++ .../hardware/facter.nix} | 0 hosts/eldrid/hardware/laptop/cb-audio-fix.nix | 46 +++++++++ .../laptop/cb-keyboard.nix} | 75 --------------- hosts/eldrid/hardware/laptop/default.nix | 9 ++ .../eldrid/hardware/laptop/home-row-mods.nix | 20 ++++ .../{ => hardware/laptop}/power-saving.nix | 0 .../hardware/laptop/touchscreen-fix.nix | 3 + .../hardware/vaapi/intel-media-driver.nix | 7 ++ hosts/eldrid/minecraft.nix | 23 ----- hosts/eldrid/networking.nix | 9 -- hosts/eldrid/networking/default.nix | 9 ++ hosts/eldrid/networking/host-name-id.nix | 6 ++ hosts/eldrid/networking/hosts.nix | 3 + hosts/eldrid/networking/network-manager.nix | 20 ++++ hosts/eldrid/nix.nix | 35 ------- hosts/eldrid/nix/common.nix | 11 +++ hosts/eldrid/nix/default.nix | 7 ++ hosts/eldrid/nix/distributed-build.nix | 30 ++++++ hosts/eldrid/nix/ssh-serve.nix | 10 ++ hosts/eldrid/nix/substituters.nix | 16 ++++ hosts/sarien/configuration.nix | 10 +- hosts/sarien/hardware.nix | 55 ----------- hosts/sarien/hardware/default.nix | 13 +++ hosts/sarien/hardware/facter.nix | 14 +++ hosts/sarien/hardware/laptop/default.nix | 7 ++ .../sarien/hardware/laptop/home-row-mods.nix | 20 ++++ hosts/sarien/hardware/laptop/keyboard-fix.nix | 21 +++++ .../{ => hardware/laptop}/power-saving.nix | 0 .../hardware/vaapi/intel-media-driver.nix | 7 ++ hosts/sarien/networking.nix | 10 -- hosts/sarien/networking/default.nix | 9 ++ hosts/sarien/networking/host-name-id.nix | 6 ++ hosts/sarien/networking/hosts.nix | 3 + hosts/sarien/networking/network-manager.nix | 20 ++++ 55 files changed, 538 insertions(+), 405 deletions(-) delete mode 100644 hosts/dunamis/hardware.nix create mode 100644 hosts/dunamis/hardware/default.nix rename hosts/dunamis/{facter/default.nix => hardware/facter.nix} (100%) create mode 100644 hosts/dunamis/hardware/vaapi/intel-media-driver.nix delete mode 100644 hosts/dunamis/networking.nix create mode 100644 hosts/dunamis/networking/default.nix create mode 100644 hosts/dunamis/networking/host-name-id.nix create mode 100644 hosts/dunamis/networking/hosts.nix create mode 100644 hosts/dunamis/networking/network-manager.nix delete mode 100644 hosts/eldrid/boot.nix create mode 100644 hosts/eldrid/boot/default.nix create mode 100644 hosts/eldrid/boot/loader.nix delete mode 100644 hosts/eldrid/disko.nix create mode 100644 hosts/eldrid/disko/default.nix create mode 100644 hosts/eldrid/disko/disk-main.nix create mode 100644 hosts/eldrid/hardware/default.nix rename hosts/{sarien/facter/default.nix => eldrid/hardware/facter.nix} (100%) create mode 100644 hosts/eldrid/hardware/laptop/cb-audio-fix.nix rename hosts/eldrid/{hardware.nix => hardware/laptop/cb-keyboard.nix} (54%) create mode 100644 hosts/eldrid/hardware/laptop/default.nix create mode 100644 hosts/eldrid/hardware/laptop/home-row-mods.nix rename hosts/eldrid/{ => hardware/laptop}/power-saving.nix (100%) create mode 100644 hosts/eldrid/hardware/laptop/touchscreen-fix.nix create mode 100644 hosts/eldrid/hardware/vaapi/intel-media-driver.nix delete mode 100644 hosts/eldrid/minecraft.nix delete mode 100644 hosts/eldrid/networking.nix create mode 100644 hosts/eldrid/networking/default.nix create mode 100644 hosts/eldrid/networking/host-name-id.nix create mode 100644 hosts/eldrid/networking/hosts.nix create mode 100644 hosts/eldrid/networking/network-manager.nix delete mode 100644 hosts/eldrid/nix.nix create mode 100644 hosts/eldrid/nix/common.nix create mode 100644 hosts/eldrid/nix/default.nix create mode 100644 hosts/eldrid/nix/distributed-build.nix create mode 100644 hosts/eldrid/nix/ssh-serve.nix create mode 100644 hosts/eldrid/nix/substituters.nix delete mode 100644 hosts/sarien/hardware.nix create mode 100644 hosts/sarien/hardware/default.nix create mode 100644 hosts/sarien/hardware/facter.nix create mode 100644 hosts/sarien/hardware/laptop/default.nix create mode 100644 hosts/sarien/hardware/laptop/home-row-mods.nix create mode 100644 hosts/sarien/hardware/laptop/keyboard-fix.nix rename hosts/sarien/{ => hardware/laptop}/power-saving.nix (100%) create mode 100644 hosts/sarien/hardware/vaapi/intel-media-driver.nix delete mode 100644 hosts/sarien/networking.nix create mode 100644 hosts/sarien/networking/default.nix create mode 100644 hosts/sarien/networking/host-name-id.nix create mode 100644 hosts/sarien/networking/hosts.nix create mode 100644 hosts/sarien/networking/network-manager.nix