talexander/machine_setup
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Move kernel config to its own role.

Browse Source
This commit is contained in:
Tom Alexander
2026-05-31 02:03:49 -04:00
parent 0fa170c57e
commit 49f75408ae
8 changed files with 214 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
nix/configuration/configuration.nix
View File

@@ -54,6 +54,7 @@ in
./roles/iso_mount
./roles/jujutsu
./roles/kanshi
./roles/kernel
./roles/kodi
./roles/kubernetes
./roles/latex
@@ -139,7 +140,8 @@ in
# Automatic garbage collection
nix.gc = lib.mkIf (!config.me.buildingPortable) {
# Runs nix-collect-garbage --delete-older-than 5d
automatic = true;
# automatic = true;
automatic = false;
persistent = true;
dates = "monthly";
# randomizedDelaySec = "14m";
@@ -235,12 +237,10 @@ in
in
[
(disableTests "deno") # Tests use too much disk space
(final: prev: {
inherit (final.unoptimized)
libtpms
;
})
(disableOptimizations "libtpms")
(disableOptimizationsPython3 "scipy")
(disableOptimizations "assimp")
(disableOptimizations "gsl")
# Works but probably sets python2's scipy to be python3:
#

1
nix/configuration/hosts/odo/default.nix
View File

@@ -110,6 +110,7 @@
me.jujutsu.config = ../../roles/jujutsu/files/jujutsu_config_home.toml;
me.jujutsu.enable = true;
me.kanshi.enable = false;
me.kernel.enable = true;
me.kubernetes.enable = true;
me.latex.enable = true;
me.launch_keyboard.enable = true;

1
nix/configuration/hosts/odowork/default.nix
View File

@@ -111,6 +111,7 @@
me.iso_mount.enable = true;
me.jujutsu.config = ../../roles/jujutsu/files/jujutsu_config_home.toml;
me.jujutsu.enable = true;
me.kernel.enable = true;
me.latex.enable = true;
me.launch_keyboard.enable = true;
me.lvfs.enable = true;

1
nix/configuration/hosts/quark/default.nix
View File

@@ -104,6 +104,7 @@
me.jujutsu.config = ../../roles/jujutsu/files/jujutsu_config_home.toml;
me.jujutsu.enable = true;
me.kanshi.enable = false;
me.kernel.enable = true;
me.kubernetes.enable = true;
me.latex.enable = true;
me.launch_keyboard.enable = true;

11
nix/configuration/roles/firewall/default.nix
View File

@@ -24,7 +24,16 @@
networking.firewall.allowedUDPPorts = [
5353 # mDNS
];
# networking.firewall.enable = true;
# networking.nftables.enable = true;
# Or disable the firewall altogether.
# networking.firewall.enable = false;
networking.firewall.enable = false;
# Debugging
# networking.firewall.logRefusedConnections = true;
# networking.firewall.logRefusedPackets = true;
# networking.firewall.logReversePathDrops = true;
};
}

