talexander/machine_setup
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

base: talexander:upstream_amd_debug_tools
Branches Tags
talexander:main talexander:kubernetes talexander:nix talexander:mt7927 talexander:yubipi talexander:upstream_amd_debug_tools talexander:install_files_mixin talexander:starship talexander:pixelbook
..
compare: talexander:starship
Branches Tags
talexander:kubernetes talexander:nix talexander:mt7927 talexander:main talexander:yubipi talexander:upstream_amd_debug_tools talexander:install_files_mixin talexander:starship talexander:pixelbook

3 Commits
upstream_a ... starship

Author SHA1 Message Date
Tom Alexander
9513882870 Still not working. 2025-01-27 20:38:45 -05:00
Tom Alexander
71a6843b37 Same issue with package based on 2ship2harkinian. 2025-01-27 19:26:38 -05:00
Tom Alexander
7d9d1ca80e Add a package for starship (Star Fox 64). 2025-01-27 19:26:38 -05:00
171 changed files with 999 additions and 33391 deletions
Expand all files Collapse all files

1
ansible/roles/base/files/gitconfig_home
View File

@@ -8,7 +8,6 @@
lg = log --color --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit
bh = log --oneline --branches=* --remotes=* --graph --decorate
amend = commit --amend --no-edit
authorcount = shortlog --summary --numbered --all --no-merges
[core]
excludesfile = ~/.gitignore_global
[commit]

1
ansible/roles/base/files/gitconfig_work
View File

@@ -8,7 +8,6 @@
lg = log --color --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit
bh = log --oneline --branches=* --remotes=* --graph --decorate
amend = commit --amend --no-edit
authorcount = shortlog --summary --numbered --all --no-merges
[core]
excludesfile = ~/.gitignore_global
[commit]

1
nix/configuration/.gitignore vendored
View File

@@ -1 +0,0 @@
result

143
nix/configuration/configuration.nix
View File

@@ -2,81 +2,67 @@
config,
lib,
pkgs,
home-manager,
...
}:
{
imports = [
./roles/2ship2harkinian
./roles/alacritty
./roles/amd_s2idle
./roles/ansible
./roles/ares
./roles/bluetooth
./roles/boot
./roles/chromecast
./roles/chromium
./roles/d2
./roles/direnv
./roles/distributed_build
./roles/docker
./roles/ecc
./roles/emacs
./roles/firefox
./roles/firewall
./roles/flux
./roles/fonts
./roles/gcloud
./roles/git
./roles/reset
./roles/global_options
./roles/gnuplot
./roles/gpg
./roles/graphics
./roles/hydra
./util/unfree_polyfill
./roles/iso
./roles/iso_mount
"${
builtins.fetchTarball {
url = "https://github.com/nix-community/disko/archive/refs/tags/v1.9.0.tar.gz";
sha256 = "0j76ar4qz320fakdii4659w5lww8wiz6yb7g47npywqvf2lbp388";
}
}/module.nix"
./roles/boot
./roles/zfs
./roles/network
./roles/firewall
./roles/zsh
./roles/zrepl
./roles/graphics
./roles/sound
./roles/sway
./roles/kanshi
./roles/kodi
./roles/alacritty
./roles/firefox
./roles/chromium
./roles/emacs
./roles/git
./roles/fonts
./roles/gpg
./roles/waybar
./roles/qemu
./roles/wireguard
./roles/ares
./roles/ssh
./roles/python
./roles/docker
./roles/kubernetes
./roles/rust
./roles/media
./roles/steam
./roles/latex
./roles/launch_keyboard
./roles/lvfs
./roles/media
./roles/memtest86
./roles/network
./roles/nix_index
./roles/nix_worker
./roles/nvme
./roles/optimized_build
./roles/pcsx2
./roles/python
./roles/qemu
./roles/reset
./roles/rpcs3
./roles/rust
./roles/shadps4
./roles/shikane
./roles/shipwright
./roles/sm64ex
./roles/sops
./roles/sound
./roles/ssh
./roles/steam
./roles/steam_run_free
./roles/sway
./roles/tekton
./roles/terraform
./roles/thunderbolt
./roles/vnc_client
./roles/vscode
./roles/wasm
./roles/waybar
./roles/wireguard
./roles/zfs
./roles/zrepl
./roles/zsh
./util/install_files
./util/unfree_polyfill
./roles/vnc_client
./roles/chromecast
./roles/memtest86
./roles/kodi
./roles/ansible
./roles/bluetooth
./roles/sm64ex
./roles/shipwright
./roles/2ship2harkinian
./roles/nix_index
];
nix.settings.experimental-features = [
@@ -88,19 +74,6 @@
# boot.kernelPackages = pkgs.linuxPackages_6_11;
hardware.enableRedistributableFirmware = true;
# Use nixos-rebuild-ng
# system.rebuild.enableNg = true;
# Keep outputs so we can build offline.
nix.extraOptions = ''
keep-outputs = true
keep-derivations = true
'';
# Technically only needed when building the ISO because nix detects ZFS in the filesystem list normally. I basically always want this so I'm just setting it to always be on.
boot.supportedFilesystems.zfs = true;
# TODO: Is this different from boot.supportedFilesystems = [ "zfs" ]; ?
services.getty = {
autologinUser = "talexander"; # I use full disk encryption so the user password is irrelevant.
autologinOnce = true;
@@ -124,14 +97,25 @@
];
};
users.groups.talexander.gid = 11235;
home-manager.users.talexander =
{ pkgs, ... }:
{
home.packages = [
pkgs.atool
pkgs.httpie
];
programs.bash.enable = true;
# The state version is required and should stay at the version you
# originally installed.
home.stateVersion = "24.11";
};
# Automatic garbage collection
nix.gc = lib.mkIf (!config.me.buildingIso) {
# Runs nix-collect-garbage --delete-older-than 5d
automatic = true;
persistent = true;
dates = "monthly";
# randomizedDelaySec = "14m";
randomizedDelaySec = "14m";
options = "--delete-older-than 30d";
};
nix.settings.auto-optimise-store = !config.me.buildingIso;
@@ -160,7 +144,7 @@
pciutils # for lspci
ripgrep
strace
# ltrace # Disabled because it uses more than 48GB of /tmp space during test phase.
ltrace
trace-cmd # ftrace
tcpdump
git-crypt
@@ -168,13 +152,6 @@
ncdu
nix-tree
libarchive # bsdtar
lsof
doas-sudo-shim # To support --use-remote-sudo for remote builds
dmidecode # Read SMBIOS information.
ipcalc
gptfdisk # for cgdisk
nix-output-monitor # For better view into nixos-rebuild
nix-serve-ng # Serve nix store over http
];
services.openssh = {