diff --git a/hosts/dunamis/boot/default.nix b/hosts/dunamis/boot/default.nix index 5e541e4..c9ec005 100644 --- a/hosts/dunamis/boot/default.nix +++ b/hosts/dunamis/boot/default.nix @@ -1,6 +1,6 @@ { - pkgs, inputs, + pkgs, ... }: { imports = with inputs; @@ -12,7 +12,6 @@ ./loader.nix ]; boot = { - # kernelPackages = pkgs.linuxPackages_latest; plymouth.enable = true; consoleLogLevel = 0; kernelPackages = pkgs.linuxPackages_cachyos; @@ -33,6 +32,7 @@ ]; initrd = { systemd.enable = true; # needed for auto-unlocking with TPM + systemd.tpm2.enable = true; }; }; } diff --git a/hosts/dunamis/configuration.nix b/hosts/dunamis/configuration.nix index 1257f18..78593fe 100644 --- a/hosts/dunamis/configuration.nix +++ b/hosts/dunamis/configuration.nix @@ -1,21 +1,17 @@ -{ - inputs, - pkgs, - ... -}: { +{inputs, ...}: { imports = with inputs; [ self.nixosModules.desktop self.nixosModules.system ./boot ./disko - ./facter - ./networking.nix + ./hardware + ./minecraft.nix + ./networking ./nix ./programs.nix ./services.nix ./sops.nix ./users.nix - ./minecraft.nix ]; desktop.niri.enable = true; @@ -35,9 +31,4 @@ bluetooth.enable = true; bluetooth.enableBlueman = false; }; - hardware.graphics.extraPackages = with pkgs; [ - intel-compute-runtime - intel-media-driver - vpl-gpu-rt - ]; } diff --git a/hosts/dunamis/hardware.nix b/hosts/dunamis/hardware.nix deleted file mode 100644 index 5ddf98c..0000000 --- a/hosts/dunamis/hardware.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ - lib, - inputs, - modulesPath, - ... -}: { - imports = with inputs.nixos-hardware.nixosModules; [ - (modulesPath + "/installer/scan/not-detected.nix") - common-cpu-amd-pstate - common-gpu-intel - common-hidpi - common-pc-ssd - ]; - hardware.enableRedistributableFirmware = true; - hardware.intelgpu.vaapiDriver = "intel-media-driver"; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; -} diff --git a/hosts/dunamis/hardware/default.nix b/hosts/dunamis/hardware/default.nix new file mode 100644 index 0000000..8d6b1c6 --- /dev/null +++ b/hosts/dunamis/hardware/default.nix @@ -0,0 +1,6 @@ +{ + imports = [ + ./facter.nix + ./vaapi/intel-media-driver.nix + ]; +} diff --git a/hosts/dunamis/facter/default.nix b/hosts/dunamis/hardware/facter.nix similarity index 100% rename from hosts/dunamis/facter/default.nix rename to hosts/dunamis/hardware/facter.nix diff --git a/hosts/dunamis/hardware/vaapi/intel-media-driver.nix b/hosts/dunamis/hardware/vaapi/intel-media-driver.nix new file mode 100644 index 0000000..de3af0f --- /dev/null +++ b/hosts/dunamis/hardware/vaapi/intel-media-driver.nix @@ -0,0 +1,7 @@ +{pkgs, ...}: { + hardware.graphics.extraPackages = with pkgs; [ + intel-compute-runtime + intel-media-driver + vpl-gpu-rt + ]; +} diff --git a/hosts/dunamis/networking.nix b/hosts/dunamis/networking.nix deleted file mode 100644 index eaeaa3f..0000000 --- a/hosts/dunamis/networking.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ - networking = { - hostId = "c7f6c4a1"; - hostName = "dunamis"; - networkmanager = { - enable = true; - ethernet.macAddress = "stable"; - }; - }; -} diff --git a/hosts/dunamis/networking/default.nix b/hosts/dunamis/networking/default.nix new file mode 100644 index 0000000..b3b9990 --- /dev/null +++ b/hosts/dunamis/networking/default.nix @@ -0,0 +1,9 @@ +{ + imports = [ + ./network-manager.nix + ./host-name-id.nix + ]; + networking = { + hosts = import ./hosts.nix; + }; +} diff --git a/hosts/dunamis/networking/host-name-id.nix b/hosts/dunamis/networking/host-name-id.nix new file mode 100644 index 0000000..d6b3777 --- /dev/null +++ b/hosts/dunamis/networking/host-name-id.nix @@ -0,0 +1,6 @@ +{ + networking = { + hostId = "c7f6c4a1"; + hostName = "dunamis"; + }; +} diff --git a/hosts/dunamis/networking/hosts.nix b/hosts/dunamis/networking/hosts.nix new file mode 100644 index 0000000..e45d310 --- /dev/null +++ b/hosts/dunamis/networking/hosts.nix @@ -0,0 +1,3 @@ +{ + "192.168.1.42" = ["dunamis"]; +} diff --git a/hosts/dunamis/networking/network-manager.nix b/hosts/dunamis/networking/network-manager.nix new file mode 100644 index 0000000..cfcade4 --- /dev/null +++ b/hosts/dunamis/networking/network-manager.nix @@ -0,0 +1,7 @@ +{ + networking.networkmanager = { + enable = true; + ethernet.macAddress = "stable"; + }; + }; +} diff --git a/hosts/dunamis/programs.nix b/hosts/dunamis/programs.nix index 