The Blue Update #1

Merged
Jimbo merged 101 commits from Refactor into main 2024-10-25 21:26:22 -04:00
16 changed files with 124 additions and 104 deletions
Showing only changes of commit 2828d7a210 - Show all commits

View file

@ -0,0 +1,50 @@
{ pkgs, ... }:
let
commonKernelParams = [
# Nvidia settings
"nvidia_drm.fbdev=1"
"nouveau.config=NvGspRm=1"
# VM/GPU passthrough
"amd_iommu=on"
"iommu=pt"
"nested=1"
# Virtualization nonsense
"transparent_hugepage=never"
# Isolate devices into IOMMU groups
"pcie_acs_override=downstream,multifunction"
"pci=routeirq"
];
in {
boot = {
kernelPackages = pkgs.unstable.linuxPackages_zen;
blacklistedKernelModules = [
"pcspkr"
];
kernel.sysctl."vm.max_map_count" = 2147483642;
kernelParams = commonKernelParams ++ [
"vfio-pci.ids=10de:1f82,10de:10fa"
];
# Encryption and TPM
initrd = {
systemd.enable = true;
luks.devices = {
"crypt-ssd" = {
device = "/dev/disk/by-uuid/52110c74-19b6-40ef-9710-e6c9b157005f";
preLVM = true;
allowDiscards = true;
};
};
};
};
# Additional entry to boot from the second GPU
specialisation = {
gputwo.configuration = {
boot.kernelParams = commonKernelParams ++ [ "vfio-pci.ids=10de:2504,10de:228e" ];
};
};
}

View file

@ -2,6 +2,7 @@
{ {
imports = [ imports = [
./hardware ./hardware
./boot
# Apps and programs # Apps and programs
../../../modules/system ../../../modules/system

View file

@ -1,37 +1,10 @@
{ config, lib, pkgs, modulesPath, ... }: { config, lib, modulesPath, ... }:
let {
# Set common boot paramaters
commonKernelParams = [
# Nvidia settings
"nvidia_drm.fbdev=1"
"nouveau.config=NvGspRm=1"
# VM/GPU passthrough
"amd_iommu=on"
"iommu=pt"
"nested=1"
# Virtualization nonsense
"transparent_hugepage=never"
# Isolate devices into IOMMU groups
"pcie_acs_override=downstream,multifunction"
"pci=routeirq"
];
in {
imports = [ imports = [
(modulesPath + "/installer/scan/not-detected.nix") (modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot = { boot = {
kernelPackages = pkgs.unstable.linuxPackages_zen;
blacklistedKernelModules = [
"pcspkr"
];
kernel.sysctl."vm.max_map_count" = 2147483642;
kernelParams = commonKernelParams ++ [
"vfio-pci.ids=10de:1f82,10de:10fa"
];
initrd = { initrd = {
availableKernelModules = [ availableKernelModules = [
"nvme" "nvme"
@ -48,23 +21,6 @@ in {
"vfio_iommu_type1" "vfio_iommu_type1"
"kvm-amd" "kvm-amd"
]; ];
# Encryption and TPM
systemd.enable = true;
luks.devices = {
"crypt-ssd" = {
device = "/dev/disk/by-uuid/52110c74-19b6-40ef-9710-e6c9b157005f";
preLVM = true;
allowDiscards = true;
};
};
};
};
# Additional entry to boot from the second GPU
specialisation = {
gputwo.configuration = {
boot.kernelParams = commonKernelParams ++ [ "vfio-pci.ids=10de:2504,10de:228e" ];
}; };
}; };

View file

@ -14,7 +14,7 @@
# Misc # Misc
../../../overlays ../../../overlays
../../../variables ../../../variables
../../../variables/look/colors/purple ../../../variables/look/colors/orange
# Imports # Imports
nur.nixosModules.nur nur.nixosModules.nur

