nix/systems/nixos-pulse/default.nix

{ config
, lib
, pkgs
, modulesPath
, system
, inputs
, ...
}: {
  imports = [
    (modulesPath + "/installer/scan/not-detected.nix")
    ../../os-mods/amdgpu
    ../../os-mods/cachix
    ../../os-mods/common
    ../../os-mods/desktop
    ../../os-mods/network
    ../../os-mods/virt
    ../../users
    ./disko.nix
  ];
  system.stateVersion = "23.05";

  nix.settings.system-features = [
    "benchmark"
    "big-parallel"
    "kvm"
    "nixos-test"
    "gccarch-x86-64-v3"
    "gccarch-znver2"
  ];
  boot = {
    kernelPackages = pkgs.pkgsx86_64_v3.linuxPackages_cachyos;
    kernelPatches = [ ];
    kernelParams = [
      "pcie_aspm=force"
      "pcie_aspm.policy=powersupersave"
      # "amd_pstate.shared_mem=1"
      # "amd_pstate=passive"
      # "initcall_blacklist=acpi_cpufreq_init"
      # "initcall_blacklist=hsmp_plt_init"
      # "gpiolib_acpi.ignore_interrupt=AMDI0030:00@9"
      "rtc_cmos.use_acpi_alarm=1" # reduce S0 sleep wakeups
    ];
    loader = {
      systemd-boot = {
        enable = true;
        configurationLimit = 32;
      };
      efi.canTouchEfiVariables = true;
    };

    initrd = {
      availableKernelModules = [ "nvme" "xhci_pci" "uas" "usbhid" "usb_storage" "sd_mod" ];
      kernelModules = [ ];
      systemd.enable = true;
    };

    kernelModules = [ "kvm-amd" ];
    extraModulePackages = [ ];
  };

  services.btrfs.autoScrub.enable = true;

  networking = {
    hostName = "nixos-pulse";
    extraHosts = ''
      192.168.0.75    monitor.oekonzept.de
      192.168.0.151   rosa.oekonzept.de
      192.168.0.171   karl.oekonzept.de
      192.168.0.206   vewadb.oekonzept.de
      192.168.0.191   vewadb2.oekonzept.de
      192.168.0.190   vpn.oekonzept.de
      192.168.0.180   vewasmb.oekonzept.de
      192.168.0.91    puppet.oekonzept.de
    '';
    useDHCP = lib.mkDefault true;
    interfaces = {
      enp5s0f4u1u1c2 = {
        useDHCP = false;
        ipv4.addresses = [
          {
            address = "192.168.0.21";
            prefixLength = 24;
          }
        ];
        ipv4.routes = [
          {
            address = "192.168.0.0";
            prefixLength = 24;
          }
          {
            address = "0.0.0.0";
            prefixLength = 0;
            via = "192.168.0.5";
          }
        ];
      };
    };
  };

  fileSystems."/mnt/ServerF" = {
    # device = "//srv-nas-01.local/Server_F";
    device = "//192.168.0.1/Server_F";
    fsType = "cifs";
    options =
      let
        # this line prevents hanging on network split
        automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s";
      in
      [ "${automount_opts},vers=2.0,credentials=/home/tristand/.smb-secrets" ];
  };
  fileSystems."/mnt/Scans" = {
    # device = "//srv-nas-01.local/Server_F";
    device = "//192.168.0.1/Scans";
    fsType = "cifs";
    options =
      let
        # this line prevents hanging on network split
        automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s";
      in
      [ "${automount_opts},vers=2.0,credentials=/home/tristand/.smb-secrets" ];
  };

  systemd = {
    services = {
      tailord = {
        enable = true;
        description = "Tuxedo Tailor hardware control service";
        after = [ "systemd-logind.service" ];
        wantedBy = [ "multi-user.target" ];

        serviceConfig = {
          Type = "dbus";
          BusName = "com.tux.Tailor";
          ExecStart = "${pkgs.unstable-os.tuxedo-rs}/bin/tailord";
          Environment = "RUST_BACKTRACE=1";
          Restart = "on-failure";
        };
      };
      # This manually configures the automatically created network-adresses service to be more flexible
      # regarding booting without the the device being available on boot
      # It prevents slow timeouts & errors on boot while preserving Plug & Play ability
      network-addresses-enp5s0f4u1u1c2.unitConfig = {
        ConditionPathExists = "/sys/class/net/enp5s0f4u1u1c2";
        BindsTo = lib.mkForce null;
      };

      powertop.postStart = ''
        HIDDEVICES=$(ls /sys/bus/usb/drivers/usbhid | grep -oE '^[0-9]+-[0-9\.]+' | sort -u)
        for i in $HIDDEVICES; do
          echo -n "Enabling " | cat - /sys/bus/usb/devices/$i/product
          echo 'on' > /sys/bus/usb/devices/$i/power/control
        done
      '';
    };
  };
  services.power-profiles-daemon.enable = true;
  services.udev.extraRules = ''
    ACTION=="add", KERNEL=="enp5s0f4u1u1c2", TAG+="systemd", ENV{SYSTEMD_WANTS}="network-addresses-enp5s0f4u1u1c2.service"
    ACTION=="remove", KERNEL=="enp5s0f4u1u1c2", RUN+="${pkgs.systemd}/bin/systemctl stop network-addresses-enp5s0f4u1u1c2.service"
    SUBSYSTEM=="pci", ATTR{power/control}="auto"
  '';

  # energy saving stuff
  powerManagement.powertop.enable = true;

  environment.systemPackages = with pkgs.unstable-os; [ android-tools android-udev-rules tuxedo-rs tailor-gui ryzenadj ];

  services.dbus.packages = [ pkgs.unstable-os.tuxedo-rs ];

  hardware = {
    enableRedistributableFirmware = true;
    i2c.enable = true;
    tuxedo-keyboard.enable = true;

    cpu.amd.updateMicrocode = true;
  };

  zramSwap.enable = true;
}