57f8168..036479e 100644 --- a/hosts/dunamis/programs.nix +++ b/hosts/dunamis/programs.nix @@ -6,6 +6,7 @@ programs = { fish.enable = true; mosh.enable = true; + nix-ld.enable = true; nh = { enable = true; flake = "/home/user/.config/nixos"; diff --git a/hosts/dunamis/sops.nix b/hosts/dunamis/sops.nix index 68ca709..fa19c04 100644 --- a/hosts/dunamis/sops.nix +++ b/hosts/dunamis/sops.nix @@ -4,12 +4,9 @@ ... }: let inherit (inputs) mysecrets; - hostName = - if (config.networking.hostName == "vylxae") - then "sarien" - else config.networking.hostName; - sopsFile = mysecrets + "/hosts/${hostName}.yaml"; + inherit (config.networking) hostName; dotSsh = name: "/home/user/.ssh/" + name; + sopsFile = mysecrets + "/hosts/${hostName}.yaml"; sshKey = { mode = "0400"; owner = "user"; diff --git a/hosts/eldrid/boot.nix b/hosts/eldrid/boot.nix deleted file mode 100644 index a9aac5e..0000000 --- a/hosts/eldrid/boot.nix +++ /dev/null @@ -1,36 +0,0 @@ -{ - pkgs, - config, - inputs, - ... -}: { - imports = with inputs; [ - chaotic.nixosModules.default - lanzaboote.nixosModules.lanzaboote - ]; - boot = { - # kernelPackages = pkgs.linuxPackages_latest; - kernelPackages = pkgs.linuxPackages_cachyos; - loader.efi.canTouchEfiVariables = true; - loader.systemd-boot = { - enable = !config.boot.lanzaboote.enable; - consoleMode = "auto"; - }; - plymouth.enable = true; - initrd = { - availableKernelModules = ["ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" "xe" "i915"]; - kernelModules = []; - }; - kernelModules = ["kvm-intel"]; - extraModulePackages = []; - lanzaboote = { - enable = true; - pkiBundle = "/var/lib/sbctl"; - }; - }; - console = { - earlySetup = true; - packages = [pkgs.terminus_font]; - font = "${pkgs.terminus_font}/share/consolefonts/ter-c18n.psf.gz"; - }; -} diff --git a/hosts/eldrid/boot/default.nix b/hosts/eldrid/boot/default.nix new file mode 100644 index 0000000..86f5df8 --- /dev/null +++ b/hosts/eldrid/boot/default.nix @@ -0,0 +1,39 @@ +{ + pkgs, + inputs, + ... +}: { + imports = with inputs; + [ + chaotic.nixosModules.default + lanzaboote.nixosModules.lanzaboote + ] + ++ [ + ./loader.nix + ]; + boot = { + # kernelPackages = pkgs.linuxPackages_latest; + plymouth.enable = true; + consoleLogLevel = 0; + kernelPackages = pkgs.linuxPackages_cachyos; + kernelParams = [ + "amd_iommu=force_isolation" + "debugfs=off" + "efi=disable_early_pci_dma" + "gather_data_sampling=force" + "intel_iommu=on" + "iommu.passthrough=0" + "iommu.strict=1" + "iommu=force" + "page_alloc.shuffle=1" + "vsyscall=none" + # "ia32_emulation=0" + # "lockdown=confidentiality" + # "module.sig_enforce=1" + ]; + initrd = { + systemd.enable = true; # needed for auto-unlocking with TPM + systemd.tpm2.enable = false; # no TPM + }; + }; +} diff --git a/hosts/eldrid/boot/loader.nix b/hosts/eldrid/boot/loader.nix new file mode 100644 index 0000000..7cd9220 --- /dev/null +++ b/hosts/eldrid/boot/loader.nix @@ -0,0 +1,15 @@ +{config, ...}: { + boot = { + lanzaboote = { + enable = false; + pkiBundle = "/var/lib/sbctl"; + }; + loader = { + efi.canTouchEfiVariables = true; + systemd-boot = { + enable = !config.boot.lanzaboote.enable; + consoleMode = "auto"; + }; + }; + }; +} diff --git a/hosts/eldrid/configuration.nix b/hosts/eldrid/configuration.nix index ece214f..7aca6ac 100644 --- a/hosts/eldrid/configuration.nix +++ b/hosts/eldrid/configuration.nix @@ -2,12 +2,11 @@ imports = with inputs; [ self.nixosModules.desktop self.nixosModules.system - ./boot.nix - ./disko.nix - ./hardware.nix + ./boot + ./disko + ./hardware ./networking.nix - ./nix.nix - ./power-saving.nix + ./nix ../dunamis/programs.nix ./services.nix ./sops.nix @@ -23,10 +22,6 @@ theme = "nord"; }; - opentabletdriver.enable = false; - - # qmk-vial.enable = true; - security.basic.enable = true; system.stateVersion = "25.05"; @@ -41,10 +36,4 @@ time.timeZone = "Europe/Kyiv"; # virtual.libvirt.enable = true; - - # wireless = { - # wifi.enable = true; - # bluetooth.enable = true; - # bluetooth.enableBlueman = true; - # }; } diff --git a/hosts/eldrid/disko.nix b/hosts/eldrid/disko.nix deleted file mode 100644 index 8099e68..0000000 --- a/hosts/eldrid/disko.nix +++ /dev/null @@ -1,94 +0,0 @@ -{inputs, ...