{ config , lib , pkgs , modulesPath , system , inputs , ... } @ moduleArgs: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") inputs.nixos-hardware.nixosModules.common-cpu-amd inputs.nixos-hardware.nixosModules.common-cpu-amd-pstate inputs.nixos-hardware.nixosModules.common-hidpi inputs.nixos-hardware.nixosModules.tuxedo-pulse-15-gen2 ../../os-mods/age ../../os-mods/amdgpu ../../os-mods/cachix ../../os-mods/common # ../../os-mods/desktop # ../../os-mods/desktop/audio.nix # ../../os-mods/desktop/printing.nix ../../os-mods/netdata/client.nix ../../os-mods/network ../../os-mods/ryzenapu ../../os-mods/virt ]; nix.settings = { trusted-users = [ "nixremote" "root" "tristand" ]; system-features = [ "benchmark" "big-parallel" "kvm" "nixos-test" "gccarch-x86-64-v3" "gccarch-znver2" ]; }; programs.corectrl.gpuOverclock.enable = lib.mkForce false; networking = { useDHCP = lib.mkForce false; useNetworkd = true; wireless = { enable = true; networks."DruyenWLAN" = { psk = "DidWvTDruyenH4"; }; }; networkmanager.unmanaged = [ "wlp3s0" ]; }; systemd.network = { enable = true; networks."10-homewifi" = { name = "wlp3s0"; matchConfig = { SSID = "DruyenWLAN"; }; DHCP = "yes"; # both ipv4 & 6 }; }; home-manager = { useUserPackages = true; useGlobalPkgs = true; users.tristand = import ../../users/admin-shell.nix (moduleArgs // { username = "tristand"; }); }; users.groups.nixremote = { }; users.users = { tristand = { isNormalUser = true; description = "Tristan Druyen"; extraGroups = [ "audio" "corectrl" "dialout" "docker" "networkmanager" "i2c" "wheel" "libvirtd" "qemu-libvirtd" "input" ]; shell = pkgs.fish; home = "/home/tristand"; hashedPassword = "$6$Wj.XY8JgH5EWuog4$HnbtPJXDEqKXFrzkPVEjih3PytcpBCrkfL7TAwkXd0IFced7kGMlZNliNsAqQ3XqfyUzAYiiKTIqoPVJEk.s.."; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO4xz3EgIRiRb/gmnCSq17kHd4MLilf05zYOFZrwOIrA tristand@nixos-fw16" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGDS/4JFRaAPoUaDiwDRbbNoaJqsBzaE+DEdaQH9OezM root@nixos-fw16" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIRFEtmoq36QmvAwv/xIVdvaf+B9Scbm5cUFFkP/c1nS root@nixos-f16" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHowJtKj3ohrYjyeWwQ8Lj6UMSPI390SwLRuVIlojcGM tristand@nixos-desk" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO4fBDj1/He/uimO97RgjGWZLAimTrLmIlYS2ekD73GC tristan@arch-pulse" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDP8ztBIgQsYh7LefSKtuDRYDWNheZWbmIr51T/Np/jc tristand@nixos-pulse" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ/tkVxnPZB+C6sK9A12pUsB38OhXieMNaij6pC3foSH admin@vault81.de" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMuH8L7mQDg86uJME6jndOu4niwLMASuJKpdbJU8Hfet tristan+desktop@vault81.de" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKJ6wPntg8+kVLU4M+ykRuBb37SQd1csUtO3ZIStoW+4 root@he2.vault82.de" ]; }; nixremote = { isSystemUser = true; group = "nixremote"; description = "remote builder user"; extraGroups = [ "docker" "networkmanager" "wheel" ]; shell = pkgs.bash; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO4xz3EgIRiRb/gmnCSq17kHd4MLilf05zYOFZrwOIrA