From e00a92982099f8d30d685726e97dbde6ed24fd4d Mon Sep 17 00:00:00 2001 From: Johannes Rothe Date: Wed, 1 Jan 2025 22:02:12 +0100 Subject: [PATCH] Add host veil --- flake.nix | 10 ++++++- hosts/lift/configuration.nix | 23 --------------- hosts/lift/default.nix | 1 + hosts/veil/configuration.nix | 19 +++++++++++++ hosts/veil/default.nix | 13 +++++++++ hosts/veil/hardware-configuration.nix | 41 +++++++++++++++++++++++++++ modules/graphical/amdgpu.nix | 6 ++++ modules/graphical/base.nix | 19 ++++++++++--- modules/terminal/base.nix | 2 ++ modules/terminal/user.nix | 10 +++++++ 10 files changed, 116 insertions(+), 28 deletions(-) create mode 100644 hosts/veil/configuration.nix create mode 100644 hosts/veil/default.nix create mode 100644 hosts/veil/hardware-configuration.nix create mode 100644 modules/graphical/amdgpu.nix create mode 100644 modules/terminal/user.nix diff --git a/flake.nix b/flake.nix index 939e503..ca8e8b5 100644 --- a/flake.nix +++ b/flake.nix @@ -36,6 +36,12 @@ ./hosts/lift ]; }; + veil = nixpkgs.lib.nixosSystem { + inherit system; + modules = [ + ./hosts/veil + ]; + }; tien = nixpkgs.lib.nixosSystem { inherit system; modules = [ @@ -58,14 +64,16 @@ inherit ghostty; }; }; - "rothe@johannes-powermachine" = home-manager.lib.homeManagerConfiguration { + "rothe@veil" = home-manager.lib.homeManagerConfiguration { inherit pkgs; modules = [ ./home/terminal + ./home/wayland nixvim.homeManagerModules.nixvim ]; extraSpecialArgs = { mail = nixpkgs.lib.strings.concatStrings ["mail" "@" "johannes-rothe.de"]; + inherit ghostty; }; }; "rothe@pdemu1cml000301" = home-manager.lib.homeManagerConfiguration { diff --git a/hosts/lift/configuration.nix b/hosts/lift/configuration.nix index 3bb1809..1a7da95 100644 --- a/hosts/lift/configuration.nix +++ b/hosts/lift/configuration.nix @@ -26,27 +26,6 @@ # bluetooth hardware.bluetooth.enable = true; - security.rtkit.enable = true; - - # Define a user account. Don't forget to set a password with ‘passwd’. - users.users.rothe = { - isNormalUser = true; - description = "rothe"; - extraGroups = [ "networkmanager" "wheel" "video" "scanner" "lp" "incus-admin" "dialout" ]; - shell = pkgs.fish; - packages = with pkgs; [ - chromium - firefox - logseq - thunderbird - ]; - }; - - nixpkgs.config.permittedInsecurePackages = [ - "electron-27.3.11" - ]; - nixpkgs.config.allowUnfree = true; - environment.systemPackages = with pkgs; [ avrdude cryptsetup @@ -67,9 +46,7 @@ services.passSecretService.enable = true; services.gvfs.enable = true; - services.blueman.enable = true; - services.fwupd.enable = true; networking.nftables = { enable = true; diff --git a/hosts/lift/default.nix b/hosts/lift/default.nix index c0d8ca3..7ff4232 100644 --- a/hosts/lift/default.nix +++ b/hosts/lift/default.nix @@ -4,6 +4,7 @@ ./configuration.nix ./hardware-configuration.nix ../../modules/terminal/base.nix + ../../modules/terminal/user.nix ../../modules/graphical/base.nix ../../modules/graphical/printing.nix ../../modules/graphical/steam.nix diff --git a/hosts/veil/configuration.nix b/hosts/veil/configuration.nix new file mode 100644 index 0000000..e95bbc0 --- /dev/null +++ b/hosts/veil/configuration.nix @@ -0,0 +1,19 @@ +{ ... }: + +{ + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + networking.hostName = "veil"; + + networking.networkmanager.enable = true; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "24.11"; # Did you read the comment? + +} diff --git a/hosts/veil/default.nix b/hosts/veil/default.nix new file mode 100644 index 0000000..d1435d1 --- /dev/null +++ b/hosts/veil/default.nix @@ -0,0 +1,13 @@ +{...}: +{ + imports = [ + ./configuration.nix + ./hardware-configuration.nix + ../../modules/terminal/base.nix + ../../modules/terminal/user.nix + ../../modules/graphical/amdgpu.nix + ../../modules/graphical/base.nix + ../../modules/graphical/printing.nix + ../../modules/graphical/steam.nix + ]; +} diff --git a/hosts/veil/hardware-configuration.nix b/hosts/veil/hardware-configuration.nix new file mode 100644 index 0000000..f6e4199 --- /dev/null +++ b/hosts/veil/hardware-configuration.nix @@ -0,0 +1,41 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/efaa7991-10ec-4c9b-b8e1-f8494f1786f9"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/5DB3-F970"; + fsType = "vfat"; + options = [ "fmask=0077" "dmask=0077" ]; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/4dbfb986-1e81-4fcb-abea-21dd933cf581"; } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp7s0.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp6s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/modules/graphical/amdgpu.nix b/modules/graphical/amdgpu.nix new file mode 100644 index 0000000..ed97457 --- /dev/null +++ b/modules/graphical/amdgpu.nix @@ -0,0 +1,6 @@ +{...}: +{ + boot.initrd.kernelModules = [ "amdgpu" ]; + # for Southern Islands (SI i.e. GCN 1) cards + boot.kernelParams = [ "radeon.si_support=0" "amdgpu.si_support=1" ]; +} diff --git a/modules/graphical/base.nix b/modules/graphical/base.nix index ce3d2e7..dfa09b5 100644 --- a/modules/graphical/base.nix +++ b/modules/graphical/base.nix @@ -5,21 +5,25 @@ environment.systemPackages = with pkgs; [ calibre + chromium dracula-theme - evince - gimp eog - nautilus - simple-scan + evince + firefox + gimp inkscape libreoffice + logseq + nautilus pavucontrol portfolio prusa-slicer pulseaudio signal-desktop + simple-scan spotify syncthing + thunderbird vlc wayshot wdisplays @@ -28,11 +32,18 @@ yt-dlp ]; + # Workaround for logseq + nixpkgs.config.permittedInsecurePackages = [ + "electron-27.3.11" + ]; + programs = { light.enable = true; sway.enable = true; }; + security.rtkit.enable = true; + services = { dbus.enable = true; greetd = { diff --git a/modules/terminal/base.nix b/modules/terminal/base.nix index d6c1d8d..f968df4 100644 --- a/modules/terminal/base.nix +++ b/modules/terminal/base.nix @@ -19,6 +19,7 @@ }; console.keyMap = "de-latin1-nodeadkeys"; + nixpkgs.config.allowUnfree = true; environment.systemPackages = with pkgs; [ bind @@ -45,6 +46,7 @@ }; services = { + fwupd.enable = true; resolved.enable = true; tailscale.enable = true; }; diff --git a/modules/terminal/user.nix b/modules/terminal/user.nix new file mode 100644 index 0000000..d09f706 --- /dev/null +++ b/modules/terminal/user.nix @@ -0,0 +1,10 @@ +{pkgs, ...}: +{ + + users.users.rothe = { + isNormalUser = true; + description = "rothe"; + extraGroups = [ "networkmanager" "wheel" "video" "scanner" "lp" "incus-admin" "dialout" ]; + shell = pkgs.fish; + }; +}