}: { - imports = with inputs; [ - disko.nixosModules.disko - ]; - disko.devices.nodev = { - "/tmp" = { - fsType = "tmpfs"; - mountOptions = ["rw" "nosuid" "nodev"]; - }; - }; - disko.devices.disk.main = { - type = "disk"; - device = "/dev/nvme0n1"; - content = { - type = "gpt"; - partitions = { - ESP = { - size = "1G"; - type = "EF00"; - content = { - type = "filesystem"; - format = "vfat"; - mountpoint = "/boot"; - mountOptions = [ - "umask=0077" - "fmask=0022" - "dmask=0022" - "noexec" - ]; - }; - }; - luks = { - size = "100%"; - content = { - type = "luks"; - name = "lukscrypted"; - initrdUnlock = true; - settings.allowDiscards = true; - content = { - type = "btrfs"; - extraArgs = ["-f"]; - subvolumes = { - "@nixos" = { - mountpoint = "/"; - mountOptions = [ - "compress=zstd" - "noatime" - # "noexec" - ]; - }; - "@home" = { - mountpoint = "/home"; - mountOptions = [ - "compress=zstd" - "noatime" - ]; - }; - "@flatpak" = { - mountpoint = "/var/lib/flatpak"; - mountOptions = [ - "compress=zstd" - "noatime" - ]; - }; - "@storage" = { - mountpoint = "/storage"; - mountOptions = [ - "compress=zstd" - "noatime" - ]; - }; - "@swap" = { - mountpoint = "/swap"; - mountOptions = [ - "compress=zstd" - "noatime" - # "noexec" - ]; - }; - # "@nix" = { - # mountpoint = "/nix"; - # mountOptions = [ - # "compress=zstd" - # "noatime" - # ]; - # }; - }; - }; - }; - }; - }; - }; - }; -} diff --git a/hosts/eldrid/disko/default.nix b/hosts/eldrid/disko/default.nix new file mode 100644 index 0000000..aa8982a --- /dev/null +++ b/hosts/eldrid/disko/default.nix @@ -0,0 +1,14 @@ +{inputs, ...}: let + disk = "/dev/nvme0n1"; +in { + imports = with inputs; [ + disko.nixosModules.disko + ]; + disko.devices.nodev = { + "/tmp" = { + fsType = "tmpfs"; + mountOptions = ["rw" "nosuid" "nodev"]; + }; + }; + disko.devices.disk.main = import ./disk-main.nix {inherit disk;}; +} diff --git a/hosts/eldrid/disko/disk-main.nix b/hosts/eldrid/disko/disk-main.nix new file mode 100644 index 0000000..b4a41b1 --- /dev/null +++ b/hosts/eldrid/disko/disk-main.nix @@ -0,0 +1,85 @@ +{disk, ...}: { + type = "disk"; + device = disk; + content = { + type = "gpt"; + partitions = { + ESP = { + size = "1G"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = [ + "umask=0077" + "fmask=0022" + "dmask=0022" + "noexec" + "nosuid" + "nodev" + ]; + }; + }; + luks = { + size = "100%"; + content = { + type = "luks"; + name = "luks-main"; + initrdUnlock = true; + settings.allowDiscards = true; + content = { + type = "btrfs"; + extraArgs = ["-f"]; + subvolumes = { + "@nixos" = { + mountpoint = "/"; + mountOptions = [ + "compress=zstd" + "noatime" + # "noexec" + ]; + }; + "@home" = { + mountpoint = "/home"; + mountOptions = [ + "compress=zstd" + "noatime" + ]; + }; + "@flatpak" = { + mountpoint = "/var/lib/flatpak"; + mountOptions = [ + "compress=zstd" + "noatime" + ]; + }; + "@storage" = { + mountpoint = "/storage"; + mountOptions = [ + "compress=zstd" + "noatime" + ]; + }; + "@swap" = { + mountpoint = "/swap"; + mountOptions = [ + "compress=zstd" + "noatime" + # "noexec" + ]; + }; + # "@nix" = { + # mountpoint = "/nix"; + # mountOptions = [ + # "compress=zstd" + # "noatime" + # ]; + # }; + }; + }; + }; + }; + }; + }; +} diff --git a/hosts/eldrid/hardware/default.nix b/hosts/eldrid/hardware/default.nix new file mode 100644 index 0000000..1e51875 --- /dev/null +++ b/hosts/eldrid/hardware/default.nix @@ -0,0 +1,13 @@ +{ + imports = [ + ./facter.nix + ./laptop + ./vaapi/intel-media-driver.nix + ]; + services = { + logind = { + lidSwitch = "ignore"; + powerKey = "suspend"; + }; + }; +} diff --git a/hosts/sarien/facter/default.nix b/hosts/eldrid/hardware/facter.nix similarity index 100% rename from hosts/sarien/facter/default.nix rename to hosts/eldrid/hardware/facter.nix diff --git a/hosts/eldrid/hardware/laptop/cb-audio-fix.nix b/hosts/eldrid/hardware/laptop/cb-audio-fix.nix new file mode 100644 index 0000000..61a16a6 --- /dev/null +++ b/hosts/eldrid/hardware/laptop/cb-audio-fix.nix @@ -0,0 +1,46 @@ +{pkgs, ...}: let + cb-ucm-conf = pkgs.alsa-ucm-conf.overrideAttrs { + wttsrc = pkgs.fetchFromGitHub { + owner = "WeirdTreeThing"; + repo = "chromebook-ucm-conf"; + rev = "b6ce2a7"; + hash = "sha256-QRUKHd3RQmg1tnZU8KCW0AmDtfw/daOJ/H3XU5qWTCc="; + }; + postInstall = '' + cp -R $wttsrc/common/* $out/share/alsa/ucm2/common + cp -R $wttsrc/codecs/* $out/share/alsa/ucm2/codecs + cp -R $wttsrc/platforms/* $out/share/alsa/ucm2/platforms + cp -R $wttsrc/sof-rt5682 $out/share/alsa/ucm2/conf.d + cp -R $wttsrc/sof-cs42l42 $out/share/alsa/ucm2/conf.d + ''; + }; +in { + system.replaceDependencies.replacements = [ + { + original = pkgs.alsa-ucm-conf; + replacement = cb-ucm-conf; + } + ]; + + services.pipewire.wireplumber.configPackages = [ + (pkgs.writeTextDir "share/wireplumber/main.lua.d/51-increase-headroom.lua" '' + rule = { + matches = { + { + { "node.name", "matches", "alsa_output.