194
nix/configuration/roles/kernel/default.nix Normal file
View File

@@ -0,0 +1,194 @@
# Check current config:
# nix build '/persist/machine_setup/nix/configuration#nixosConfigurations.hydra.pkgs.linux_me.configfile'
# cat $(nix eval --raw '/persist/machine_setup/nix/configuration#nixosConfigurations.hydra.pkgs.linux_me.configfile') | less
{
config,
lib,
pkgs,
...
}:
let
preemption_type = with lib.kernel; {
full = {
PREEMPT_DYNAMIC = yes;
PREEMPT = yes;
PREEMPT_VOLUNTARY = lib.mkForce no;
PREEMPT_LAZY = lib.mkForce no;
PREEMPT_NONE = no;
};
lazy = {
PREEMPT_DYNAMIC = yes;
PREEMPT = no;
PREEMPT_VOLUNTARY = lib.mkForce no;
PREEMPT_LAZY = yes;
PREEMPT_NONE = no;
};
voluntary = {
PREEMPT_DYNAMIC = no;
PREEMPT = no;
PREEMPT_VOLUNTARY = yes;
PREEMPT_LAZY = lib.mkForce no;
PREEMPT_NONE = no;
};
none = {
PREEMPT_DYNAMIC = no;
PREEMPT = no;
PREEMPT_VOLUNTARY = lib.mkForce no;
PREEMPT_LAZY = lib.mkForce no;
PREEMPT_NONE = yes;
};
};
tick_hz =
with lib.kernel;
{
"1000" = {
HZ_1000 = yes;
HZ = freeform "1000";
};
}
// lib.genAttrs [ "100" "250" "300" "500" "600" "750" ] (hz: {
HZ_1000 = no;
"HZ_${hz}" = yes;
HZ = freeform hz;
});
performance_governor = with lib.kernel; {
default = {
CPU_FREQ_DEFAULT_GOV_SCHEDUTIL = yes;
};
performance = {
CPU_FREQ_DEFAULT_GOV_SCHEDUTIL = no;
CPU_FREQ_DEFAULT_GOV_PERFORMANCE = yes;
};
};
tick_rate = with lib.kernel; {
# Always tick at the hz frequency.
periodic = {
NO_HZ_IDLE = no;
NO_HZ_FULL = no;
NO_HZ = no;
NO_HZ_COMMON = no;
HZ_PERIODIC = yes;
};
# Idle - Do not disturb the CPU when idle. This can save power but increase latency.
idle = {
HZ_PERIODIC = no;
NO_HZ_FULL = no;
NO_HZ_IDLE = yes;
NO_HZ = yes;
NO_HZ_COMMON = yes;
};
# Full dyntick system (tickless) - The kernel tries to shut down the tick whenever possible.
tickless = {
HZ_PERIODIC = no;
NO_HZ_IDLE = no;
NO_HZ_FULL = yes;
NO_HZ = yes;
NO_HZ_COMMON = yes;
CONTEXT_TRACKING = yes;
};
};
huge_page = with lib.kernel; {
always = {
TRANSPARENT_HUGEPAGE_MADVISE = no;
TRANSPARENT_HUGEPAGE_ALWAYS = yes;
};
madvise = {
TRANSPARENT_HUGEPAGE_ALWAYS = no;
TRANSPARENT_HUGEPAGE_MADVISE = yes;
};
};
common_config =
with lib.kernel;
{
# Google's BBRv3 TCP congestion Control
TCP_CONG_BBR = yes;
DEFAULT_BBR = yes;
};
flavors = {
server = lib.mkMerge [
preemption_type.none
tick_hz."300"
performance_governor.default
tick_rate.tickless
huge_page.madvise
];
interactive =
with lib.kernel;
lib.mkMerge [
{
# Enable RCU Lazy - Reduces power consumption when idle or lightly loaded. Useful for battery-powered devices like laptops.
RCU_LAZY = yes;
}
preemption_type.lazy
tick_hz."300"
performance_governor.default
tick_rate.tickless
huge_page.madvise
];
};
in
{
imports = [ ];
options.me = {
kernel.enable = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = "Whether we want to install kernel.";
};
kernel.version = lib.mkOption {
type = lib.types.str;
default = "linux"; # LTS
example = "linux_6_18";
description = "What version of the kernl should we use.";
};
kernel.flavor = lib.mkOption {
type = lib.types.str;
default = "interactive";
example = "server";
description = "What type of kernel should be built.";
};
};
config = lib.mkIf config.me.kernel.enable (
lib.mkMerge [
{
boot.kernelPackages = pkgs.linuxPackagesFor pkgs.linux_me;
}
(lib.mkIf (!config.me.optimizations.enable) {
nixpkgs.overlays = [
(final: prev: {
linux_me = final."${config.me.kernel.version}";
})
];
})
(lib.mkIf (config.me.optimizations.enable) {
nixpkgs.overlays = [
(
final: prev:
let
addConfig =
additionalConfig: pkg:
pkg.override (oldconfig: {
structuredExtraConfig = lib.mkMerge ([ pkg.structuredExtraConfig ] ++ additionalConfig);
# stdenv = pkgs.llvmPackages_latest.stdenv;
# stdenv = pkgs.clangStdenv;
});
in
{
linux_me = addConfig ([
common_config
flavors."${config.me.kernel.flavor}"
]) final."${config.me.kernel.version}";
}
)
];
})
]
);
}

1
nix/configuration/roles/minimal_base/default.nix
View File

@@ -19,6 +19,7 @@
config = lib.mkIf config.me.minimal_base.enable {
me.doas.enable = true;
me.kernel.enable = true;
me.network.enable = true;
me.nvme.enable = true;
me.ssh.enable = true;

59
nix/configuration/roles/optimized_build/default.nix
View File

@@ -1,7 +1,6 @@
{
config,
lib,
pkgs,
...
}:
@@ -49,71 +48,13 @@
};
config = lib.mkMerge [
(lib.mkIf (!config.me.optimizations.enable) (
lib.mkMerge [
{
boot.kernelPackages = pkgs.linuxPackagesFor pkgs.linux_6_18;
# boot.kernelPackages = pkgs.linuxPackagesFor pkgs.linux;
}
]
))
(lib.mkIf config.me.optimizations.enable (
lib.mkMerge [
{
boot.kernelPackages = pkgs.linuxPackagesFor pkgs.linux_me;
nixpkgs.hostPlatform = {
gcc.arch = config.me.optimizations.arch;
gcc.tune = config.me.optimizations.arch;
};
nixpkgs.overlays = [
(
final: prev:
let
addConfig =
additionalConfig: pkg:
pkg.override (oldconfig: {
structuredExtraConfig = pkg.structuredExtraConfig // additionalConfig;
});
in
{
linux_me = addConfig {
# Server | No preemption - Run until the next tick. Highest throughput but can cause stutter.
# PREEMPT = lib.mkOverride 60 lib.kernel.no;
# Desktop | Preempt kernel threads only at pre-defined places that call cond_resched().
PREEMPT_VOLUNTARY = lib.mkOverride 60 lib.kernel.no;
# Low-latency desktop | Full preemption - Kernel threads can be preempted unless they hold a spinlock or are in a no-preemption section.
PREEMPT = lib.mkOverride 60 lib.kernel.yes;
# RT - All kernel code is preemptible except for a few critical sections.
# Middle ground | Real-time tasks preempt immediately like FULL, normal tasks run until the next tick.
PREEMPT_LAZY = lib.mkOverride 90 lib.kernel.no;
# Google's BBRv3 TCP congestion Control
TCP_CONG_BBR = lib.kernel.yes;
DEFAULT_BBR = lib.kernel.yes;
# Preemptive Full Tickless Kernel at 300Hz
HZ = lib.kernel.freeform "300";
HZ_300 = lib.kernel.yes;
HZ_1000 = lib.kernel.no;
} prev.linux_6_18; # or prev.linux
}
)
(final: prev: {
inherit (final.unoptimized)
assimp
binaryen
gsl
rapidjson
ffmpeg-headless
ffmpeg
pipewire
chromaprint
gtkmm
;
})
];
}
]
))