111
nix/configuration/flake.lock generated
View File

@@ -8,14 +8,15 @@
]
},
"locked": {
"lastModified": 1,
"narHash": "sha256-c4Ds4E/10Zj5AQLuJ3JvJTuDK8o2WjVXLcIL7eyhTfw=",
"path": "flakes/ansible-sshjail",
"type": "path"
},
"original": {
"path": "flakes/ansible-sshjail",
"type": "path"
},
"parent": []
}
},
"crane": {
"locked": {
@@ -32,26 +33,6 @@
"type": "github"
}
},
"disko": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1758160037,
"narHash": "sha256-fXelTdjdILspZ1IUU9aICB1+PXwSFiF8j+7ujwo1VpQ=",
"owner": "nix-community",
"repo": "disko",
"rev": "4f554162fff88e77655073d352eec0cea71103a2",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "disko",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
@@ -147,6 +128,26 @@
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1737762889,
"narHash": "sha256-5HGG09bh/Yx0JA8wtBMAzt0HMCL1bYZ93x4IqzVExio=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "daf04c5950b676f47a794300657f1d3d14c1a120",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"impermanence": {
"locked": {
"lastModified": 1737831083,
@@ -190,33 +191,33 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1758242085,
"narHash": "sha256-hnrtEiy8qLMskZr0FBp0vbtMJ9xA4HvDdzuFRLxRiFg=",
"ref": "og-amd-debug-tools",
"rev": "7b0f433195e299008850d16e85a862177419cef6",
"revCount": 862645,
"type": "git",
"url": "https://github.com/tomalexander/nixpkgs.git"
},
"original": {
"ref": "og-amd-debug-tools",
"type": "git",
"url": "https://github.com/tomalexander/nixpkgs.git"
}
},
"nixpkgs-dda3dcd3f": {
"locked": {
"lastModified": 1746663147,
"narHash": "sha256-Ua0drDHawlzNqJnclTJGf87dBmaO/tn7iZ+TCkTRpRc=",
"lastModified": 1737885589,
"narHash": "sha256-Zf0hSrtzaM1DEz8//+Xs51k/wdSajticVrATqDrfQjg=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "dda3dcd3fe03e991015e9a74b22d35950f264a54",
"rev": "852ff1d9e153d8875a83602e03fdef8a63f0ecf8",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-b93b4e9b5": {
"locked": {
"lastModified": 1713721570,
"narHash": "sha256-R0s+O5UjTePQRb72XPgtkTmEiOOW8n+1q9Gxt/OJnKU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "b93b4e9b527904aadf52dba6ca35efde2067cbd4",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "dda3dcd3fe03e991015e9a74b22d35950f264a54",
"rev": "b93b4e9b527904aadf52dba6ca35efde2067cbd4",
"type": "github"
}
},
@@ -236,22 +237,6 @@
"type": "github"
}
},
"nixpkgs-unoptimized": {
"locked": {
"lastModified": 1758242085,
"narHash": "sha256-hnrtEiy8qLMskZr0FBp0vbtMJ9xA4HvDdzuFRLxRiFg=",
"ref": "og-amd-debug-tools",
"rev": "7b0f433195e299008850d16e85a862177419cef6",
"revCount": 862645,
"type": "git",
"url": "https://github.com/tomalexander/nixpkgs.git"
},
"original": {
"ref": "og-amd-debug-tools",
"type": "git",
"url": "https://github.com/tomalexander/nixpkgs.git"
}
},
"pre-commit-hooks-nix": {
"inputs": {
"flake-compat": [
@@ -282,12 +267,11 @@
"root": {
"inputs": {
"ansible-sshjail": "ansible-sshjail",
"disko": "disko",
"home-manager": "home-manager",
"impermanence": "impermanence",
"lanzaboote": "lanzaboote",
"nixpkgs": "nixpkgs",
"nixpkgs-dda3dcd3f": "nixpkgs-dda3dcd3f",
"nixpkgs-unoptimized": "nixpkgs-unoptimized",
"nixpkgs-b93b4e9b5": "nixpkgs-b93b4e9b5",
"zsh-histdb": "zsh-histdb"
}
},
@@ -350,14 +334,15 @@
]
},
"locked": {
"lastModified": 1,
"narHash": "sha256-5DWw7GnwVZ98HUp/UUJcyUmmy9Bh/mcQB8MQQ0t3ZRo=",
"path": "flakes/zsh-histdb",
"type": "path"
},
"original": {
"path": "flakes/zsh-histdb",
"type": "path"
},
"parent": []
}
}
},
"root": "root",