*" }, + }, + }, + apply_properties = { + ["api.alsa.headroom"] = 4096, + }, + } + + table.insert(alsa_monitor.rules,rule) + '') + ]; + boot = { + extraModprobeConfig = '' + options snd-intel-dspcfg dsp_driver=3 + ''; + }; +} diff --git a/hosts/eldrid/hardware.nix b/hosts/eldrid/hardware/laptop/cb-keyboard.nix similarity index 54% rename from hosts/eldrid/hardware.nix rename to hosts/eldrid/hardware/laptop/cb-keyboard.nix index 13c2c6a..ebf9e1d 100644 --- a/hosts/eldrid/hardware.nix +++ b/hosts/eldrid/hardware/laptop/cb-keyboard.nix @@ -1,50 +1,4 @@ { - config, - lib, - pkgs, - # modulesPath, - ... -}: let - cb-ucm-conf = pkgs.alsa-ucm-conf.overrideAttrs { - wttsrc = pkgs.fetchFromGitHub { - owner = "WeirdTreeThing"; - repo = "chromebook-ucm-conf"; - rev = "b6ce2a7"; - hash = "sha256-QRUKHd3RQmg1tnZU8KCW0AmDtfw/daOJ/H3XU5qWTCc="; - }; - postInstall = '' - cp -R $wttsrc/common/* $out/share/alsa/ucm2/common - cp -R $wttsrc/codecs/* $out/share/alsa/ucm2/codecs - cp -R $wttsrc/platforms/* $out/share/alsa/ucm2/platforms - cp -R $wttsrc/sof-rt5682 $out/share/alsa/ucm2/conf.d - cp -R $wttsrc/sof-cs42l42 $out/share/alsa/ucm2/conf.d - ''; - }; -in { - hardware.graphics = { - enable = true; - extraPackages = with pkgs; [ - intel-media-driver - vaapiIntel - vpl-gpu-rt - ]; - }; - - # intel ax201 wifi card firmware - hardware.enableRedistributableFirmware = true; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - - services = { - logind = { - lidSwitch = "ignore"; - powerKey = "suspend"; - }; - }; - - # physically broken touchscreen - services.udev.extraRules = "ACTION==\"add|change\", KERNELS==\"input[0-9]*\", SUBSYSTEMS==\"input\", ATTRS{id/vendor}==\"27c6\", ATTRS{id/product}==\"0e84\", ENV{LIBINPUT_IGNORE_DEVICE}=\"1\""; - services.keyd = { enable = true; keyboards.internal = { @@ -137,33 +91,4 @@ in { }; }; }; - - system.replaceDependencies.replacements = [ - { - original = pkgs.alsa-ucm-conf; - replacement = cb-ucm-conf; - } - ]; - - services.pipewire.wireplumber.configPackages = [ - (pkgs.writeTextDir "share/wireplumber/main.lua.d/51-increase-headroom.lua" '' - rule = { - matches = { - { - { "node.name", "matches", "alsa_output.*" }, - }, - }, - apply_properties = { - ["api.alsa.headroom"] = 4096, - }, - } - - table.insert(alsa_monitor.rules,rule) - '') - ]; - boot = { - extraModprobeConfig = '' - options snd-intel-dspcfg dsp_driver=3 - ''; - }; } diff --git a/hosts/eldrid/hardware/laptop/default.nix b/hosts/eldrid/hardware/laptop/default.nix new file mode 100644 index 0000000..f98c8f4 --- /dev/null +++ b/hosts/eldrid/hardware/laptop/default.nix @@ -0,0 +1,9 @@ +{ + imports = [ + ./cb-audio-fix.nix + ./cb-keyboard.nix + ./home-row-mods.nix + ./power-saving.nix + ./touchscreen-fix.nix + ]; +} diff --git a/hosts/eldrid/hardware/laptop/home-row-mods.nix b/hosts/eldrid/hardware/laptop/home-row-mods.nix new file mode 100644 index 0000000..20b7ae2 --- /dev/null +++ b/hosts/eldrid/hardware/laptop/home-row-mods.nix @@ -0,0 +1,20 @@ +{ + services.keyd = { + enable = true; + keyboards = { + default = { + ids = ["0001:0001"]; + settings.main = { + a = "lettermod(alt, a, 200, 150)"; + s = "lettermod(meta, s, 200, 150)"; + d = "lettermod(control, d, 200, 150)"; + f = "lettermod(shift, f, 200, 150)"; + j = "lettermod(shift, j, 200, 150)"; + k = "lettermod(control, k, 200, 150)"; + l = "lettermod(meta, l, 200, 150)"; + ";" = "lettermod(alt, ;, 200, 150)"; + }; + }; + }; + }; +} diff --git a/hosts/eldrid/power-saving.nix b/hosts/eldrid/hardware/laptop/power-saving.nix similarity index 100% rename from hosts/eldrid/power-saving.nix rename to hosts/eldrid/hardware/laptop/power-saving.nix diff --git a/hosts/eldrid/hardware/laptop/touchscreen-fix.nix b/hosts/eldrid/hardware/laptop/touchscreen-fix.nix new file mode 100644 index 0000000..feb4471 --- /dev/null +++ b/hosts/eldrid/hardware/laptop/touchscreen-fix.nix @@ -0,0 +1,3 @@ +{ + services.udev.extraRules = "ACTION==\"add|change\", KERNELS==\"input[0-9]*\", SUBSYSTEMS==\"input\", ATTRS{id/vendor}==\"27c6\", ATTRS{id/product}==\"0e84\", ENV{LIBINPUT_IGNORE_DEVICE}=\"1\""; +} diff --git a/hosts/eldrid/hardware/vaapi/intel-media-driver.nix b/hosts/eldrid/hardware/vaapi/intel-media-driver.nix new file mode 100644 index 0000000..de3af0f --- /dev/null +++ b/hosts/eldrid/hardware/vaapi/intel-media-driver.nix @@ -0,0 +1,7 @@ +{pkgs, ...