# Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). { nixos-hardware, nomachine, microvm, ... }: { pkgs, config, ... }: { imports = [ # Include the results of the hardware scan. nixos-hardware.nixosModules.common-cpu-amd nixos-hardware.nixosModules.common-cpu-amd-pstate nixos-hardware.nixosModules.common-pc-ssd "${nomachine}/nixos/modules/services/admin/nomachine.nix" microvm.nixosModules.host ../../users/erwin ../../users/root ]; # nixpkgs.config.allowUnfree = true; eboskma = { var.workSystem = true; users = { erwin = { enable = true; work = true; terminal = "Alacritty"; }; }; base = { plymouth.enable = true; work = true; }; desktop = { enable = true; }; docker = { enable = true; enableNvidia = true; # enableTcpSocket = true; }; fonts.enable = true; gnome.enable = true; kanata = { enable = true; devices = [ "/dev/input/by-id/usb-04d9_USB-HID_Keyboard-event-kbd" ]; }; lightdm.enable = true; networking.enable = true; nix-common = { enable = true; cross-systems = [ "aarch64-linux" ]; }; sound.enable = true; systemd.enable = true; }; fileSystems."/" = { device = "/dev/disk/by-label/nixos"; fsType = "ext4"; }; fileSystems."/boot" = { device = "/dev/disk/by-label/boot"; fsType = "vfat"; }; fileSystems."/home" = { device = "/dev/disk/by-label/home"; fsType = "ext4"; }; fileSystems."/yocto" = { device = "/dev/disk/by-label/yocto"; fsType = "ext4"; }; swapDevices = [{ device = "/dev/disk/by-label/swap"; }]; hardware = { enableAllFirmware = true; nvidia = { modesetting.enable = true; powerManagement.enable = true; forceFullCompositionPipeline = true; }; opengl = { driSupport32Bit = true; extraPackages = with pkgs; [ vaapiVdpau ]; }; }; # Use the systemd-boot EFI boot loader. boot = { kernelPackages = pkgs.linuxPackages_6_4; initrd = { availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; kernelModules = [ "dm-snapshot" ]; }; kernelModules = [ "kvm-amd" "apple-mfi-fastcharge" "zenpower" ]; # boot.kernelParams = [ "amd_pstate.shared_mem=1" ]; extraModulePackages = [ ] ++ (with config.boot.kernelPackages; [ rtl88x2bu zenpower cpupower ]); loader = { systemd-boot = { enable = true; configurationLimit = 15; }; efi.canTouchEfiVariables = true; }; }; time.timeZone = "Europe/Amsterdam"; console.useXkbConfig = true; networking = { hostName = "mimir"; useDHCP = false; networkmanager.enable = false; useNetworkd = true; firewall = { trustedInterfaces = [ "lo" "tailscale0" ]; allowedTCPPorts = [ # Horus System V2 12345 5555 5556 # sccache server 10501 # Celantur 7000 ]; }; nat = { enable = true; internalInterfaces = [ "microvm" ]; externalInterface = "enp4s0"; }; }; microvm.autostart = [ "miniflux" ]; powerManagement = { cpuFreqGovernor = "ondemand"; }; systemd.network = { enable = true; # wait-online.extraArgs = [ "--interface=enp4s0" ]; wait-online.anyInterface = true; links = { "40-enp4s0" = { matchConfig = { Name = "enp4s0"; }; linkConfig = { WakeOnLan = "magic"; }; }; }; netdevs = { "10-microvm" = { netdevConfig = { Kind = "bridge"; Name = "microvm"; }; }; }; networks = { "40-enp4s0" = { enable = true; DHCP = "yes"; domains = [ "internal.horus.nu" "bedum.horus.nu" ]; matchConfig = { Name = "enp4s0"; }; }; "40-enp5s0f1" = { enable = true; linkConfig = { RequiredForOnline = "no"; }; matchConfig = { Name = "enp5s0f1"; }; }; "10-microvm" = { matchConfig = { Name = "microvm"; }; addresses = [ { addressConfig.Address = "172.16.0.1/24"; } ]; }; "11-microvm" = { matchConfig = { Name = "vm-*"; }; networkConfig = { Bridge = "microvm"; }; }; }; }; services.openssh.enable = true; # programs.ssh.startAgent = true; services.envfs.enable = true; services.cpupower-gui.enable = true; services.flatpak.enable = true; services.tailscale.enable = true; services.xserver = { videoDrivers = [ "nvidia" ]; screenSection = '' Option "metamodes" "DP-0: nvidia-auto-select +0+0 {ForceFullCompositionPipeline=On, AllowGSYNCCompatible=On}, DP-4: nvidia-auto-select +3840+0 {ForceFullCompositionPipeline=On, AllowGSYNCCompatible=On}" Option "TripleBuffer" "On" ''; libinput = { enable = true; mouse = { naturalScrolling = true; accelSpeed = "1.0"; }; touchpad = { naturalScrolling = true; }; }; }; services.nxserver = { enable = true; openFirewall = true; }; services.icecream.daemon = { enable = true; schedulerHost = "icecream.internal.horus.nu"; noRemote = true; openFirewall = false; openBroadcast = true; }; environment.systemPackages = with pkgs; [ appimage-run ]; # sops = { # defaultSopsFile = ./secrets.yaml; # secrets = {}; # }; # This value determines the NixOS release from which the default # settings for stateful data, like file locations and database versions # on your system were taken. It‘s perfectly fine and recommended to leave # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). system.stateVersion = "22.11"; # Did you read the comment? }