commit c5fc179cdc07b59a6308cbf990dff599a6f56182
parent 2e7593f5ba78756905e849e55586123a7032de25
Author: Vincent Demeester <vincent@sbr.pm>
Date: Thu, 9 Sep 2021 16:54:32 +0200
systems: initialize aomi 🙃
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
Diffstat:
3 files changed, 150 insertions(+), 4 deletions(-)
diff --git a/hosts.nix b/hosts.nix
@@ -1,12 +1,11 @@
{
naruhodo = { arch = "x86_64-linux"; type = "unstable"; };
+ aomi = { arch = "x86_64-linux"; type = "unstable"; };
# servers
+ # FIXME(vdemeester) move this away
hokkaido = { arch = "x86_64-linux"; };
wakasu = { arch = "x86_64-linux"; };
kerkouane = { arch = "x86_64-linux"; };
- okinawa = { arch = "x86_64-linux"; };
+ # okinawa = { arch = "x86_64-linux"; }; # okinawa died
sakhalin = { arch = "x86_64-linux"; };
- # Test VM
- foo = { arch = "x86_64-linux"; type = "unstable"; vm = true; };
- # mypi = { arch = "aarch64-linux" };
}
diff --git a/systems/hardware/lenovo-p1.nix b/systems/hardware/lenovo-p1.nix
@@ -0,0 +1,52 @@
+{ config, pkgs, lib, ... }:
+let
+ sources = import ../../nix/sources.nix;
+in
+{
+ imports = [
+ (sources.nixos-hardware + "/common/pc/ssd")
+ (sources.nixos-hardware + "/lenovo/thinkpad/p1/3th-gen")
+ ./thinkpad.nix
+ ];
+ boot = {
+ initrd.availableKernelModules = [ "nvme" "rtsx_pci_sdmmc" ];
+ };
+ hardware = {
+ enableAllFirmware = true;
+ bluetooth = {
+ enable = true;
+ powerOnBoot = true;
+ };
+ };
+ nix.maxJobs = 12;
+ services.throttled.enable = lib.mkDefault true;
+ services = {
+ tlp = {
+ extraConfig = ''
+ # CPU optimizations
+ CPU_SCALING_GOVERNOR_ON_AC=performance
+ CPU_SCALING_GOVERNOR_ON_BAT=powersave
+ CPU_MIN_PERF_ON_AC=0
+ CPU_MAX_PERF_ON_AC=100
+ CPU_MIN_PERF_ON_BAT=0
+ CPU_MAX_PERF_ON_BAT=50
+ # DEVICES (wifi, ..)
+ DEVICES_TO_DISABLE_ON_STARTUP=""
+ DEVICES_TO_ENABLE_ON_AC="bluetooth wifi wwan"
+ DEVICES_TO_DISABLE_ON_BAT=""
+ # Network management
+ DEVICES_TO_DISABLE_ON_LAN_CONNECT=""
+ DEVICES_TO_DISABLE_ON_WIFI_CONNECT=""
+ DEVICES_TO_DISABLE_ON_WWAN_CONNECT=""
+ DEVICES_TO_ENABLE_ON_LAN_DISCONNECT=""
+ DEVICES_TO_ENABLE_ON_WIFI_DISCONNECT=""
+ DEVICES_TO_ENABLE_ON_WWAN_DISCONNECT=""
+ # Docking
+ DEVICES_TO_DISABLE_ON_DOCK="wifi"
+ DEVICES_TO_ENABLE_ON_UNDOCK="wifi"
+ # Make sure it uses the right hard drive
+ #DISK_DEVICES="nvme0n1p2"
+ '';
+ };
+ };
+}
diff --git a/systems/hosts/aomi.nix b/systems/hosts/aomi.nix
@@ -0,0 +1,95 @@
+{ sources ? import ../../nix
+, lib ? sources.lib
+, pkgs ? sources.pkgs { }
+}:
+
+with lib;
+let
+ hostname = "aomi";
+ secretPath = ../../secrets/machines.nix;
+ secretCondition = (builtins.pathExists secretPath);
+
+ ip = strings.optionalString secretCondition (import secretPath).wireguard.ips."${hostname}";
+ ips = lists.optionals secretCondition ([ "${ip}/24" ]);
+ endpointIP = strings.optionalString secretCondition (import secretPath).wg.endpointIP;
+ endpointPort = if secretCondition then (import secretPath).wg.listenPort else 0;
+ endpointPublicKey = strings.optionalString secretCondition (import secretPath).wireguard.kerkouane.publicKey;
+in
+{
+ imports = [
+ ../hardware/lenovo-p1.nix
+ (import ../../nix).home-manager-stable
+ ../modules
+ (import ../../users).vincent
+ (import ../../users).root
+ ];
+
+ networking = {
+ hostName = hostname;
+ };
+
+ boot = {
+ kernelPackages = pkgs.linuxPackages_latest;
+ tmpOnTmpfs = true;
+ plymouth = {
+ enable = true;
+ themePackages = [ pkgs.my.adi1090x-plymouth ];
+ theme = "hexagon";
+ # hexagon, green_loader, deus_ex, cuts, sphere, spinner_alt
+ };
+ extraModulePackages = with pkgs.linuxPackages_latest; [
+ v4l2loopback
+ ];
+ kernelModules = [ "v4l2loopback" ];
+ extraModprobeConfig = ''
+ options v4l2loopback exclusive_caps=1
+ '';
+ binfmt.registrations = {
+ s390x-linux = {
+ # interpreter = getEmulator "s390x-linux";
+ interpreter = "${pkgs.qemu}/bin/qemu-s390x";
+ magicOrExtension = ''\x7fELF\x02\x02\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x16'';
+ mask = ''\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff'';
+ };
+ };
+ binfmt.emulatedSystems = [
+ "armv6l-linux"
+ "armv7l-linux"
+ "aarch64-linux"
+ # "s390x-linux"
+ "powerpc64le-linux"
+ ];
+ };
+
+ # FIXME Fix tmpOnTmpfs
+ systemd.additionalUpstreamSystemUnits = [ "tmp.mount" ];
+
+ services.hardware.bolt.enable = true;
+
+ profiles = {
+ desktop.i3.enable = true;
+ laptop.enable = true;
+ home = true;
+ dev.enable = true;
+ yubikey.enable = true;
+ virtualization = { enable = true; nested = true; };
+ redhat.enable = true;
+ };
+
+ environment.systemPackages = with pkgs; [
+ virtmanager
+ # force xbacklight to work
+ acpilight
+ ];
+
+ services = {
+ wireguard = {
+ enable = true;
+ ips = ips;
+ endpoint = endpointIP;
+ endpointPort = endpointPort;
+ endpointPublicKey = endpointPublicKey;
+ };
+ };
+
+}