{ confin , lib , pkgs , modulesPath , system , inputs , ... }: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") inputs.nixos-hardware.nixosModules.common-cpu-amd inputs.nixos-hardware.nixosModules.common-cpu-amd-pstate inputs.nixos-hardware.nixosModules.common-gpu-amd inputs.nixos-hardware.nixosModules.common-pc inputs.nixos-hardware.nixosModules.common-pc-ssd ../../os-mods/age ../../os-mods/amdgpu ../../os-mods/cachix ../../os-mods/common ../../os-mods/desktop ../../os-mods/desktop/audio.nix ../../os-mods/desktop/gaming.nix ../../os-mods/desktop/printing.nix ../../os-mods/netdata/client.nix ../../os-mods/network ../../os-mods/virt ../../os-mods/xmrig ../../users ./disko.nix ]; config = let # hid-fanatecff = pkgs.callPackage ./hid-fanatecff.nix { kernelPackages = config.boot.kernelPackages; }; in { system.stateVersion = "23.05"; age.rekey.hostPubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINHvqEPN39Brd3SYJxVYROwtv0UXl/7fW6z3otUWEaEU root@nixos-desk"; nix.settings.system-features = [ "benchmark" "big-parallel" "kvm" "nixos-test" "gccarch-x86-64-v3" "gccarch-znver1" "gccarch-znver2" "gccarch-znver3" # 3 is backwards compat to 1 ]; boot = { # kernelPackages = pkgs.linuxPackages_latest; # kernelPackages = pkgs.linuxPackages_zen; # kernelPackages = pkgs.linuxPackages_cachyos; kernelPackages = pkgs.linuxPackages_cachyos-rc; # kernelPackages = pkgs.pkgsAMD64Microarchs.znver2.linuxPackages_cachyos-rc; kernelModules = [ "nct6775" ]; # extraModulePackages = [ hid-fanatecff ]; loader = { systemd-boot = { enable = lib.mkForce false; #lanzaboote configurationLimit = 16; }; efi.canTouchEfiVariables = true; }; # TODO Extract secureboot module lanzaboote = { enable = true; configurationLimit = 16; pkiBundle = "/etc/secureboot"; }; initrd = { availableKernelModules = [ "ahci" "nvme" "xhci_pci" "uas" "usbhid" "usb_storage" "sd_mod" ]; kernelModules = [ ]; systemd.enable = true; }; }; programs.fuse.userAllowOther = true; environment.systemPackages = with pkgs; [ input-remapper lm_sensors sshfs coreutils-full cpu-x sbctl # secureboot debugging/config/mgmt ]; environment.etc = { "sysconfig/lm_sensors".text = '' HWMON_MODULES="nct6775" ''; }; # TODO nixify current mousewheel workaround config # likely just need to add json to home-manager services.input-remapper.enable = true; services.btrfs.autoScrub.enable = true; # services.udev.packages = [ hid-fanatecff ]; networking = { # tailscale docker test firewall.allowedTCPPorts = [ 80 443 3478 41641 ]; firewall.allowedUDPPorts = [ 80 443 3478 41641 ]; firewall.allowedTCPPortRanges = [ { from = 39000; to = 42000; } { from = 18000; to = 19000; } ]; firewall.allowedUDPPortRanges = [ { from = 39000; to = 42000; } { from = 18000; to = 19000; } ]; hostName = "nixos-desk"; useDHCP = lib.mkDefault true; extraHosts = '' 100.64.0.1 oekonzept.net 100.64.0.1 camt.oekonzept.net 100.64.0.1 camt-cbg.oekonzept.net 100.64.0.1 camt-eth.oekonzept.net 100.64.0.1 camt-pro.oekonzept.net 100.64.0.1 camt-swbfk.oekonzept.net 100.64.0.1 cloud.oekonzept.net 100.64.0.1 office.oekonzept.net 100.64.0.1 llama.oekonzept.net 100.64.0.1 netdata.oekonzept.net 100.64.0.1 oproject.oekonzept.net 100.64.0.1 leantime.oekonzept.net ''; }; hardware = { enableRedistributableFirmware = true; }; zramSwap.enable = true; }; }