229
nix/configuration/flake.nix
View File

@@ -3,7 +3,7 @@
# output: result/iso/nixos.iso
# Run the ISO image
# doas "$(nix-build '<nixpkgs>' --no-out-link -A 'qemu')/bin/qemu-system-x86_64" \
# "$(nix-build '<nixpkgs>' --no-out-link -A 'qemu')/bin/qemu-system-x86_64" \
# -accel kvm \
# -cpu host \
# -smp cores=8 \
@@ -12,7 +12,7 @@
# -drive if=pflash,format=raw,file="/tmp/OVMF_VARS.fd" \
# -nic user,hostfwd=tcp::60022-:22 \
# -boot order=d \
# -cdrom "$(readlink -f ./result/iso/nixos*.iso)" \
# -cdrom "$(readlink -f ./result/iso/nixos.iso)" \
# -display vnc=127.0.0.1:0
#
# doas cp "$(nix-build '<nixpkgs>' --no-out-link -A 'OVMF.fd')/FV/OVMF_VARS.fd" /tmp/OVMF_VARS.fd
@@ -25,28 +25,15 @@
# iso.odo.isoName == "nixos.iso"
# full path = <outPath> / iso / <isoName>
#
# Install on a new machine:
#
#
# doas nix --substituters "http://10.0.2.2:8080?trusted=1 https://cache.nixos.org/" --experimental-features "nix-command flakes" run github:nix-community/disko/latest -- --mode destroy,format,mount hosts/odo/disk-config.nix
# nix flake update zsh-histdb --flake .
# nix flake update ansible-sshjail --flake .
# for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
# nixos-install --substituters "http://10.0.2.2:8080?trusted=1 https://cache.nixos.org/" --flake ".#vm_ionlybootzfs"
#
{
description = "My system configuration";
inputs = {
impermanence.url = "github:nix-community/impermanence";
# nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
# nixpkgs.url = "github:tomalexander/nixpkgs/amd-debug-tools";
nixpkgs.url = "git+https://github.com/tomalexander/nixpkgs.git?ref=og-amd-debug-tools";
nixpkgs-dda3dcd3f.url = "github:NixOS/nixpkgs/dda3dcd3fe03e991015e9a74b22d35950f264a54";
nixpkgs-unoptimized.url = "git+https://github.com/tomalexander/nixpkgs.git?ref=og-amd-debug-tools";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
nixpkgs-b93b4e9b5.url = "github:NixOS/nixpkgs/b93b4e9b527904aadf52dba6ca35efde2067cbd4";
home-manager.url = "github:nix-community/home-manager";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
lanzaboote = {
url = "github:nix-community/lanzaboote/v0.4.2";
@@ -65,19 +52,15 @@
# Optional but recommended to limit the size of your system closure.
inputs.nixpkgs.follows = "nixpkgs";
};
disko = {
url = "github:nix-community/disko";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs =
{
self,
nixpkgs,
nixpkgs-unoptimized,
nixpkgs-dda3dcd3f,
nixpkgs-b93b4e9b5,
impermanence,
home-manager,
lanzaboote,
zsh-histdb,
ansible-sshjail,
@@ -87,19 +70,18 @@
base_x86_64_linux = rec {
system = "x86_64-linux";
specialArgs = {
pkgs-dda3dcd3f = import nixpkgs-dda3dcd3f {
pkgs-b93b4e9b5 = import nixpkgs-b93b4e9b5 {
inherit system;
};
pkgs-unoptimized = import nixpkgs-unoptimized {
inherit system;
hostPlatform.gcc.arch = "default";
hostPlatform.gcc.tune = "default";
};
};
modules = [
impermanence.nixosModules.impermanence
home-manager.nixosModules.home-manager
lanzaboote.nixosModules.lanzaboote
inputs.disko.nixosModules.disko
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
}
{
nixpkgs.overlays = [
zsh-histdb.overlays.default
@@ -109,158 +91,63 @@
./configuration.nix
];
};
systems =
let
additional_iso_modules = [
(nixpkgs + "/nixos/modules/installer/cd-dvd/iso-image.nix")
# TODO: Figure out how to do image based appliances
# (nixpkgs + "/nixos/modules/profiles/image-based-appliance.nix")
{
isoImage.makeEfiBootable = true;
isoImage.makeUsbBootable = true;
me.buildingIso = true;
me.optimizations.enable = nixpkgs.lib.mkForce false;
}
{
# These are big space hogs. The chance that I need them on an ISO is slim.
me.steam.enable = nixpkgs.lib.mkForce false;
me.pcsx2.enable = nixpkgs.lib.mkForce false;
}
];
additional_vm_modules = [
(nixpkgs + "/nixos/modules/profiles/qemu-guest.nix")
{
networking.dhcpcd.enable = true;
networking.useDHCP = true;
me.optimizations.enable = nixpkgs.lib.mkForce false;
}
{
# I don't need games on a virtual machine.
me.steam.enable = nixpkgs.lib.mkForce false;
me.pcsx2.enable = nixpkgs.lib.mkForce false;
me.sm64ex.enable = nixpkgs.lib.mkForce false;
me.shipwright.enable = nixpkgs.lib.mkForce false;
me.ship2harkinian.enable = nixpkgs.lib.mkForce false;
}
];
in
{
odo = rec {
main = base_x86_64_linux // {
systems = {
odo = {
main = nixpkgs.lib.nixosSystem (
base_x86_64_linux
// {
modules = base_x86_64_linux.modules ++ [