}: { + hardware.graphics.extraPackages = with pkgs; [ + intel-compute-runtime + intel-media-driver + vpl-gpu-rt + ]; +} diff --git a/hosts/eldrid/minecraft.nix b/hosts/eldrid/minecraft.nix deleted file mode 100644 index 41e7258..0000000 --- a/hosts/eldrid/minecraft.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ - networking.firewall.allowedTCPPorts = [25565]; - networking.firewall.allowedUDPPorts = [25565]; - virtualisation.oci-containers = { - backend = "podman"; - containers.minecraft = { - image = "docker.io/itzg/minecraft-server:java17-alpine"; - volumes = ["/storage/minecraft:/data"]; - ports = ["25565:25565"]; - environment = { - DIFFICULTY = "easy"; - EULA = "true"; - GUI = "false"; - INIT_MEMORY = "6G"; - MAX_MEMORY = "6G"; - ONLINE_MODE = "false"; - TYPE = "forge"; - VERSION = "1.20.1"; - VIEW_DISTANCE = "8"; - }; - }; - }; -} diff --git a/hosts/eldrid/networking.nix b/hosts/eldrid/networking.nix deleted file mode 100644 index 3ae7ae8..0000000 --- a/hosts/eldrid/networking.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ - networking = { - networkmanager.enable = true; - hostName = "eldrid"; - hosts = { - "192.168.1.42" = ["dunamis"]; - }; - }; -} diff --git a/hosts/eldrid/networking/default.nix b/hosts/eldrid/networking/default.nix new file mode 100644 index 0000000..b3b9990 --- /dev/null +++ b/hosts/eldrid/networking/default.nix @@ -0,0 +1,9 @@ +{ + imports = [ + ./network-manager.nix + ./host-name-id.nix + ]; + networking = { + hosts = import ./hosts.nix; + }; +} diff --git a/hosts/eldrid/networking/host-name-id.nix b/hosts/eldrid/networking/host-name-id.nix new file mode 100644 index 0000000..7652ab0 --- /dev/null +++ b/hosts/eldrid/networking/host-name-id.nix @@ -0,0 +1,6 @@ +{ + networking = { + # hostId = ""; + hostName = "eldrid"; + }; +} diff --git a/hosts/eldrid/networking/hosts.nix b/hosts/eldrid/networking/hosts.nix new file mode 100644 index 0000000..e45d310 --- /dev/null +++ b/hosts/eldrid/networking/hosts.nix @@ -0,0 +1,3 @@ +{ + "192.168.1.42" = ["dunamis"]; +} diff --git a/hosts/eldrid/networking/network-manager.nix b/hosts/eldrid/networking/network-manager.nix new file mode 100644 index 0000000..7906860 --- /dev/null +++ b/hosts/eldrid/networking/network-manager.nix @@ -0,0 +1,20 @@ +{ + networking = { + networkmanager = { + enable = true; + ethernet.macAddress = "stable"; + networkmanager.wifi = { + backend = "iwd"; + macAddress = "random"; + scanRandMacAddress = true; + }; + }; + wireless.iwd = { + enable = true; + settings = { + General.AddressRandomization = "network"; + Settings.AlwaysRandomizeAddress = true; + }; + }; + }; +} diff --git a/hosts/eldrid/nix.nix b/hosts/eldrid/nix.nix deleted file mode 100644 index f37b92e..0000000 --- a/hosts/eldrid/nix.nix +++ /dev/null @@ -1,35 +0,0 @@ -# TODO: better file name -{ - config, - inputs, - pkgs, - ... -}: let - hostName = - if (config.networking.hostName == "vylxae") - then "sarien" - else config.networking.hostName; - inherit (config.sops) secrets; - inherit (inputs) mysecrets; -in { - nix = { - package = pkgs.lix; - channel.enable = false; - daemonCPUSchedPolicy = "idle"; - settings = { - experimental-features = ["nix-command" "flakes"]; - builders-use-substitutes = true; - }; - distributedBuilds = true; - buildMachines = [ - { - hostName = "dunamis"; - sshUser = "nix-ssh"; - system = "x86_64-linux"; - sshKey = secrets."ssh-${hostName}-user".path; - supportedFeatures = ["nixos-test" "big-parallel" "kvm" "benchmark"]; - publicHostKey = builtins.readFile "${mysecrets}/ssh/ssh_host_ed25519_dunamis.base64"; - } - ]; - }; -} diff --git a/hosts/eldrid/nix/common.nix b/hosts/eldrid/nix/common.nix new file mode 100644 index 0000000..b435541 --- /dev/null +++ b/hosts/eldrid/nix/common.nix @@ -0,0 +1,11 @@ +{pkgs, ...