tristan/nix
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity

Cleanup pulse config

Browse source
This commit is contained in:
Tristan D. 2024-08-15 09:08:01 +02:00
parent 6b4addd9fb
commit 42f625d87c
Signed by: tristan
SSH key fingerprint: SHA256:U7y6eMb7CQDaTHv9XoX6/BaQnPqyxxKc+Xnfcefi6rY
1 changed files with 70 additions and 89 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

149
systems/nixos-pulse/default.nix
View file

@ -18,17 +18,15 @@
../../os-mods/common ../../os-mods/common
../../os-mods/desktop ../../os-mods/desktop
../../os-mods/desktop/audio.nix ../../os-mods/desktop/audio.nix
../../os-mods/desktop/gaming.nix
../../os-mods/desktop/printing.nix ../../os-mods/desktop/printing.nix
../../os-mods/network ../../os-mods/network
../../os-mods/ryzenapu ../../os-mods/ryzenapu
../../os-mods/virt ../../os-mods/virt
../../users
]; ];
programs.corectrl.gpuOverclock.enable = lib.mkForce false; nix.settings = {
trusted-users = [ "nixremote" "root" "tristand" ];
nix.settings.system-features = [ system-features = [
"benchmark" "benchmark"
"big-parallel" "big-parallel"
"kvm" "kvm"
@ -36,13 +34,71 @@
"gccarch-x86-64-v3" "gccarch-x86-64-v3"
"gccarch-znver2" "gccarch-znver2"
]; ];
};
programs.corectrl.gpuOverclock.enable = lib.mkForce false;
home-manager = {
useUserPackages = true;
useGlobalPkgs = true;
users.tester = import ../../users/admin-shell.nix {
username = "tester";
inherit pkgs config inputs system lib;
};
users.tristand = import ../../users/admin-shell.nix {
username = "tristand";
inherit pkgs config inputs system lib;
};
};
users.groups.nixremote = { };
users.users = {
tester = {
isNormalUser = true;
description = "Testa Test";
extraGroups = [ "audio" "corectrl" "docker" "networkmanager" "i2c" "wheel" "libvirtd" "qemu-libvirtd" "input" ];
shell = pkgs.fish;
home = "/home/tester";
hashedPassword = "$6$YJT50/Za3FSFQuNT$0orD1URwoURoRKO9sIAsUiIHxOtEOjmPXn5Mp7vAmIYlgVmI629qS7YPUInmztEtEorRpkSMbV3.fCy9NQhKX.";
};
tristand = {
isNormalUser = true;
description = "Tristan Druyen";
extraGroups = [ "audio" "corectrl" "dialout" "docker" "networkmanager" "i2c" "wheel" "libvirtd" "qemu-libvirtd" "input" ];
shell = pkgs.fish;
home = "/home/tristand";
hashedPassword = "$6$Wj.XY8JgH5EWuog4$HnbtPJXDEqKXFrzkPVEjih3PytcpBCrkfL7TAwkXd0IFced7kGMlZNliNsAqQ3XqfyUzAYiiKTIqoPVJEk.s..";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHowJtKj3ohrYjyeWwQ8Lj6UMSPI390SwLRuVIlojcGM tristand@nixos-desk"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO4fBDj1/He/uimO97RgjGWZLAimTrLmIlYS2ekD73GC tristan@arch-pulse"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDP8ztBIgQsYh7LefSKtuDRYDWNheZWbmIr51T/Np/jc tristand@nixos-pulse"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ/tkVxnPZB+C6sK9A12pUsB38OhXieMNaij6pC3foSH admin@vault81.de"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMuH8L7mQDg86uJME6jndOu4niwLMASuJKpdbJU8Hfet tristan+desktop@vault81.de"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKJ6wPntg8+kVLU4M+ykRuBb37SQd1csUtO3ZIStoW+4 root@he2.vault82.de"
];
};
nixremote = {
isSystemUser = true;
group = "nixremote";
description = "remote builder user";
extraGroups = [ "docker" "networkmanager" "wheel" ];
shell = pkgs.bash;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGDS/4JFRaAPoUaDiwDRbbNoaJqsBzaE+DEdaQH9OezM root@nixos-fw16"
];
};
};
boot = { boot = {
kernelPackages = pkgs.pkgsx86_64_v3.linuxPackages_cachyos; # kernelPackages = pkgs.pkgsx86_64_v3.linuxPackages_cachyos;
kernelPackages = pkgs.pkgsAMD64Microarchs.znver2.linuxPackages_cachyos;
kernelPatches = [ ]; kernelPatches = [ ];
kernelParams = [ kernelParams = [
# "systemd.unit=emergency.target" # "systemd.unit=emergency.target"
"systemd.setenv=SYSTEMD_SULOGIN_FORCE=1" # "systemd.setenv=SYSTEMD_SULOGIN_FORCE=1"
# "rescue" # "rescue"
# "pcie_aspm=force" # "pcie_aspm=force"
# "pcie_aspm.policy=powersupersave" # "pcie_aspm.policy=powersupersave"
@ -93,48 +149,8 @@