./hosts/odo
];
};
iso = main // {
modules = main.modules ++ additional_iso_modules;
};
vm = main // {
modules = main.modules ++ additional_vm_modules;
};
vm_iso = main // {
modules = main.modules ++ additional_vm_modules ++ additional_iso_modules;
};
};
quark = rec {
main = base_x86_64_linux // {
}
);
iso = nixpkgs.lib.nixosSystem (
base_x86_64_linux
// {
modules = base_x86_64_linux.modules ++ [
./hosts/quark
./hosts/odo
(nixpkgs + "/nixos/modules/installer/cd-dvd/iso-image.nix")
# TODO: Figure out how to do image based appliances
# (nixpkgs + "/nixos/modules/profiles/image-based-appliance.nix")
{
isoImage.makeEfiBootable = true;
isoImage.makeUsbBootable = true;
me.buildingIso = true;
}
];
};
iso = main // {
modules = main.modules ++ additional_iso_modules;
};
vm = main // {
modules = main.modules ++ additional_vm_modules;
};
vm_iso = main // {
modules = main.modules ++ additional_vm_modules ++ additional_iso_modules;
};
};
neelix = rec {
main = base_x86_64_linux // {
}
);
};
neelix = {
main = nixpkgs.lib.nixosSystem (
base_x86_64_linux
// {
modules = base_x86_64_linux.modules ++ [
./hosts/neelix
];
};
iso = main // {
modules = main.modules ++ additional_iso_modules;
};
vm = main // {
modules = main.modules ++ additional_vm_modules;
};
vm_iso = main // {
modules = main.modules ++ additional_vm_modules ++ additional_iso_modules;
};
};
hydra =
let
additional_iso_modules = additional_iso_modules ++ [
}
);
iso = nixpkgs.lib.nixosSystem (
base_x86_64_linux
// {
modules = base_x86_64_linux.modules ++ [
./hosts/neelix
(nixpkgs + "/nixos/modules/installer/cd-dvd/iso-image.nix")
{
me.optimizations.enable = true;
isoImage.makeEfiBootable = true;
isoImage.makeUsbBootable = true;
me.buildingIso = true;
}
];
in
rec {
main = base_x86_64_linux // {
modules = base_x86_64_linux.modules ++ [
./hosts/hydra
];
};
iso = main // {
modules = main.modules ++ additional_iso_modules;
};
vm = main // {
modules = main.modules ++ additional_vm_modules;
};
vm_iso = main // {
modules = main.modules ++ additional_vm_modules ++ additional_iso_modules;
};
};
ionlybootzfs = rec {
main = base_x86_64_linux // {
modules = base_x86_64_linux.modules ++ [
./hosts/ionlybootzfs
];
};
iso = main // {
modules = main.modules ++ additional_iso_modules;
};
vm = main // {
modules = main.modules ++ additional_vm_modules;
};
vm_iso = main // {
modules = main.modules ++ additional_vm_modules ++ additional_iso_modules;
};
};
}
);
};
};
in
{
nixosConfigurations.odo = nixpkgs.lib.nixosSystem systems.odo.main;
iso.odo = (nixpkgs.lib.nixosSystem systems.odo.iso).config.system.build.isoImage;
nixosConfigurations.vm_odo = nixpkgs.lib.nixosSystem systems.odo.vm;
vm_iso.odo = (nixpkgs.lib.nixosSystem systems.odo.vm_iso).config.system.build.isoImage;
nixosConfigurations.quark = nixpkgs.lib.nixosSystem systems.quark.main;
iso.quark = (nixpkgs.lib.nixosSystem systems.quark.iso).config.system.build.isoImage;
nixosConfigurations.vm_quark = nixpkgs.lib.nixosSystem systems.quark.vm;
vm_iso.quark = (nixpkgs.lib.nixosSystem systems.quark.vm_iso).config.system.build.isoImage;
nixosConfigurations.neelix = nixpkgs.lib.nixosSystem systems.neelix.main;
iso.neelix = (nixpkgs.lib.nixosSystem systems.neelix.iso).config.system.build.isoImage;
nixosConfigurations.vm_neelix = nixpkgs.lib.nixosSystem systems.neelix.vm;
vm_iso.neelix = (nixpkgs.lib.nixosSystem systems.neelix.vm_iso).config.system.build.isoImage;
nixosConfigurations.hydra = nixpkgs.lib.nixosSystem systems.hydra.main;
iso.hydra = (nixpkgs.lib.nixosSystem systems.hydra.iso).config.system.build.isoImage;
nixosConfigurations.vm_hydra = nixpkgs.lib.nixosSystem systems.hydra.vm;
vm_iso.hydra = (nixpkgs.lib.nixosSystem systems.hydra.vm_iso).config.system.build.isoImage;
nixosConfigurations.ionlybootzfs = nixpkgs.lib.nixosSystem systems.ionlybootzfs.main;
iso.ionlybootzfs = (nixpkgs.lib.nixosSystem systems.ionlybootzfs.iso).config.system.build.isoImage;
nixosConfigurations.vm_ionlybootzfs = nixpkgs.lib.nixosSystem systems.ionlybootzfs.vm;
vm_iso.ionlybootzfs =
(nixpkgs.lib.nixosSystem systems.ionlybootzfs.vm_iso).config.system.build.isoImage;
nixosConfigurations.odo = systems.odo.main;
iso.odo = systems.odo.iso.config.system.build.isoImage;
nixosConfigurations.neelix = systems.neelix.main;
iso.neelix = systems.neelix.iso.config.system.build.isoImage;
};
}