}: { + nix = { + package = pkgs.lixPackageSets.latest.lix; + channel.enable = false; + daemonCPUSchedPolicy = "idle"; + settings = { + experimental-features = ["nix-command" "flakes"]; + builders-use-substitutes = true; + }; + }; +} diff --git a/hosts/eldrid/nix/default.nix b/hosts/eldrid/nix/default.nix new file mode 100644 index 0000000..1042b61 --- /dev/null +++ b/hosts/eldrid/nix/default.nix @@ -0,0 +1,7 @@ +{ + imports = [ + ./common.nix + ./substituters.nix + ./distributed-build.nix + ]; +} diff --git a/hosts/eldrid/nix/distributed-build.nix b/hosts/eldrid/nix/distributed-build.nix new file mode 100644 index 0000000..b093581 --- /dev/null +++ b/hosts/eldrid/nix/distributed-build.nix @@ -0,0 +1,30 @@ +{ + config, + inputs, + ... +}: let + inherit (builtins) readFile; + inherit (config.networking) hostName; + inherit (config.sops) secrets; + inherit (inputs) mysecrets; + pubHost = readFile "${mysecrets}/ssh/ssh_host_ed25519_dunamis.base64"; +in { + nix = { + distributedBuilds = true; + buildMachines = [ + { + hostName = "dunamis"; + publicHostKey = pubHost; + sshKey = secrets."ssh-${hostName}-user".path; + sshUser = "nix-ssh"; + supportedFeatures = [ + "benchmark" + "big-parallel" + "kvm" + "nixos-test" + ]; + system = "x86_64-linux"; + } + ]; + }; +} diff --git a/hosts/eldrid/nix/ssh-serve.nix b/hosts/eldrid/nix/ssh-serve.nix new file mode 100644 index 0000000..a730ef0 --- /dev/null +++ b/hosts/eldrid/nix/ssh-serve.nix @@ -0,0 +1,10 @@ +{config, ...}: let + inherit (builtins) readFile; + inherit (config.users.users) user; +in { + nix.sshServe = { + enable = true; + write = true; + keys = map (f: readFile f) user.openssh.authorizedKeys.keyFiles; + }; +} diff --git a/hosts/eldrid/nix/substituters.nix b/hosts/eldrid/nix/substituters.nix new file mode 100644 index 0000000..fd4d5c1 --- /dev/null +++ b/hosts/eldrid/nix/substituters.nix @@ -0,0 +1,16 @@ +{ + nix.settings = { + substituters = [ + "https://cache.nixos.org/" + "https://chaotic-nyx.cachix.org/" + "https://cosmic.cachix.org/" + "https://nix-community.cachix.org/" + ]; + trusted-public-keys = [ + "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" + "chaotic-nyx.cachix.org-1:HfnXSw4pj95iI/n17rIDy40agHj12WfF+Gqk6SonIT8=" + "cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE=" + "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" + ]; + }; +} diff --git a/hosts/sarien/configuration.nix b/hosts/sarien/configuration.nix index 9c21855..95bd206 100644 --- a/hosts/sarien/configuration.nix +++ b/hosts/sarien/configuration.nix @@ -8,14 +8,12 @@ self.nixosModules.system ./boot ./disko - ./facter - ./hardware.nix - ./networking.nix + ./hardware + ./networking ./nix - ./power-saving.nix ../dunamis/programs.nix - ./services.nix - ./sops.nix + ../dunamis/services.nix + ../dunamis/sops.nix ./users.nix ]; diff --git a/hosts/sarien/hardware.nix b/hosts/sarien/hardware.nix deleted file mode 100644 index e1aad9d..0000000 --- a/hosts/sarien/hardware.nix +++ /dev/null @@ -1,55 +0,0 @@ -{ - lib, - inputs, - modulesPath, - ... -}: { - # imports = with inputs.nixos-hardware.nixosModules; [ - # (modulesPath + "/installer/scan/not-detected.nix") - # common-cpu-intel - # common-gpu-intel-kaby-lake - # common-hidpi - # common-pc-laptop-ssd - # ]; - # nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - # hardware.enableRedistributableFirmware = true; - - services = { - logind = { - lidSwitch = "ignore"; - powerKey = "suspend"; - }; - - udev.extraHwdb = '' - evdev:input:b0011v0001p0001eAB83* - KEYBOARD_KEY_d5=sysrq - KEYBOARD_KEY_d4=leftmeta - KEYBOARD_KEY_95=brightnessdown - KEYBOARD_KEY_91=brightnessup - ''; - - keyd = { - enable = true; - keyboards = { - default = { - ids = ["0001:0001"]; - settings = { - main = { - camera = "brightnessdown"; - prog1 = "brightnessup"; - # home row mods - a = "lettermod(alt, a, 200, 150)"; - s = "lettermod(meta, s, 200, 150)"; - d = "lettermod(control, d, 200, 150)"; - f = "lettermod(shift, f, 200, 150)"; - j = "lettermod(shift, j, 200, 150)"; - k = "lettermod(control, k, 200, 150)"; - l = "lettermod(meta, l, 200, 150)"; - ";" = "lettermod(alt, ;, 200, 150)"; - }; - }; - }; - }; - }; - }; -} diff --git a/hosts/sarien/hardware/default.nix b/hosts/sarien/hardware/default.nix new file mode 100644 index 0000000..1e51875 --- /dev/null +++ b/hosts/sarien/hardware/default.nix @@ -0,0 +1,13 @@ +{ + imports = [ + ./facter.nix + ./laptop + ./vaapi/intel-media-driver.nix + ]; + services = { + logind = { + lidSwitch = "ignore"; + powerKey = "suspend"; + }; + }; +} diff --git a/hosts/sarien/hardware/facter.nix b/hosts/sarien/hardware/facter.nix new file mode 100644 index 