diff --git a/systems/nixos-fw16/default.nix b/systems/nixos-fw16/default.nix new file mode 100644 index 0000000..b23e204 --- /dev/null +++ b/systems/nixos-fw16/default.nix @@ -0,0 +1,152 @@ +{ config +, lib +, pkgs +, modulesPath +, system +, inputs +, ... +}: { + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + inputs.nixos-hardware.nixosModules.common-hidpi + inputs.nixos-hardware.nixosModules.common-pc-laptop-acpi_call + inputs.nixos-hardware.nixosModules.framework-16-7040-amd + ../../os-mods/amdgpu + ../../os-mods/cachix + ../../os-mods/common + ../../os-mods/desktop + ../../os-mods/desktop/audio.nix + ../../os-mods/desktop/gaming.nix + ../../os-mods/desktop/printing.nix + ../../os-mods/network + # ../../os-mods/ryzenapu + ../../os-mods/virt + ../../users + ./disks.nix + ]; + + programs.corectrl.gpuOverclock.enable = lib.mkForce false; # TODO Check if needed + + # nix.settings.system-features = [ + # "benchmark" + # "big-parallel" + # "kvm" + # "nixos-test" + # "gccarch-x86-64-v3" + # "gccarch-znver2" + # ]; + + boot = { + # kernelPackages = pkgs.pkgsx86_64_v3.linuxPackages_cachyos; # TODO Switch to x86_64_v4 ? + kernelPackages = pkgs.linuxPackages_cachyos; + kernelPatches = [ ]; + kernelParams = [ + # "systemd.unit=emergency.target" + "systemd.setenv=SYSTEMD_SULOGIN_FORCE=1" + # "rescue" + # "pcie_aspm=force" + # "pcie_aspm.policy=powersupersave" + # "rtc_cmos.use_acpi_alarm=1" # reduce S0 sleep wakeups + # "gpiolib_acpi.ignore_interrupt=AMDI0030:00@9" # mask IRQ 9 ? + ]; + loader = { + systemd-boot = { + enable = true; + configurationLimit = 16; + }; + efi.canTouchEfiVariables = true; + }; + + initrd = { + availableKernelModules = [ "nvme" "xhci_pci" "uas" "usbhid" "usb_storage" "sd_mod" ]; + kernelModules = [ ]; + systemd.enable = true; + }; + + extraModulePackages = [ ]; + }; + + services.btrfs.autoScrub.enable = true; + + networking = { + hostName = "nixos-f16"; + extraHosts = '' + 192.168.0.75 monitor.oekonzept.de + 192.168.0.151 rosa.oekonzept.de + 192.168.0.171 karl.oekonzept.de + 192.168.0.206 vewadb.oekonzept.de + 192.168.0.191 vewadb2.oekonzept.de + 192.168.0.190 vpn.oekonzept.de + 192.168.0.180 vewasmb.oekonzept.de + 192.168.0.91 puppet.oekonzept.de + 192.168.0.245 camt.oekonzept.net + 192.168.0.245 camt-cbg.oekonzept.net + 192.168.0.245 camt-eth.oekonzept.net + 192.168.0.245 camt-pro.oekonzept.net + 192.168.0.245 camt-swbfk.oekonzept.net + 192.168.0.245 cloud.oekonzept.net + 192.168.0.245 office.oekonzept.net + 192.168.0.245 llama.oekonzept.net + 192.168.0.245 netdata.oekonzept.net + 192.168.0.245 nixos-karl-kvm-guest.oekonzept.de + 176.9.242.147 fe3f3294-c93a-4aca-895e-abe6c858dbd5-llama-cpp.redvau.lt + ''; + interfaces = { + enp5s0f4u1u1c2 = { + useDHCP = false; + ipv4.addresses = [ + { + address = "192.168.0.21"; + prefixLength = 24; + } + ]; + ipv4.routes = [ + { + address = "192.168.0.0"; + prefixLength = 24; + } + { + address = "0.0.0.0"; + prefixLength = 0; + via = "192.168.0.5"; + } + ]; + }; + }; + }; + + systemd = { + services = { + # This manually configures the automatically created network-adresses service to be more flexible + # regarding booting without the the device being available on boot + # It prevents slow timeouts & errors on boot while preserving Plug & Play ability + network-addresses-enp5s0f4u1u1c2.unitConfig = { + ConditionPathExists = "/sys/class/net/enp5s0f4u1u1c2"; + BindsTo = lib.mkForce null; + }; + }; + }; + services.udev.extraRules = '' + ACTION=="add", KERNEL=="enp5s0f4u1u1c2", TAG+="systemd", ENV{SYSTEMD_WANTS}="network-addresses-enp5s0f4u1u1c2.service" + ACTION=="remove", KERNEL=="enp5s0f4u1u1c2", RUN+="${pkgs.systemd}/bin/systemctl stop network-addresses-enp5s0f4u1u1c2.service" + SUBSYSTEM=="pci", ATTR{power/control}="auto" + ACTION=="add", SUBSYSTEM=="serio", DRIVERS=="atkbd", ATTR{power/wakeup}="disabled" + ''; + + # environment.systemPackages = with pkgs; [ + # android-tools + # android-udev-rules + # ]; + + hardware = { + enableRedistributableFirmware = true; + i2c.enable = true; + + cpu.amd.updateMicrocode = true; + sensor.iio.enable = true; + }; + + zramSwap.enable = true; + + system.stateVersion = "24.05"; +} diff --git a/systems/nixos-fw16/disks.nix b/systems/nixos-fw16/disks.nix new file mode 100644 index 0000000..8e1209b --- /dev/null +++ b/systems/nixos-fw16/disks.nix @@ -0,0 +1,64 @@ +{ config +, lib +, pkgs +, modulesPath +, system +, inputs +, ... +}: { + boot = { + supportedFilesystems = [ "bcachefs" "vfat" ]; + initrd.supportedFilesystems = [ "bcachefs" "vfat" ]; + initrd.luks.devices = { + # "crypted_1" = { + # device = "/dev/disk/by-uuid/9cca6269-6afa-4f77-92ff-2e9eb8fc9bc7"; + # allowDiscards = true; + # bypassWorkqueues = true; + # crypttabExtraOpts = [ "nofail" ]; + # }; + }; + }; + + swapDevices = [ + # { device = "/dev/disk/by-uuid/83b6aa0a-ff9f-40ef-b728-6540bd5c9365"; } + ]; + + fileSystems = + let + automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"; + perm_opts = "uid=1000,gid=100"; + smb_opts = [ + "vers=2.0,credentials=/home/tristand/.smb-secrets" + perm_opts + automount_opts + ]; + sshfs_opts = [ + "allow_other,_netdev,reconnect,ServerAliveInterval=15,IdentityFile=/var/secrets/id_ed25519" + perm_opts + automount_opts + ]; + in + { + # TODO Add system partitions + + "/mnt/ServerF" = { + # device = "//srv-nas-01.local/Server_F"; + device = "//192.168.0.1/Server_F"; + fsType = "cifs"; + options = smb_opts; + }; + "/mnt/Scans" = { + # device = "//srv-nas-01.local/Server_F"; + device = "//192.168.0.1/Scans"; + fsType = "cifs"; + options = smb_opts; + }; + "/mnt/media_v2" = { + device = "root@23.88.68.113:/media_v2"; + fsType = "sshfs"; + options = sshfs_opts; + }; + }; + + system.fsPackages = [ pkgs.sshfs ]; +}