From 0a1e17995fb6e77d99b9ecf48fc9bb9978532aa9 Mon Sep 17 00:00:00 2001 From: Kabbone Date: Mon, 15 Jul 2024 21:24:50 +0200 Subject: [PATCH] rename laptop to nbf5 add lifebook --- hosts/default.nix | 30 ++- hosts/{laptop => lifebook}/default.nix | 0 hosts/lifebook/hardware-configuration.nix | 183 ++++++++++++++++++ hosts/{laptop => lifebook}/home.nix | 0 hosts/nbf5/default.nix | 97 ++++++++++ .../hardware-configuration.nix | 0 hosts/nbf5/home.nix | 57 ++++++ 7 files changed, 363 insertions(+), 4 deletions(-) rename hosts/{laptop => lifebook}/default.nix (100%) create mode 100644 hosts/lifebook/hardware-configuration.nix rename hosts/{laptop => lifebook}/home.nix (100%) create mode 100644 hosts/nbf5/default.nix rename hosts/{laptop => nbf5}/hardware-configuration.nix (100%) create mode 100644 hosts/nbf5/home.nix diff --git a/hosts/default.nix b/hosts/default.nix index f4cd09f..0335e1d 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -58,12 +58,12 @@ in ]; }; - laptop = lib.nixosSystem { # Laptop profile + lifebook = lib.nixosSystem { # Laptop profile inherit system; - specialArgs = { inherit inputs user location nixos-hardware agenix; }; + specialArgs = { inherit inputs user location nixos-hardware agenix lanzaboote; }; modules = [ agenix.nixosModules.default - ./laptop + ./lifebook ./configuration_desktop.nix ../modules/hardware/hydraCache.nix nixos-hardware.nixosModules.common-cpu-intel @@ -74,7 +74,29 @@ in home-manager.useUserPackages = true; home-manager.extraSpecialArgs = { inherit user; }; home-manager.users.${user} = { - imports = [(import ./home.nix)] ++ [(import ./laptop/home.nix)]; + imports = [(import ./home.nix)] ++ [(import ./lifebook/home.nix)]; + }; + } + ]; + }; + + nbf5 = lib.nixosSystem { # Laptop profile + inherit system; + specialArgs = { inherit inputs user location nixos-hardware agenix; }; + modules = [ + agenix.nixosModules.default + ./nbf5 + ./configuration_desktop.nix + ../modules/hardware/hydraCache.nix + nixos-hardware.nixosModules.common-cpu-intel + nixos-hardware.nixosModules.common-pc-ssd + + home-manager.nixosModules.home-manager { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.extraSpecialArgs = { inherit user; }; + home-manager.users.${user} = { + imports = [(import ./home.nix)] ++ [(import ./nbf5/home.nix)]; }; } ]; diff --git a/hosts/laptop/default.nix b/hosts/lifebook/default.nix similarity index 100% rename from hosts/laptop/default.nix rename to hosts/lifebook/default.nix diff --git a/hosts/lifebook/hardware-configuration.nix b/hosts/lifebook/hardware-configuration.nix new file mode 100644 index 0000000..0705a70 --- /dev/null +++ b/hosts/lifebook/hardware-configuration.nix @@ -0,0 +1,183 @@ +# +# Hardware settings for Teclast F5 10" Laptop +# NixOS @ sda2 +# +# flake.nix +# └─ ./hosts +# └─ ./laptop +# └─ hardware-configuration.nix * +# +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix")] ++ + [( import ../../modules/hardware/backup.nix )]; + + boot = { + initrd = { + availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" ]; + kernelModules = [ "i915" "kvm_intel" "vfio_pci" "vfio" "vfio_iommu_type1" ]; + systemd.enable = true; + luks = { + devices."crypted" = { + device = "/dev/disk/by-partlabel/disk-nvme0n1-luks"; + allowDiscards = true; + bypassWorkqueues = true; + }; + }; + }; + + kernelModules = [ "kvm-intel" ]; + kernelParams = [ "luks.options=fido2-device=auto" ]; + extraModprobeConfig = '' + options i915 enable_guc=3 enable_fbc=1 fastboot=1 + ''; + tmp.useTmpfs = false; + tmp.cleanOnBoot = true; + }; + + zramSwap.enable = true; + + services = { + btrfs.autoScrub = { + enable = true; + interval = "monthly"; + fileSystems = [ + "/" + ]; + }; + udev.extraRules = '' + ACTION=="add", SUBSYSTEM=="block", KERNEL=="mmcblk[0-9]p[0-9]", ENV{ID_FS_USAGE}=="filesystem", RUN{program}+="${pkgs.systemd}/bin/systemd-mount -o noatime,compress-force=zstd:15,ssd_spread,commit=120 --no-block --automount=yes --collect $devnode /run/media/mmcblk0p1" + ''; + + btrbk = { + instances = { + hf = { + onCalendar = "hourly"; + settings = { + incremental = "yes"; + snapshot_create = "ondemand"; + snapshot_dir = "@snapshots"; + timestamp_format = "long"; + + snapshot_preserve = "2m 2w 5d 5h"; + snapshot_preserve_min = "latest"; + + volume = { + "/mnt/snapshots/root" = { + snapshot_create = "always"; + subvolume = { + "@home" = {}; + }; + }; + }; + }; + }; + }; + }; + }; + + fileSystems."/" = + { device = "/dev/mapper/crypted"; + fsType = "btrfs"; + options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@,discard=async" ]; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-label/NIXBOOT"; + fsType = "vfat"; + }; + + fileSystems."/home" = + { device = "/dev/mapper/crypted"; + fsType = "btrfs"; + options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@home,discard=async" ]; + }; + + fileSystems."/nix" = + { device = "/dev/mapper/crypted"; + fsType = "btrfs"; + options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@nix,discard=async" ]; + }; + + fileSystems."/srv" = + { device = "/dev/mapper/crypted"; + fsType = "btrfs"; + options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@srv,discard=async" ]; + }; + + fileSystems."/swap" = + { device = "/dev/mapper/crypted"; + fsType = "btrfs"; + options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@swap,discard=async" ]; + }; + + fileSystems."/opt" = + { device = "/dev/mapper/crypted"; + fsType = "btrfs"; + options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@opt,discard=async" ]; + }; + + fileSystems."/mnt/snapshots/root" = + { device = "/dev/mapper/crypted"; + fsType = "btrfs"; + options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvolid=5,discard=async" ]; + }; + + + fileSystems."/mnt/Pluto" = + { device = "jupiter:/Pluto"; + fsType = "nfs"; + options = [ "nofail,noauto,users,x-systemd.automount,x-systemd.device-timeout=10,soft,timeo=14,x-systemd.idle-timeout=1min,sec=sys,exec,nfsvers=4.2" ]; + }; + + fileSystems."/mnt/Mars" = + { device = "jupiter:/Mars"; + fsType = "nfs"; + options = [ "nofail,noauto,users,x-systemd.automount,x-systemd.device-timeout=10,soft,timeo=14,x-systemd.idle-timeout=1min,sec=sys,exec,nfsvers=4.2" ]; + }; + + + swapDevices = [ { device = "/swap/swapfile"; } ]; + + + networking = { + useDHCP = false; # Deprecated + hostName = "lifebook"; + wireless.iwd.enable = true; + networkmanager = { + enable = true; + wifi = { + backend = "iwd"; + powersave = true; + }; + }; +# interfaces = { +# wlan0 = { +# useDHCP = true; # For versatility sake, manually edit IP on nm-applet. +# #ipv4.addresses = [ { +# # address = "192.168.0.51"; +# # prefixLength = 24; +# #} ]; +# }; +# }; + #defaultGateway = "192.168.0.1"; + #nameservers = [ "192.168.0.4" ]; + firewall = { + checkReversePath = "loose"; + enable = true; + allowedUDPPorts = [ 24727 ]; + allowedTCPPorts = [ 24727 ]; + }; + }; + + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + powerManagement = { + #cpuFreqGovernor = lib.mkDefault "schedutil"; + #powertop.enable = true; + }; +} diff --git a/hosts/laptop/home.nix b/hosts/lifebook/home.nix similarity index 100% rename from hosts/laptop/home.nix rename to hosts/lifebook/home.nix diff --git a/hosts/nbf5/default.nix b/hosts/nbf5/default.nix new file mode 100644 index 0000000..679efd3 --- /dev/null +++ b/hosts/nbf5/default.nix @@ -0,0 +1,97 @@ +# +# Specific system configuration settings for desktop +# +# flake.nix +# ├─ ./hosts +# │ └─ ./laptop +# │ ├─ default.nix * +# │ └─ hardware-configuration.nix +# └─ ./modules +# ├─ ./desktop +# │ └─ ./hyprland +# │ └─ hyprland.nix +# ├─ ./modules +# │ └─ ./programs +# │ └─ waybar.nix +# └─ ./hardware +# └─ default.nix +# + +{ config, pkgs, user, ... }: + +{ + imports = # For now, if applying to other system, swap files + [(import ./hardware-configuration.nix)] ++ # Current system hardware config @ /etc/nixos/hardware-configuration.nix + #[(import ../../modules/wm/hyprland/default.nix)] ++ # Window Manager + [(import ../../modules/wm/sway/default.nix)] ++ # Window Manager + [(import ../../modules/wm/virtualisation/docker.nix)] ++ # Docker + [(import ../../modules/wm/virtualisation/kvm-intel.nix)] ++ # kvm module options + (import ../../modules/hardware); # Hardware devices + + boot = { # Boot options + kernelPackages = pkgs.linuxPackages_latest; + + loader = { # EFI Boot + systemd-boot.enable = true; + efi = { + canTouchEfiVariables = true; + efiSysMountPoint = "/boot"; + }; + timeout = 1; # Grub auto select time + }; + }; + +# hardware.sane = { # Used for scanning with Xsane +# enable = false; +# extraBackends = [ pkgs.sane-airscan ]; +# }; + hardware = { + nitrokey.enable = true; + }; + + environment = { + systemPackages = with pkgs; [ +# simple-scan + intel-media-driver +# alacritty + ]; + }; + + programs = { # No xbacklight, this is the alterantive + light.enable = true; + }; + + services = { + tlp = { + enable = true; # TLP and auto-cpufreq for power management + settings = { + USB_DENYLIST="fc32:1287 1e7d:2e4a 1d5c:5500 1d5c:5510"; + }; + }; + + logind.lidSwitch = "suspend-then-hibernate"; # Laptop does not go to sleep when lid is closed + #auto-cpufreq.enable = true; + blueman.enable = true; + printing = { # Printing and drivers for TS5300 + enable = true; + drivers = [ pkgs.gutenprint ]; + }; + avahi = { # Needed to find wireless printer + enable = true; + nssmdns4 = true; + publish = { # Needed for detecting the scanner + enable = true; + addresses = true; + userServices = true; + }; + }; + tailscale.enable = true; + + }; + + #temporary bluetooth fix +# systemd.tmpfiles.rules = [ +# "d /var/lib/bluetooth 700 root root - -" +# ]; +# systemd.targets."bluetooth".after = ["systemd-tmpfiles-setup.service"]; +} diff --git a/hosts/laptop/hardware-configuration.nix b/hosts/nbf5/hardware-configuration.nix similarity index 100% rename from hosts/laptop/hardware-configuration.nix rename to hosts/nbf5/hardware-configuration.nix diff --git a/hosts/nbf5/home.nix b/hosts/nbf5/home.nix new file mode 100644 index 0000000..d75f667 --- /dev/null +++ b/hosts/nbf5/home.nix @@ -0,0 +1,57 @@ +# +# Home-manager configuration for laptop +# +# flake.nix +# ├─ ./hosts +# │ └─ ./laptop +# │ └─ home.nix * +# └─ ./modules +# └─ ./desktop +# └─ ./hyprland +# └─ hyprland.nix +# + +{ pkgs, ... }: + +{ + imports = + [ + #../../modules/wm/hyprland/home.nix # Window Manager + ../../modules/wm/sway/home.nix # Window Manager + ../../modules/home.nix # Window Manager + ]; + + home = { # Specific packages for laptop + packages = with pkgs; [ + # Applications + libreoffice # Office packages + #firefox + chromium + thunderbird + streamlink + streamlink-twitch-gui-bin + element-desktop + intel-gpu-tools + pulsemixer + + # Display + light # xorg.xbacklight not supported. Other option is just use xrandr. + + # Power Management + #auto-cpufreq # Power management + #tlp # Power management + ]; + }; + + programs = { + alacritty.settings.font.size = 11; + }; + + services = { # Applets + blueman-applet.enable = true; # Bluetooth + network-manager-applet.enable = true; # Network + }; + + xsession.preferStatusNotifierItems = true; + +}