home

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README | LICENSE

commit c5fc179cdc07b59a6308cbf990dff599a6f56182
parent 2e7593f5ba78756905e849e55586123a7032de25
Author: Vincent Demeester <vincent@sbr.pm>
Date:   Thu,  9 Sep 2021 16:54:32 +0200

systems: initialize aomi 🙃

Signed-off-by: Vincent Demeester <vincent@sbr.pm>

Diffstat:
Mhosts.nix | 7+++----
Asystems/hardware/lenovo-p1.nix | 52++++++++++++++++++++++++++++++++++++++++++++++++++++
Asystems/hosts/aomi.nix | 95+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 150 insertions(+), 4 deletions(-)

diff --git a/hosts.nix b/hosts.nix @@ -1,12 +1,11 @@ { naruhodo = { arch = "x86_64-linux"; type = "unstable"; }; + aomi = { arch = "x86_64-linux"; type = "unstable"; }; # servers + # FIXME(vdemeester) move this away hokkaido = { arch = "x86_64-linux"; }; wakasu = { arch = "x86_64-linux"; }; kerkouane = { arch = "x86_64-linux"; }; - okinawa = { arch = "x86_64-linux"; }; + # okinawa = { arch = "x86_64-linux"; }; # okinawa died sakhalin = { arch = "x86_64-linux"; }; - # Test VM - foo = { arch = "x86_64-linux"; type = "unstable"; vm = true; }; - # mypi = { arch = "aarch64-linux" }; } diff --git a/systems/hardware/lenovo-p1.nix b/systems/hardware/lenovo-p1.nix @@ -0,0 +1,52 @@ +{ config, pkgs, lib, ... }: +let + sources = import ../../nix/sources.nix; +in +{ + imports = [ + (sources.nixos-hardware + "/common/pc/ssd") + (sources.nixos-hardware + "/lenovo/thinkpad/p1/3th-gen") + ./thinkpad.nix + ]; + boot = { + initrd.availableKernelModules = [ "nvme" "rtsx_pci_sdmmc" ]; + }; + hardware = { + enableAllFirmware = true; + bluetooth = { + enable = true; + powerOnBoot = true; + }; + }; + nix.maxJobs = 12; + services.throttled.enable = lib.mkDefault true; + services = { + tlp = { + extraConfig = '' + # CPU optimizations + CPU_SCALING_GOVERNOR_ON_AC=performance + CPU_SCALING_GOVERNOR_ON_BAT=powersave + CPU_MIN_PERF_ON_AC=0 + CPU_MAX_PERF_ON_AC=100 + CPU_MIN_PERF_ON_BAT=0 + CPU_MAX_PERF_ON_BAT=50 + # DEVICES (wifi, ..) + DEVICES_TO_DISABLE_ON_STARTUP="" + DEVICES_TO_ENABLE_ON_AC="bluetooth wifi wwan" + DEVICES_TO_DISABLE_ON_BAT="" + # Network management + DEVICES_TO_DISABLE_ON_LAN_CONNECT="" + DEVICES_TO_DISABLE_ON_WIFI_CONNECT="" + DEVICES_TO_DISABLE_ON_WWAN_CONNECT="" + DEVICES_TO_ENABLE_ON_LAN_DISCONNECT="" + DEVICES_TO_ENABLE_ON_WIFI_DISCONNECT="" + DEVICES_TO_ENABLE_ON_WWAN_DISCONNECT="" + # Docking + DEVICES_TO_DISABLE_ON_DOCK="wifi" + DEVICES_TO_ENABLE_ON_UNDOCK="wifi" + # Make sure it uses the right hard drive + #DISK_DEVICES="nvme0n1p2" + ''; + }; + }; +} diff --git a/systems/hosts/aomi.nix b/systems/hosts/aomi.nix @@ -0,0 +1,95 @@ +{ sources ? import ../../nix +, lib ? sources.lib +, pkgs ? sources.pkgs { } +}: + +with lib; +let + hostname = "aomi"; + secretPath = ../../secrets/machines.nix; + secretCondition = (builtins.pathExists secretPath); + + ip = strings.optionalString secretCondition (import secretPath).wireguard.ips."${hostname}"; + ips = lists.optionals secretCondition ([ "${ip}/24" ]); + endpointIP = strings.optionalString secretCondition (import secretPath).wg.endpointIP; + endpointPort = if secretCondition then (import secretPath).wg.listenPort else 0; + endpointPublicKey = strings.optionalString secretCondition (import secretPath).wireguard.kerkouane.publicKey; +in +{ + imports = [ + ../hardware/lenovo-p1.nix + (import ../../nix).home-manager-stable + ../modules + (import ../../users).vincent + (import ../../users).root + ]; + + networking = { + hostName = hostname; + }; + + boot = { + kernelPackages = pkgs.linuxPackages_latest; + tmpOnTmpfs = true; + plymouth = { + enable = true; + themePackages = [ pkgs.my.adi1090x-plymouth ]; + theme = "hexagon"; + # hexagon, green_loader, deus_ex, cuts, sphere, spinner_alt + }; + extraModulePackages = with pkgs.linuxPackages_latest; [ + v4l2loopback + ]; + kernelModules = [ "v4l2loopback" ]; + extraModprobeConfig = '' + options v4l2loopback exclusive_caps=1 + ''; + binfmt.registrations = { + s390x-linux = { + # interpreter = getEmulator "s390x-linux"; + interpreter = "${pkgs.qemu}/bin/qemu-s390x"; + magicOrExtension = ''\x7fELF\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x16''; + mask = ''\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff''; + }; + }; + binfmt.emulatedSystems = [ + "armv6l-linux" + "armv7l-linux" + "aarch64-linux" + # "s390x-linux" + "powerpc64le-linux" + ]; + }; + + # FIXME Fix tmpOnTmpfs + systemd.additionalUpstreamSystemUnits = [ "tmp.mount" ]; + + services.hardware.bolt.enable = true; + + profiles = { + desktop.i3.enable = true; + laptop.enable = true; + home = true; + dev.enable = true; + yubikey.enable = true; + virtualization = { enable = true; nested = true; }; + redhat.enable = true; + }; + + environment.systemPackages = with pkgs; [ + virtmanager + # force xbacklight to work + acpilight + ]; + + services = { + wireguard = { + enable = true; + ips = ips; + endpoint = endpointIP; + endpointPort = endpointPort; + endpointPublicKey = endpointPublicKey; + }; + }; + +}