View file

@ -1,66 +1,56 @@
# Do not modify this file! It was generated by nixos-generate-config { config, lib, modulesPath, ... }:
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{ {
imports = imports = [
[ (modulesPath + "/installer/scan/not-detected.nix") (modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = [ "xhci_pci" "sdhci_pci" ]; boot = {
boot.initrd.kernelModules = [ "dm-snapshot" ]; initrd = {
boot.kernelModules = [ "kvm-intel" ]; availableKernelModules = [ "xhci_pci" "sdhci_pci" ];
boot.extraModulePackages = [ ]; kernelModules = [ "dm-snapshot" ];
};
kernelModules = [ "kvm-intel" ];
};
fileSystems."/" = fileSystems = {
{ device = "/dev/disk/by-uuid/e8c9c5a8-4df0-4100-8de6-f08a1a774fad"; "/" = {
device = "/dev/disk/by-uuid/e8c9c5a8-4df0-4100-8de6-f08a1a774fad";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@" ]; options = [ "subvol=@" ];
}; };
"/nix" = {
fileSystems."/nix" = device = "/dev/disk/by-uuid/e8c9c5a8-4df0-4100-8de6-f08a1a774fad";
{ device = "/dev/disk/by-uuid/e8c9c5a8-4df0-4100-8de6-f08a1a774fad";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@nix" ]; options = [ "subvol=@nix" ];
}; };
"/var" = {
fileSystems."/var" = device = "/dev/disk/by-uuid/e8c9c5a8-4df0-4100-8de6-f08a1a774fad";
{ device = "/dev/disk/by-uuid/e8c9c5a8-4df0-4100-8de6-f08a1a774fad";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@var" ]; options = [ "subvol=@var" ];
}; };
"/.snapshots" = {
fileSystems."/.snapshots" = device = "/dev/disk/by-uuid/e8c9c5a8-4df0-4100-8de6-f08a1a774fad";
{ device = "/dev/disk/by-uuid/e8c9c5a8-4df0-4100-8de6-f08a1a774fad";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@snapshots" ]; options = [ "subvol=@snapshots" ];
}; };
"/home" = {
fileSystems."/home" = device = "/dev/disk/by-uuid/e8c9c5a8-4df0-4100-8de6-f08a1a774fad";
{ device = "/dev/disk/by-uuid/e8c9c5a8-4df0-4100-8de6-f08a1a774fad";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@home" ]; options = [ "subvol=@home" ];
}; };
"/boot" = {
fileSystems."/boot" = device = "/dev/disk/by-uuid/1C76-1006";
{ device = "/dev/disk/by-uuid/1C76-1006";
fsType = "vfat"; fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ]; options = [ "fmask=0022" "dmask=0022" ];
}; };
};
swapDevices = swapDevices = [
[ { device = "/dev/disk/by-uuid/54a9cc22-4a2c-4e04-a968-313c34481489"; } { device = "/dev/disk/by-uuid/54a9cc22-4a2c-4e04-a968-313c34481489"; }
]; ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;
# networking.interfaces.wg0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlan0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
} }

View file

@ -1,7 +1,6 @@
{ ... }: { ... }:
{ {
programs.home-manager.enable = true;
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
home.stateVersion = "24.05"; home.stateVersion = "24.05";
} }

Binary file not shown.

After

Width:  |  Height:  |  Size: 1 MiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 406 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 470 KiB

View file

@ -1,7 +1,6 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
home.packages = with pkgs; [ home.packages = with pkgs; [
home-manager
gotop gotop
tcptrack tcptrack
p7zip p7zip

View file

@ -9,6 +9,7 @@
(builtins.readFile ../../../../../hosts/firefly/id_ed25519.pub) (builtins.readFile ../../../../../hosts/firefly/id_ed25519.pub)
(builtins.readFile ../../../../../hosts/cyberspark/id_ed25519.pub) (builtins.readFile ../../../../../hosts/cyberspark/id_ed25519.pub)
(builtins.readFile ../../../../../hosts/shuttleworth/id_ed25519.pub) (builtins.readFile ../../../../../hosts/shuttleworth/id_ed25519.pub)
(builtins.readFile ../../../../../hosts/lacros/id_ed25519.pub)
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJahAoF74BY6GCTsFkt1ADKaraFgJJozW1Y1aBTLK0j9 pixel9" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJahAoF74BY6GCTsFkt1ADKaraFgJJozW1Y1aBTLK0j9 pixel9"
]; ];

View file

@ -33,6 +33,5 @@
hardware.enableRedistributableFirmware = true; hardware.enableRedistributableFirmware = true;
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
system.stateVersion = "24.05"; system.stateVersion = "24.05";
} }

View file

@ -1,4 +1,4 @@
{ lanzaboote, ... }: { lanzaboote, pkgs, ... }:
{ {
imports = [ imports = [
lanzaboote.nixosModules.lanzaboote lanzaboote.nixosModules.lanzaboote
@ -8,4 +8,8 @@
enable = true; enable = true;
pkiBundle = "/etc/secureboot"; pkiBundle = "/etc/secureboot";
}; };
environment.systemPackages = with pkgs; [
sbctl
];
} }

View file

@ -3,6 +3,5 @@
boot.loader.systemd-boot = { boot.loader.systemd-boot = {
enable = true; enable = true;
editor = false; editor = false;
netbootxyz.enable = true;
}; };
} }

View file

@ -0,0 +1,22 @@
{ lib, config, ... }:
{
options.look.colors = lib.mkOption {
type = lib.types.attrs;
default = {};
};
config.look.colors = {
prime = "f4a61f"; #f4a61f
accent = "684820"; #684820
split = "9e8955"; #9e8955
actSplit = "c9ae68"; #c9ae68
dark = "101419"; #101419
mid = "191810"; #191810
light = "332e26"; #332e26
urgent = "C43823"; #C43823
text = "C7D3E3"; #C7D3E3
folder = "orange";
wallpapers = "hillorange";
};
}

View file

@ -12,7 +12,7 @@
actSplit = "754566"; #754566 actSplit = "754566"; #754566
dark = "191016"; #191016 dark = "191016"; #191016
mid = "23171d"; #23171d mid = "23171d"; #23171d
light = "272b33"; #272B33 light = "332926"; #332926
urgent = "C43823"; #C43823 urgent = "C43823"; #C43823
text = "C7D3E3"; #C7D3E3 text = "C7D3E3"; #C7D3E3