tristand@nixos-fw16" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGDS/4JFRaAPoUaDiwDRbbNoaJqsBzaE+DEdaQH9OezM root@nixos-fw16" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIRFEtmoq36QmvAwv/xIVdvaf+B9Scbm5cUFFkP/c1nS root@nixos-f16" ]; }; }; boot = { # kernelPackages = pkgs.pkgsx86_64_v3.linuxPackages_cachyos; kernelPackages = pkgs.pkgsAMD64Microarchs.znver2.linuxPackages_cachyos; kernelPatches = [ ]; kernelParams = [ # "systemd.unit=emergency.target" # "systemd.setenv=SYSTEMD_SULOGIN_FORCE=1" # "rescue" # "pcie_aspm=force" # "pcie_aspm.policy=powersupersave" # "rtc_cmos.use_acpi_alarm=1" # reduce S0 sleep wakeups # "gpiolib_acpi.ignore_interrupt=AMDI0030:00@9" # mask IRQ 9 ? ]; loader = { systemd-boot = { enable = true; configurationLimit = 16; }; efi.canTouchEfiVariables = true; }; supportedFilesystems = [ "btrfs" "vfat" ]; initrd = { availableKernelModules = [ "nvme" "xhci_pci" "uas" "usbhid" "usb_storage" "sd_mod" ]; kernelModules = [ ]; systemd.enable = true; supportedFilesystems = [ "btrfs" "vfat" ]; luks.devices = { "crypted_1" = { device = "/dev/disk/by-uuid/9cca6269-6afa-4f77-92ff-2e9eb8fc9bc7"; allowDiscards = true; bypassWorkqueues = true; crypttabExtraOpts = [ "nofail" ]; }; "crypted_swap_1" = { device = "/dev/disk/by-uuid/7b19e61a-20cd-47ae-9da2-0f40c9be86fe"; allowDiscards = true; bypassWorkqueues = true; crypttabExtraOpts = [ "nofail" ]; }; }; }; extraModulePackages = [ ]; }; swapDevices = [ { device = "/dev/disk/by-uuid/83b6aa0a-ff9f-40ef-b728-6540bd5c9365"; } ]; services.btrfs.autoScrub.enable = true; networking = { hostName = "nixos-pulse"; extraHosts = '' 176.9.242.147 he4.redvau.lt ''; }; fileSystems = let automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s"; perm_opts = "uid=1000,gid=100"; btrfs_opts = "autodefrag,compress=zstd,discard=async,noatime,space_cache=v2,ssd"; sshfs_opts = [ "allow_other,_netdev,reconnect,ServerAliveInterval=15,IdentityFile=/var/secrets/id_ed25519" perm_opts automount_opts ]; in { "/" = { device = "/dev/mapper/crypted_1"; fsType = "btrfs"; options = [ btrfs_opts "subvol=_active/root" ]; }; "/boot" = { device = "/dev/disk/by-uuid/3226-7E38"; fsType = "vfat"; options = [ "fmask=0022" "dmask=0022" ]; }; "/home" = { device = "/dev/mapper/crypted_1"; fsType = "btrfs"; options = [ btrfs_opts "subvol=_active/home" ]; }; "/nix" = { device = "/dev/mapper/crypted_1"; fsType = "btrfs"; options = [ btrfs_opts "subvol=_active/nix" ]; }; # "/mnt/media_v2" = { # device = "root@23.88.68.113:/media_v2"; # fsType = "sshfs"; # options = sshfs_opts; # }; }; system.fsPackages = [ pkgs.sshfs ]; services.udev.extraRules = '' SUBSYSTEM=="pci", ATTR{power/control}="auto" ACTION=="add", SUBSYSTEM=="serio", DRIVERS=="atkbd", ATTR{power/wakeup}="disabled" ''; hardware = { enableRedistributableFirmware = true; i2c.enable = true; # tuxedo-keyboard.enable = true; // not needed for server use cpu.amd.updateMicrocode = true; sensor.iio.enable = true; # tuxedo-rs = { // not needed for server use # enable = true; # tailor-gui.enable = false; # used headless atm # } ; }; zramSwap.enable = true; environment.systemPackages = with pkgs; [ firefox ]; system.stateVersion = "23.05"; }