0000000..38bc812 --- /dev/null +++ b/hosts/sarien/hardware/facter.nix @@ -0,0 +1,14 @@ +{ + config, + inputs, + ... +}: let + inherit (inputs) mysecrets; + inherit (config.networking) hostName; +in { + imports = with inputs; [ + nixos-facter-modules.nixosModules.facter + ]; + facter.reportPath = "${mysecrets}/facter/${hostName}.json"; + systemd.network.wait-online.enable = false; +} diff --git a/hosts/sarien/hardware/laptop/default.nix b/hosts/sarien/hardware/laptop/default.nix new file mode 100644 index 0000000..a6a9df4 --- /dev/null +++ b/hosts/sarien/hardware/laptop/default.nix @@ -0,0 +1,7 @@ +{ + imports = [ + ./home-row-mods.nix + ./keyboard-fix.nix + ./power-saving.nix + ]; +} diff --git a/hosts/sarien/hardware/laptop/home-row-mods.nix b/hosts/sarien/hardware/laptop/home-row-mods.nix new file mode 100644 index 0000000..20b7ae2 --- /dev/null +++ b/hosts/sarien/hardware/laptop/home-row-mods.nix @@ -0,0 +1,20 @@ +{ + services.keyd = { + enable = true; + keyboards = { + default = { + ids = ["0001:0001"]; + settings.main = { + a = "lettermod(alt, a, 200, 150)"; + s = "lettermod(meta, s, 200, 150)"; + d = "lettermod(control, d, 200, 150)"; + f = "lettermod(shift, f, 200, 150)"; + j = "lettermod(shift, j, 200, 150)"; + k = "lettermod(control, k, 200, 150)"; + l = "lettermod(meta, l, 200, 150)"; + ";" = "lettermod(alt, ;, 200, 150)"; + }; + }; + }; + }; +} diff --git a/hosts/sarien/hardware/laptop/keyboard-fix.nix b/hosts/sarien/hardware/laptop/keyboard-fix.nix new file mode 100644 index 0000000..d8119fd --- /dev/null +++ b/hosts/sarien/hardware/laptop/keyboard-fix.nix @@ -0,0 +1,21 @@ +{ + services = { + udev.extraHwdb = '' + evdev:input:b0011v0001p0001eAB83* + KEYBOARD_KEY_d5=sysrq + KEYBOARD_KEY_d4=leftmeta + KEYBOARD_KEY_95=brightnessdown + KEYBOARD_KEY_91=brightnessup + ''; + keyd = { + enable = true; + keyboards.default = { + ids = ["0001:0001"]; + settings.main = { + camera = "brightnessdown"; + prog1 = "brightnessup"; + }; + }; + }; + }; +} diff --git a/hosts/sarien/power-saving.nix b/hosts/sarien/hardware/laptop/power-saving.nix similarity index 100% rename from hosts/sarien/power-saving.nix rename to hosts/sarien/hardware/laptop/power-saving.nix diff --git a/hosts/sarien/hardware/vaapi/intel-media-driver.nix b/hosts/sarien/hardware/vaapi/intel-media-driver.nix new file mode 100644 index 0000000..de3af0f --- /dev/null +++ b/hosts/sarien/hardware/vaapi/intel-media-driver.nix @@ -0,0 +1,7 @@ +{pkgs, ...}: { + hardware.graphics.extraPackages = with pkgs; [ + intel-compute-runtime + intel-media-driver + vpl-gpu-rt + ]; +} diff --git a/hosts/sarien/networking.nix b/hosts/sarien/networking.nix deleted file mode 100644 index b36d200..0000000 --- a/hosts/sarien/networking.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ - networking = { - networkmanager.enable = true; - hostId = "31150fae"; - hostName = "sarien"; - hosts = { - "192.168.1.42" = ["dunamis"]; - }; - }; -} diff --git a/hosts/sarien/networking/default.nix b/hosts/sarien/networking/default.nix new file mode 100644 index 0000000..b3b9990 --- /dev/null +++ b/hosts/sarien/networking/default.nix @@ -0,0 +1,9 @@ +{ + imports = [ + ./network-manager.nix + ./host-name-id.nix + ]; + networking = { + hosts = import ./hosts.nix; + }; +} diff --git a/hosts/sarien/networking/host-name-id.nix b/hosts/sarien/networking/host-name-id.nix new file mode 100644 index 0000000..2e958c8 --- /dev/null +++ b/hosts/sarien/networking/host-name-id.nix @@ -0,0 +1,6 @@ +{ + networking = { + hostId = "31150fae"; + hostName = "sarien"; + }; +} diff --git a/hosts/sarien/networking/hosts.nix b/hosts/sarien/networking/hosts.nix new file mode 100644 index 0000000..e45d310 --- /dev/null +++ b/hosts/sarien/networking/hosts.nix @@ -0,0 +1,3 @@ +{ + "192.168.1.42" = ["dunamis"]; +} diff --git a/hosts/sarien/networking/network-manager.nix b/hosts/sarien/networking/network-manager.nix new file mode 100644 index 0000000..7906860 --- /dev/null +++ b/hosts/sarien/networking/network-manager.nix @@ -0,0 +1,20 @@ +{ + networking = { + networkmanager = { + enable = true; + ethernet.macAddress = "stable"; + networkmanager.wifi = { + backend = "iwd"; + macAddress = "random"; + scanRandMacAddress = true; + }; + }; + wireless.iwd = { + enable = true; + settings = { + General.AddressRandomization = "network"; + Settings.AlwaysRandomizeAddress = true; + }; + }; + }; +}