61
nix/configuration/flakes/starship-game/flake.lock generated Normal file
View File

@@ -0,0 +1,61 @@
{
"nodes": {
"flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1735141468,
"narHash": "sha256-VIAjBr1qGcEbmhLwQJD6TABppPMggzOvqFsqkDoMsAY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "4005c3ff7505313cbc21081776ad0ce5dfd7a3ce",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.11",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs"
}
},
"systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

34
nix/configuration/flakes/starship-game/flake.nix Normal file
View File

@@ -0,0 +1,34 @@
{
description = "A slightly better history for zsh";
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11";
inputs.flake-utils.url = "github:numtide/flake-utils";
outputs =
{
self,
nixpkgs,
flake-utils,
...
}:
let
out =
system:
let
pkgs = nixpkgs.legacyPackages.${system};
# Maybe pkgs = import nixpkgs { inherit system; }; ?
appliedOverlay = self.overlays.default pkgs pkgs;
in
{
packages = rec {
default = starship-game;
starship-game = appliedOverlay.starship-game;
};
};
in
flake-utils.lib.eachDefaultSystem out
// {
overlays.default = final: prev: {
starship-game = final.callPackage ./package.nix { };
};
};
}

261
nix/configuration/flakes/starship-game/package.nix Normal file
View File

@@ -0,0 +1,261 @@
{
lib,
stdenv,
SDL2,
cmake,
copyDesktopItems,
fetchFromGitHub,
fetchpatch,
fetchurl,
imagemagick,
imgui,
libpng,
libpulseaudio,
libzip,
lsb-release,
makeDesktopItem,
makeWrapper,
ninja,
nlohmann_json,
pkg-config,
python3,
spdlog,
stormlib,
tinyxml-2,
writeTextFile,
zenity,
}:
let
# This would get fetched at build time otherwise, see:
# https://github.com/HarbourMasters/2ship2harkinian/blob/1.0.2/mm/CMakeLists.txt#L708
gamecontrollerdb = fetchurl {
name = "gamecontrollerdb.txt";
url = "https://raw.githubusercontent.com/gabomdq/SDL_GameControllerDB/b1759cf84028aab89caa1c395e198c340b8dfd89/gamecontrollerdb.txt";
hash = "sha256-7C5EkqBIhLGNJuhi3832y0ffW5Ep7iuTYXb1bL5h2Js=";
};
# 2ship needs a specific imgui version
imgui' = imgui.overrideAttrs rec {
version = "1.90.6";
src = fetchFromGitHub {
owner = "ocornut";
repo = "imgui";
rev = "v${version}-docking";
hash = "sha256-Y8lZb1cLJF48sbuxQ3vXq6GLru/WThR78pq7LlORIzc=";
};
};
libgfxd = fetchFromGitHub {
owner = "glankk";
repo = "libgfxd";
rev = "96fd3b849f38b3a7c7b7f3ff03c5921d328e6cdf";
hash = "sha256-dedZuV0BxU6goT+rPvrofYqTz9pTA/f6eQcsvpDWdvQ=";
};
yaml_cpp = fetchFromGitHub {
owner = "jbeder";
repo = "yaml-cpp";
rev = "f7320141120f720aecc4c32be25586e7da9eb978";
hash = "sha256-J87oS6Az1/vNdyXu3L7KmUGWzU0IAkGrGMUUha+xDXI=";
};
# spdlog = fetchFromGitHub {
# owner = "gabime";
# repo = "spdlog";
# rev = "7e635fca68d014934b4af8a1cf874f63989352b7";
# hash = "sha256-cxTaOuLXHRU8xMz9gluYz0a93O0ez2xOxbloyc1m1ns=";
# };
# stb_impl = writeTextFile {
# name = "stb_impl.c";
# text = ''
# #define STB_IMAGE_IMPLEMENTATION
# #include "stb_image.h"
# '';
# };
# stb' = fetchurl {
# name = "stb_image.h";
# url = "https://raw.githubusercontent.com/nothings/stb/0bc88af4de5fb022db643c2d8e549a0927749354/stb_image.h";
# hash = "sha256-xUsVponmofMsdeLsI6+kQuPg436JS3PBl00IZ5sg3Vw=";
# };
# Apply 2ship's patch for stormlib
stormlib' = stormlib.overrideAttrs (prev: rec {
version = "9.25";
src = fetchFromGitHub {
owner = "ladislav-zezula";
repo = "StormLib";
rev = "v${version}";
hash = "sha256-HTi2FKzKCbRaP13XERUmHkJgw8IfKaRJvsK3+YxFFdc=";
};
nativeBuildInputs = prev.nativeBuildInputs ++ [ pkg-config ];
patches = (prev.patches or [ ]) ++ [
(fetchpatch {
name = "stormlib-optimizations.patch";
url = "https://github.com/briaguya-ai/StormLib/commit/ff338b230544f8b2bb68d2fbe075175ed2fd758c.patch";
hash = "sha256-Jbnsu5E6PkBifcx/yULMVC//ab7tszYgktS09Azs5+4=";
})
];
});
thread_pool = fetchFromGitHub {