networking = { networking = {
hostName = "nixos-pulse"; hostName = "nixos-pulse";
extraHosts = '' extraHosts = ''
192.168.0.75 monitor.oekonzept.de 176.9.242.147 he4.redvau.lt
192.168.0.151 rosa.oekonzept.de
192.168.0.171 karl.oekonzept.de
192.168.0.206 vewadb.oekonzept.de
192.168.0.191 vewadb2.oekonzept.de
192.168.0.190 vpn.oekonzept.de
192.168.0.180 vewasmb.oekonzept.de
192.168.0.91 puppet.oekonzept.de
192.168.0.245 camt.oekonzept.net
192.168.0.245 camt-cbg.oekonzept.net
192.168.0.245 camt-eth.oekonzept.net
192.168.0.245 camt-pro.oekonzept.net
192.168.0.245 camt-swbfk.oekonzept.net
192.168.0.245 cloud.oekonzept.net
192.168.0.245 office.oekonzept.net
192.168.0.245 llama.oekonzept.net
192.168.0.245 netdata.oekonzept.net
192.168.0.245 nixos-karl-kvm-guest.oekonzept.de
176.9.242.147 fe3f3294-c93a-4aca-895e-abe6c858dbd5-llama-cpp.redvau.lt
''; '';
interfaces = {
enp5s0f4u1u1c2 = {
useDHCP = false;
ipv4.addresses = [
{
address = "192.168.0.21";
prefixLength = 24;
}
];
ipv4.routes = [
{
address = "192.168.0.0";
prefixLength = 24;
}
{
address = "0.0.0.0";
prefixLength = 0;
via = "192.168.0.5";
}
];
};
};
}; };
fileSystems = fileSystems =
@ -142,11 +158,6 @@
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"; automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s";
perm_opts = "uid=1000,gid=100"; perm_opts = "uid=1000,gid=100";
btrfs_opts = "autodefrag,compress=zstd,discard=async,noatime,space_cache=v2,ssd"; btrfs_opts = "autodefrag,compress=zstd,discard=async,noatime,space_cache=v2,ssd";
smb_opts = [
"vers=2.0,credentials=/home/tristand/.smb-secrets"
perm_opts
automount_opts
];
sshfs_opts = [ sshfs_opts = [
"allow_other,_netdev,reconnect,ServerAliveInterval=15,IdentityFile=/var/secrets/id_ed25519" "allow_other,_netdev,reconnect,ServerAliveInterval=15,IdentityFile=/var/secrets/id_ed25519"
perm_opts perm_opts
@ -184,18 +195,6 @@
]; ];
}; };
"/mnt/ServerF" = {
# device = "//srv-nas-01.local/Server_F";
device = "//192.168.0.1/Server_F";
fsType = "cifs";
options = smb_opts;
};
"/mnt/Scans" = {
# device = "//srv-nas-01.local/Server_F";
device = "//192.168.0.1/Scans";
fsType = "cifs";
options = smb_opts;
};
"/mnt/media_v2" = { "/mnt/media_v2" = {
device = "root@23.88.68.113:/media_v2"; device = "root@23.88.68.113:/media_v2";
fsType = "sshfs"; fsType = "sshfs";
@ -204,29 +203,11 @@
}; };
system.fsPackages = [ pkgs.sshfs ]; system.fsPackages = [ pkgs.sshfs ];
systemd = {
services = {
# This manually configures the automatically created network-adresses service to be more flexible
# regarding booting without the the device being available on boot
# It prevents slow timeouts & errors on boot while preserving Plug & Play ability
network-addresses-enp5s0f4u1u1c2.unitConfig = {
ConditionPathExists = "/sys/class/net/enp5s0f4u1u1c2";
BindsTo = lib.mkForce null;
};
};
};
services.udev.extraRules = '' services.udev.extraRules = ''
ACTION=="add", KERNEL=="enp5s0f4u1u1c2", TAG+="systemd", ENV{SYSTEMD_WANTS}="network-addresses-enp5s0f4u1u1c2.service"
ACTION=="remove", KERNEL=="enp5s0f4u1u1c2", RUN+="${pkgs.systemd}/bin/systemctl stop network-addresses-enp5s0f4u1u1c2.service"
SUBSYSTEM=="pci", ATTR{power/control}="auto" SUBSYSTEM=="pci", ATTR{power/control}="auto"
ACTION=="add", SUBSYSTEM=="serio", DRIVERS=="atkbd", ATTR{power/wakeup}="disabled" ACTION=="add", SUBSYSTEM=="serio", DRIVERS=="atkbd", ATTR{power/wakeup}="disabled"
''; '';
environment.systemPackages = with pkgs; [
android-tools
android-udev-rules
];
hardware = { hardware = {
enableRedistributableFirmware = true; enableRedistributableFirmware = true;
i2c.enable = true; i2c.enable = true;
@ -236,7 +217,7 @@
sensor.iio.enable = true; sensor.iio.enable = true;
tuxedo-rs = { tuxedo-rs = {
enable = true; enable = true;
tailor-gui.enable = true; tailor-gui.enable = false; # used headless atm
}; };
}; };