tristan/nix
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity
nix/systems/nixos-fw16/default.nix
Tristan Druyen 396a46986e
Moar dbg
2025-03-07 11:06:31 +01:00

307 lines
8.8 KiB
Nix
Raw Blame History

{ config
, lib
, pkgs
, modulesPath
, system
, inputs
, ...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
inputs.nixos-hardware.nixosModules.common-hidpi
inputs.nixos-hardware.nixosModules.framework-16-7040-amd
../../os-mods/age
../../os-mods/net_disks/oeko.nix
../../os-mods/amdgpu
../../os-mods/cachix
../../os-mods/common
../../os-mods/desktop
../../os-mods/desktop/audio.nix
../../os-mods/desktop/gaming.nix
../../os-mods/desktop/printing.nix
../../os-mods/netdata/client.nix
../../os-mods/network
# ../../os-mods/ryzenapu
../../os-mods/virt
../../users
./disks.nix
];
age.rekey.hostPubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIRFEtmoq36QmvAwv/xIVdvaf+B9Scbm5cUFFkP/c1nS root@nixos-f16";
nix.settings.builders-use-substitutes = true;
nix.distributedBuilds = true;
nix.buildMachines = [ ];
# [
# {
# hostName = "nixremote@nixos-desk";
# system = "x86_64-linux";
# protocol = "ssh";
# maxJobs = 0;
# speedFactor = 0;
# supportedFeatures = [
# "benchmark"
# "big-parallel"
# "kvm"
# "nixos-test"
# "gccarch-x86-64-v3"
# "gccarch-znver3"
# ];
# mandatoryFeatures = [ ];
# }
# {
# hostName = "nixremote@nixos-pulse";
# system = "x86_64-linux";
# protocol = "ssh";
# maxJobs = 0;
# speedFactor = 1;
# supportedFeatures = [
# "benchmark"
# "big-parallel"
# "kvm"
# "nixos-test"
# "gccarch-x86-64-v3"
# "gccarch-znver2"
# ];
# mandatoryFeatures = [ ];
# }
# ];
####################
systemd.user = {
services.modprobed-db = {
description = "modprobed-db service to scan and store new kernel modules";
wants = [ "modprobed-db.timer" ];
wantedBy = [ "default.target" ];
serviceConfig = {
ExecStart = "${pkgs.modprobed-db}/bin/modprobed-db storesilent";
ExecStop = "${pkgs.modprobed-db}/bin/modprobed-db storesilent";
Type = "simple";
};
path = builtins.attrValues {
inherit (pkgs) gawk getent coreutils gnugrep gnused kmod;
};
};
timers.modprobed-db = {
wantedBy = [ "timers.target" ];
partOf = [ "modprobed-db.service" ];
timerConfig = {
Persistent = true;
OnUnitActiveSec = "1h";
};
};
};
################
security.sudo-rs.wheelNeedsPassword = lib.mkForce true; # unneded due to fp sensor
# Power mgmt
services.input-remapper.enable = true;
services.power-profiles-daemon.enable = true;
# powerManagement.powertop.enable = true;
programs.corectrl.gpuOverclock.enable = lib.mkForce false; # TODO Check if needed
programs.adb.enable = true;
####
nix.settings.system-features = [
"benchmark"
"big-parallel"
"kvm"
"nixos-test"
"gccarch-znver1"
"gccarch-znver2"
"gccarch-znver3"
"gccarch-znver4"
];
# nixpkgs.hostPlatform.gcc.arch = "znver2";
chaotic = {
# scx = {
# enable = false; # temp
# scheduler = "scx_bpfland";
# package = pkgs.scx;
# };
nyx = {
overlay.enable = true;
# overlay.onTopOf = "user-pkgs"; # needed ?
# overlay.flakeNixpkgs.config = pkgs.config; # needed ?
};
};
boot = {
# kernelPackages = pkgs.linuxPackages_latest; # bootstrap
# kernelPackages = pkgs.linuxPackages_zen; # bootstrap
# kernelPackages = pkgs.linuxPackages_cachyos; # bootstrap
# kernelPackages = pkgs.pkgsAMD64Microarchs.znver4.linuxPackages_cachyos;
# 6.14 rc wohooo
kernelPackages = pkgs.linuxPackages_cachyos-rc;
# kernelPackages = pkgs.pkgsAMD64Microarchs.znver2.linuxPackages_cachyos-rc;
# kernelPackages = pkgs.pkgsAMD64Microarchs.znver2.linuxPackages_cachyos;
# kernelPackages = pkgs.linuxPackages_cachyos;
kernelPatches = [ ];
kernelParams = [
# "systemd.unit=emergency.target"
# "amdgpu.ppfeaturemask=0xfffd7fff" # gpu overclockfoo # TODO Readd if crashes continue 20/02/2025
"systemd.setenv=SYSTEMD_SULOGIN_FORCE=1"
# "rescue"
"pcie_aspm=force" # TODO Check hibernate without
# "pcie_aspm.policy=powersupersave"
"rtc_cmos.use_acpi_alarm=1" # reduce S0 sleep wakeups
"gpiolib_acpi.ignore_interrupt=AMDI0009:00@9" # mask IRQ 9 ?