owner = "bshoshany";
repo = "thread-pool";
rev = "v4.1.0";
hash = "sha256-zhRFEmPYNFLqQCfvdAaG5VBNle9Qm8FepIIIrT9sh88=";
};
in
stdenv.mkDerivation (finalAttrs: {
pname = "starship-game";
version = "v1.0.0";
src = fetchFromGitHub {
owner = "HarbourMasters";
repo = "starship";
# rev = "5e5e49da93e066f51c3010ba38f09331d866f2db";
tag = finalAttrs.version;
hash = "sha256-kaLLlLuonqE2DJcRlWR4tCEBNjwIYFlzeDLcYsvMO7I=";
fetchSubmodules = true;
};
# patches = [
# # remove fetching stb as we will patch our own
# ./0001-deps.patch
# ];
nativeBuildInputs = [
cmake
copyDesktopItems
imagemagick
lsb-release
makeWrapper
ninja
pkg-config
python3
];
buildInputs = [
SDL2
imgui'
libpng
libpulseaudio
libzip
nlohmann_json
spdlog
stormlib'
tinyxml-2
zenity
];
cmakeFlags = [
(lib.cmakeBool "NON_PORTABLE" true)
(lib.cmakeFeature "CMAKE_INSTALL_PREFIX" "${placeholder "out"}/starship-game")
(lib.cmakeFeature "FETCHCONTENT_SOURCE_DIR_IMGUI" "${imgui'.src}")
(lib.cmakeFeature "FETCHCONTENT_SOURCE_DIR_LIBGFXD" "${libgfxd}")
(lib.cmakeFeature "FETCHCONTENT_SOURCE_DIR_STORMLIB" "${stormlib'}")
(lib.cmakeFeature "FETCHCONTENT_SOURCE_DIR_THREADPOOL" "${thread_pool}")
];
dontAddPrefix = true;
# Linking fails without this
hardeningDisable = [ "format" ];
# Pie needs to be enabled or else it segfaults
hardeningEnable = [ "pie" ];
# preConfigure = ''
# # mirror 2ship's stb
# mkdir stb
# cp ${stb'} ./stb/${stb'.name}
# cp ${stb_impl} ./stb/${stb_impl.name}
# substituteInPlace libultraship/cmake/dependencies/common.cmake \
# --replace-fail "\''${STB_DIR}" "/build/source/stb"
# '';
# (cd tools/Torch && cmake -H. -Bbuild-cmake -GNinja \
# -DFETCHCONTENT_SOURCE_DIR_LIBGFXD=${libgfxd} \
# -DFETCHCONTENT_SOURCE_DIR_YAML-CPP=${finalAttrs.yaml_cpp_src} \
# -DFETCHCONTENT_SOURCE_DIR_SPDLOG=${finalAttrs.spdlog_src}
# )
configurePhase = ''
cmake -H. -Bbuild-cmake -GNinja \
-DFETCHCONTENT_SOURCE_DIR_IMGUI=${imgui'.src} \
-DFETCHCONTENT_SOURCE_DIR_STORMLIB=${stormlib'} \
-DFETCHCONTENT_SOURCE_DIR_THREADPOOL=${thread_pool}
(cd tools/Torch && cmake -H. -Bbuild-cmake -GNinja \
-DFETCHCONTENT_SOURCE_DIR_LIBGFXD=${libgfxd} \
-DFETCHCONTENT_SOURCE_DIR_YAML-CPP=${yaml_cpp} \
-DFETCHCONTENT_SOURCE_DIR_SPDLOG=${spdlog}
)
(cd libultraship && cmake -H. -Bbuild-cmake -GNinja \
-DFETCHCONTENT_SOURCE_DIR_LIBGFXD=${libgfxd} \
-DFETCHCONTENT_SOURCE_DIR_IMGUI=${imgui'.src} \
-DFETCHCONTENT_SOURCE_DIR_STORMLIB=${stormlib'} \
-DFETCHCONTENT_SOURCE_DIR_THREADPOOL=${thread_pool}
)
'';
buildPhase = ''
cmake --build build-cmake
'';
postBuild = ''
cp ${gamecontrollerdb} ${gamecontrollerdb.name}
pushd ../OTRExporter
python3 ./extract_assets.py -z ../build/ZAPD/ZAPD.out --norom --xml-root ../mm/assets/xml --custom-assets-path ../mm/assets/custom --custom-otr-file 2ship.o2r --port-ver ${finalAttrs.version}
popd
'';
preInstall = ''
# Cmake likes it here for its install paths
cp ../OTRExporter/2ship.o2r mm/
'';
postInstall = ''
mkdir -p $out/bin
ln -s $out/2s2h/2s2h.elf $out/bin/2s2h
install -Dm644 ../mm/linux/2s2hIcon.png $out/share/pixmaps/2s2h.png
'';
postFixup = ''
wrapProgram $out/2s2h/2s2h.elf --prefix PATH ":" ${lib.makeBinPath [ zenity ]}
'';
desktopItems = [
(makeDesktopItem {
name = "starship";
icon = "starship";
exec = "starship";
comment = finalAttrs.meta.description;
genericName = "Starship";
desktopName = "starship";
categories = [ "Game" ];
})
];
meta = {
homepage = "https://github.com/HarbourMasters/2ship2harkinian";
description = "A PC port of Majora's Mask with modern controls, widescreen, high-resolution, and more";
mainProgram = "starship";
platforms = [ "x86_64-linux" ];
maintainers = with lib.maintainers; [ ];
license = with lib.licenses; [
# # OTRExporter, OTRGui, ZAPDTR, libultraship
# mit
# # 2 Ship 2 Harkinian
# cc0
# # Reverse engineering
# unfree
];
};
})

