{ config , lib , pkgs , modulesPath , system , inputs , ... }: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") inputs.nixos-hardware.nixosModules.common-hidpi inputs.nixos-hardware.nixosModules.framework-16-7040-amd ../../os-mods/age ../../os-mods/net_disks/oeko.nix ../../os-mods/amdgpu ../../os-mods/cachix ../../os-mods/common ../../os-mods/desktop ../../os-mods/desktop/audio.nix ../../os-mods/desktop/gaming.nix ../../os-mods/desktop/printing.nix ../../os-mods/netdata/client.nix ../../os-mods/network ../../os-mods/ryzenapu ../../os-mods/virt ../../users ./disks.nix ]; age.rekey.hostPubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIRFEtmoq36QmvAwv/xIVdvaf+B9Scbm5cUFFkP/c1nS root@nixos-f16"; nix.settings.builders-use-substitutes = true; nix.distributedBuilds = true; nix.buildMachines = [ ]; # [ # { # hostName = "nixremote@nixos-desk"; # system = "x86_64-linux"; # protocol = "ssh"; # maxJobs = 0; # speedFactor = 0; # supportedFeatures = [ # "benchmark" # "big-parallel" # "kvm" # "nixos-test" # "gccarch-x86-64-v3" # "gccarch-znver3" # ]; # mandatoryFeatures = [ ]; # } # { # hostName = "nixremote@nixos-pulse"; # system = "x86_64-linux"; # protocol = "ssh"; # maxJobs = 0; # speedFactor = 1; # supportedFeatures = [ # "benchmark" # "big-parallel" # "kvm" # "nixos-test" # "gccarch-x86-64-v3" # "gccarch-znver2" # ]; # mandatoryFeatures = [ ]; # } # ]; #################### systemd.user = { services.modprobed-db = { description = "modprobed-db service to scan and store new kernel modules"; wants = [ "modprobed-db.timer" ]; wantedBy = [ "default.target" ]; serviceConfig = { ExecStart = "${pkgs.modprobed-db}/bin/modprobed-db storesilent"; ExecStop = "${pkgs.modprobed-db}/bin/modprobed-db storesilent"; Type = "simple"; }; path = builtins.attrValues { inherit (pkgs) gawk getent coreutils gnugrep gnused kmod; }; }; timers.modprobed-db = { wantedBy = [ "timers.target" ]; partOf = [ "modprobed-db.service" ]; timerConfig = { Persistent = true; OnUnitActiveSec = "1h"; }; }; }; ################ security.sudo-rs.wheelNeedsPassword = lib.mkForce true; # unneded due to fp sensor # Power mgmt services.input-remapper.enable = true; services.power-profiles-daemon.enable = true; # powerManagement.powertop.enable = true; programs.corectrl.gpuOverclock.enable = lib.mkForce false; # TODO Check if needed programs.adb.enable = true; #### nix.settings.system-features = [ "benchmark" "big-parallel" "kvm" "nixos-test" "gccarch-znver1" "gccarch-znver2" "gccarch-znver3" "gccarch-znver4" ]; # nixpkgs.hostPlatform.gcc.arch = "znver2"; chaotic = { # scx = { # enable = false; # temp # scheduler = "scx_bpfland"; # package = pkgs.scx; # }; nyx = { overlay.enable = true; # overlay.onTopOf = "user-pkgs"; # needed ? # overlay.flakeNixpkgs.config = pkgs.config; # needed ? }; }; boot = { # kernelPackages = pkgs.linuxPackages_latest; # bootstrap # kernelPackages = pkgs.linuxPackages_zen; # bootstrap # kernelPackages = pkgs.linuxPackages_cachyos; # bootstrap # kernelPackages = pkgs.pkgsAMD64Microarchs.znver4.linuxPackages_cachyos; # 6.14 rc wohooo # kernelPackages = pkgs.linuxPackages_cachyos-rc; kernelPackages = pkgs.pkgsAMD64Microarchs.znver2.linuxPackages_cachyos-rc; # kernelPackages = pkgs.pkgsAMD64Microarchs.znver2.linuxPackages_cachyos; # kernelPackages = pkgs.linuxPackages_cachyos; kernelPatches = [ ]; kernelParams = [ # "systemd.unit=emergency.target" # "amdgpu.ppfeaturemask=0xfffd7fff" # gpu overclockfoo # TODO Readd if crashes continue 20/02/2025 "systemd.setenv=SYSTEMD_SULOGIN_FORCE=1" # "rescue" "pcie_aspm=force" # TODO Check hibernate without # "pcie_aspm.policy=powersupersave" "rtc_cmos.use_acpi_alarm=1" # reduce S0 sleep wakeups "gpiolib_acpi.ignore_interrupt=AMDI0009:00@9" # mask IRQ 9 ? ]; loader = { timeout = 0; systemd-boot = { enable = false; # due to lanzaboote configurationLimit = 12; memtest86.enable = true; # bootCounting.enable = true; # reverted atm }; efi.canTouchEfiVariables = true; }; lanzaboote = { enable = true; configurationLimit = 12; # pkiBundle = "/etc/secureboot"; pkiBundle = "/var/lib/sbctl"; }; initrd = { availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "uas" # needed ? "usbhid" "usb_storage" "sd_mod" ]; kernelModules = [ ]; systemd.enable = true; }; extraModulePackages = [ ]; }; networking = { hostName = "nixos-fw16"; extraHosts = '' 192.168.0.75 monitor.oekonzept.de 192.168.0.151 rosa.oekonzept.de 192.168.0.171 karl.oekonzept.de 192.168.0.206 vewadb.oekonzept.de 192.168.0.191 vewadb2.oekonzept.de 192.168.0.190 vpn.oekonzept.de 192.168.0.180 vewasmb.oekonzept.de 192.168.0.91 puppet.oekonzept.de 100.64.0.1 oekonzept.net 100.64.0.1 camt.oekonzept.net 100.64.0.1 camt-cbg.oekonzept.net 100.64.0.1 camt-eth.oekonzept.net 100.64.0.1 camt-pro.oekonzept.net 100.64.0.1 camt-swbfk.oekonzept.net 100.64.0.1 cloud.oekonzept.net 100.64.0.1 office.oekonzept.net 100.64.0.1 llama.oekonzept.net 100.64.0.1 netdata.oekonzept.net 100.64.0.1 oproject.oekonzept.net 100.64.0.1 leantime.oekonzept.net 100.64.0.1 nixos-karl-kvm-guest.oekonzept.de 176.9.242.147 fe3f3294-c93a-4aca-895e-abe6c858dbd5-llama-cpp.redvau.lt ''; interfaces = { eth0 = { useDHCP = false; ipv4.addresses = [ { address = "192.168.0.21"; prefixLength = 24; } ]; ipv4.routes = [ { address = "192.168.0.0"; prefixLength = 24; } { address = "0.0.0.0"; prefixLength = 0; via = "192.168.0.5"; } ]; }; }; }; systemd = { services = { # Do not manage HID devices with powertop to prevent annoying keyboard/mouse sleeps # powertop.postStart = '' # HIDDEVICES=$(ls /sys/bus/usb/drivers/usbhid | grep -oE '^[0-9]+-[0-9\.]+' | sort -u) # for i in $HIDDEVICES; do # echo -n "Enabling " | cat - /sys/bus/usb/devices/$i/product # echo 'on' > /sys/bus/usb/devices/$i/power/control # done # ''; # This manually configures the automatically created network-adresses service to be more flexible # regarding booting without the the device being available on boot # It prevents slow timeouts & errors on boot while preserving Plug & Play ability network-addresses-eth0.unitConfig = { ConditionPathExists = "/sys/class/net/eth0"; BindsTo = lib.mkForce null; }; }; }; services.udev.extraRules = '' # Framework Laptop 16 - LED Matrix SUBSYSTEMS=="usb", ATTRS{idVendor}=="32ac", ATTRS{idProduct}=="0020", MODE="0660", TAG+="uaccess" # C1 Minimal Microcontroller Module (Template for DIY Module) SUBSYSTEMS=="usb", ATTRS{idVendor}=="32ac", ATTRS{idProduct}=="0022", MODE="0660", TAG+="uaccess" # USB-C dock ethernet ACTION=="add", KERNEL=="eth0", TAG+="systemd", ENV{SYSTEMD_WANTS}="network-addresses-eth0.service" ACTION=="remove", KERNEL=="eth0", RUN+="${pkgs.systemd}/bin/systemctl stop network-addresses-eth0.service" # TODO check needed? FIXME helps suspend? SUBSYSTEM=="pci", ATTR{power/control}="auto" # ACTION=="add", SUBSYSTEM=="serio", DRIVERS=="atkbd", ATTR{power/wakeup}="disabled" ''; environment.systemPackages = with pkgs; [ ryzenadj lm_sensors coreutils-full cpu-x fw-ectool sbctl # secureboot debugging/config/mgmt # android-tools input-remapper ]; hardware = { enableRedistributableFirmware = true; i2c.enable = true; cpu.amd = { updateMicrocode = true; ryzen-smu.enable = true; }; sensor.iio.enable = true; }; zramSwap.enable = true; system.stateVersion = "24.05"; }