];
loader = {
timeout = 0;
systemd-boot = {
enable = false; # due to lanzaboote
configurationLimit = 12;
memtest86.enable = true;
# bootCounting.enable = true; # reverted atm
};
efi.canTouchEfiVariables = true;
};
lanzaboote = {
enable = true;
configurationLimit = 12;
# pkiBundle = "/etc/secureboot";
pkiBundle = "/var/lib/sbctl";
};
initrd = {
availableKernelModules = [
"nvme"
"xhci_pci"
"thunderbolt"
"uas" # needed ?
"usbhid"
"usb_storage"
"sd_mod"
];
kernelModules = [ ];
systemd.enable = true;
};
extraModulePackages = [ ];
};
networking = {
hostName = "nixos-fw16";
extraHosts = ''
192.168.0.75 monitor.oekonzept.de
192.168.0.151 rosa.oekonzept.de
192.168.0.171 karl.oekonzept.de
192.168.0.206 vewadb.oekonzept.de
192.168.0.191 vewadb2.oekonzept.de
192.168.0.190 vpn.oekonzept.de
192.168.0.180 vewasmb.oekonzept.de
192.168.0.91 puppet.oekonzept.de
100.64.0.1 oekonzept.net
100.64.0.1 camt.oekonzept.net
100.64.0.1 camt-cbg.oekonzept.net
100.64.0.1 camt-eth.oekonzept.net
100.64.0.1 camt-pro.oekonzept.net
100.64.0.1 camt-swbfk.oekonzept.net
100.64.0.1 cloud.oekonzept.net
100.64.0.1 office.oekonzept.net
100.64.0.1 llama.oekonzept.net
100.64.0.1 netdata.oekonzept.net
100.64.0.1 oproject.oekonzept.net
100.64.0.1 leantime.oekonzept.net
100.64.0.1 nixos-karl-kvm-guest.oekonzept.de
176.9.242.147 fe3f3294-c93a-4aca-895e-abe6c858dbd5-llama-cpp.redvau.lt
'';
interfaces = {
eth0 = {
useDHCP = false;
ipv4.addresses = [
{
address = "192.168.0.21";
prefixLength = 24;
}
];
ipv4.routes = [
{
address = "192.168.0.0";
prefixLength = 24;
}
{
address = "0.0.0.0";
prefixLength = 0;
via = "192.168.0.5";
}
];
};
};
};
systemd = {
services = {
ryzenadj = {
enable = false;
description = "RyzenAdj Autoset";
serviceConfig = {
Type = "oneshot";
User = "root";
ExecStart = "${pkgs.ryzenadj}/bin/ryzenadj -f90 --set-coall=1048566"; # 1048566 = 0x100000 - 10(mV)
};
wantedBy = [ "multi-user.target" ];
};
# Do not manage HID devices with powertop to prevent annoying keyboard/mouse sleeps
# powertop.postStart = ''
# HIDDEVICES=$(ls /sys/bus/usb/drivers/usbhid | grep -oE '^[0-9]+-[0-9\.]+' | sort -u)
# for i in $HIDDEVICES; do
# echo -n "Enabling " | cat - /sys/bus/usb/devices/$i/product
# echo 'on' > /sys/bus/usb/devices/$i/power/control
# done
# '';
# This manually configures the automatically created network-adresses service to be more flexible
# regarding booting without the the device being available on boot
# It prevents slow timeouts & errors on boot while preserving Plug & Play ability
network-addresses-eth0.unitConfig = {
ConditionPathExists = "/sys/class/net/eth0";
BindsTo = lib.mkForce null;
};
};
};
services.udev.extraRules = ''
# Framework Laptop 16 - LED Matrix
SUBSYSTEMS=="usb", ATTRS{idVendor}=="32ac", ATTRS{idProduct}=="0020", MODE="0660", TAG+="uaccess"
# C1 Minimal Microcontroller Module (Template for DIY Module)
SUBSYSTEMS=="usb", ATTRS{idVendor}=="32ac", ATTRS{idProduct}=="0022", MODE="0660", TAG+="uaccess"
# USB-C dock ethernet
ACTION=="add", KERNEL=="eth0", TAG+="systemd", ENV{SYSTEMD_WANTS}="network-addresses-eth0.service"
ACTION=="remove", KERNEL=="eth0", RUN+="${pkgs.systemd}/bin/systemctl stop network-addresses-eth0.service"
# TODO check needed? FIXME helps suspend?
SUBSYSTEM=="pci", ATTR{power/control}="auto"
# ACTION=="add", SUBSYSTEM=="serio", DRIVERS=="atkbd", ATTR{power/wakeup}="disabled"
'';
environment.systemPackages = with pkgs; [
ryzenadj
lm_sensors
coreutils-full
cpu-x
fw-ectool
sbctl # secureboot debugging/config/mgmt
# android-tools
input-remapper
];
hardware = {
enableRedistributableFirmware = true;
i2c.enable = true;
cpu.amd = {
updateMicrocode = true;
ryzen-smu.enable = true;
};
sensor.iio.enable = true;
};
zramSwap.enable = true;
system.stateVersion = "24.05";
}
Reference in a new issue View git blame Copy permalink