19
nix/configuration/hosts/hydra/DEPLOY_BOOT
View File

@@ -1,19 +0,0 @@
#!/usr/bin/env bash
#
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
: "${JOBS:="1"}"
#TARGET=10.216.1.14
# TARGET=192.168.211.250
TARGET=hydra
nix flake update zsh-histdb --flake "$DIR/../../"
nix flake update ansible-sshjail --flake "$DIR/../../"
for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
nixos-rebuild boot --flake "$DIR/../../#hydra" --target-host "$TARGET" --build-host "$TARGET" --fast --use-remote-sudo --max-jobs "$JOBS" --log-format internal-json -v "${@}" |& nom --json
# rsync -av --progress --delete --exclude=.git "$DIR/../../../configuration" "talexander@${TARGET}:/persist/manual/" && ssh talexander@${TARGET} 'cd /persist/manual/configuration && nix flake update zsh-histdb && nix flake update ansible-sshjail && doas nice -n 19 nixos-rebuild boot --flake /persist/manual/configuration#hydra'

19
nix/configuration/hosts/hydra/DEPLOY_SWITCH
View File

@@ -1,19 +0,0 @@
#!/usr/bin/env bash
#
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
: "${JOBS:="1"}"
#TARGET=10.216.1.14
# TARGET=192.168.211.250
TARGET=hydra
nix flake update zsh-histdb --flake "$DIR/../../"
nix flake update ansible-sshjail --flake "$DIR/../../"
for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
nixos-rebuild switch --flake "$DIR/../../#hydra" --target-host "$TARGET" --build-host "$TARGET" --fast --use-remote-sudo --max-jobs "$JOBS" --log-format internal-json -v "${@}" |& nom --json
# rsync -av --progress --delete --exclude=.git "$DIR/../../../configuration" "talexander@${TARGET}:/persist/manual/" && ssh talexander@${TARGET} 'cd /persist/manual/configuration && nix flake update zsh-histdb && nix flake update ansible-sshjail && doas nice -n 19 nixos-rebuild switch --flake /persist/manual/configuration#hydra'

12
nix/configuration/hosts/hydra/ISO
View File

@@ -1,12 +0,0 @@
#!/usr/bin/env bash
#
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
: "${JOBS:="1"}"
nix flake update zsh-histdb --flake "$DIR/../../"
nix flake update ansible-sshjail --flake "$DIR/../../"
for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
nix build --extra-experimental-features nix-command --extra-experimental-features flakes "$DIR/../..#iso.hydra" --max-jobs "$JOBS" --log-format internal-json -v "${@}" |& nom --json

68
nix/configuration/hosts/hydra/default.nix
View File

@@ -1,68 +0,0 @@
#
# Testing:
# doas "$(nix-build '<nixpkgs>' --no-out-link -A 'qemu')/bin/qemu-system-x86_64" \
# -accel kvm \
# -cpu host \
# -smp cores=8 \
# -m 32768 \
# -drive "file=$(nix-build '<nixpkgs>' --no-out-link -A 'OVMF.fd')/FV/OVMF.fd,if=pflash,format=raw,readonly=on" \
# -drive file=/tmp/localdisk.img,if=none,id=nvm,format=raw \
# -device nvme,serial=deadbeef,drive=nvm \
# -nic user,hostfwd=tcp::60022-:22 \
# -boot order=d \
# -cdrom "$(readlink -f /persist/machine_setup/nix/configuration/result/iso/nixos*.iso)" \
# -display vnc=127.0.0.1:0
#
{
config,
lib,
pkgs,
...
}:
{
imports = [
./disk-config.nix
./hardware-configuration.nix
./optimized_build.nix
./vm_disk.nix
];
# Generate with `head -c4 /dev/urandom | od -A none -t x4`
networking.hostId = "fbd233d8";
networking.hostName = "hydra"; # Define your hostname.
time.timeZone = "America/New_York";
i18n.defaultLocale = "en_US.UTF-8";
me.secureBoot.enable = false;
me.optimizations = {
enable = true;
arch = "znver4";
system_features = [
"gccarch-znver4"
"gccarch-skylake"
# "gccarch-alderlake" missing WAITPKG
"gccarch-x86-64-v3"
"gccarch-x86-64-v4"
"benchmark"
"big-parallel"
"kvm"
"nixos-test"
];
};
# Mount tmpfs at /tmp
boot.tmp.useTmpfs = true;
me.emacs_flavor = "plainmacs";
me.graphical = false;
me.hydra.enable = false;
me.nix_worker.enable = true;
me.vm_disk.enable = true;
me.wireguard.activated = [ ];
me.wireguard.deactivated = [ ];
me.zsh.enable = true;
}

140
nix/configuration/hosts/hydra/disk-config.nix
View File

@@ -1,140 +0,0 @@
# Manual Step:
# Check if drive supports 4kn: nvme id-ns -H /dev/nvme0n1
# Format the drive to 4kn: nvme format --lbaf=1 /dev/nvme0n1
{
config,
lib,
pkgs,
...
}:
lib.mkIf (!config.me.buildingIso) {
disko.devices = {
disk = {
main = {
type = "disk";
device = "/dev/nvme0n1";
content = {
type = "gpt";
partitions = {
ESP = {
size = "1G";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [
"umask=0077"
"noatime"
"discard"
];
};
};
zfs = {
size = "100%";
content = {
type = "zfs";
pool = "zroot";
};
};
};
};
};
};
zpool = {
zroot = {
type = "zpool";
# mode = "mirror";
# Workaround: cannot import 'zroot': I/O error in disko tests
options.cachefile = "none";
options = {
ashift = "12";
compatibility = "openzfs-2.2-freebsd";
autotrim = "on";
};
rootFsOptions = {
acltype = "posixacl";
atime = "off";
relatime = "off";
xattr = "sa";
mountpoint = "none";
compression = "lz4";
canmount = "off";
utf8only = "on";
dnodesize = "auto";
normalization = "formD";
};
datasets = {
"linux/nix" = {
type = "zfs_fs";
options.mountpoint = "none";
};
"linux/nix/root" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot/linux/nix/root@blank$' || zfs snapshot zroot/linux/nix/root@blank";
};
"linux/nix/nix" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/nix";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot/linux/nix/nix@blank$' || zfs snapshot zroot/linux/nix/nix@blank";
options = {
recordsize = "1MiB";
compression = "lz4";
};
};
"linux/nix/home" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/home";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot/linux/nix/home@blank$' || zfs snapshot zroot/linux/nix/home@blank";
};
"linux/nix/persist" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/persist";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot/linux/nix/persist@blank$' || zfs snapshot zroot/linux/nix/persist@blank";
};
"linux/nix/state" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/state";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot/linux/nix/state@blank$' || zfs snapshot zroot/linux/nix/state@blank";
};
};
};
};
};
# Make sure all persistent volumes are marked as neededForBoot
#
# Also mounts /home so it is mounted before the user home directories are created.
fileSystems."/persist".neededForBoot = true;
fileSystems."/state".neededForBoot = true;
fileSystems."/home".neededForBoot = true;
fileSystems."/".options = [
"noatime"
"norelatime"
];
fileSystems."/nix".options = [
"noatime"
"norelatime"
];
fileSystems."/persist".options = [
"noatime"
"norelatime"
];
fileSystems."/state".options = [
"noatime"
"norelatime"
];
fileSystems."/home".options = [
"noatime"
"norelatime"
];
}

39
nix/configuration/hosts/hydra/hardware-configuration.nix
View File

@@ -1,39 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [
"xhci_pci"
"nvme"
"usbhid"
"usb_storage"
"sd_mod"
"sdhci_pci"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.dhcpcd.enable = lib.mkForce true;
networking.useDHCP = lib.mkForce true;
networking.interfaces.enp0s2.useDHCP = lib.mkForce true;
# systemd.network.enable = true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

77
nix/configuration/hosts/hydra/vm_disk.nix
View File

@@ -1,77 +0,0 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
options.me = {
vm_disk.enable = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = "Whether we want to mount the local disk for persistent storage.";
};
};
config = lib.mkIf config.me.vm_disk.enable (
lib.mkMerge [
{
# Mount the local disk
fileSystems = {
"/.disk" = lib.mkForce {
device = "/dev/nvme0n1p1";
fsType = "ext4";
options = [
"noatime"
"discard"
];
neededForBoot = true;
};
"/persist" = {
fsType = "none";
device = "/.disk/persist";
options = [
"bind"
"rw"
];
depends = [
"/.disk/persist"
];
};
"/state" = {
fsType = "none";
device = "/.disk/state";
options = [
"bind"
"rw"
];
depends = [
"/.disk/state"
];
};
"/nix/store" = lib.mkForce {
fsType = "overlay";
device = "overlay";
options = [
"lowerdir=/nix/.ro-store"
"upperdir=/.disk/persist/store"
"workdir=/.disk/state/work"
];
depends = [
"/nix/.ro-store"
"/.disk/persist/store"
"/.disk/state/work"
];
};
};
}
]
);
}

19
nix/configuration/hosts/ionlybootzfs/DEPLOY_BOOT
View File

@@ -1,19 +0,0 @@
#!/usr/bin/env bash
#
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
: "${JOBS:="1"}"
#TARGET=10.216.1.14
# TARGET=192.168.211.250
TARGET="ionlybootzfs"
nix flake update zsh-histdb --flake "$DIR/../../"
nix flake update ansible-sshjail --flake "$DIR/../../"
for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
nixos-rebuild boot --flake "$DIR/../../#ionlybootzfs" --target-host "$TARGET" --build-host "$TARGET" --fast --use-remote-sudo --max-jobs "$JOBS" --log-format internal-json -v "${@}" |& nom --json
# rsync -av --progress --delete --exclude=.git "$DIR/../../../configuration" "talexander@${TARGET}:/persist/manual/" && ssh talexander@${TARGET} 'cd /persist/manual/configuration && nix flake update zsh-histdb && nix flake update ansible-sshjail && doas nice -n 19 nixos-rebuild boot --flake /persist/manual/configuration#ionlybootzfs'

19
nix/configuration/hosts/ionlybootzfs/DEPLOY_SWITCH
View File

@@ -1,19 +0,0 @@
#!/usr/bin/env bash
#
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
: "${JOBS:="1"}"
#TARGET=10.216.1.14
# TARGET=192.168.211.250
TARGET=ionlybootzfs
nix flake update zsh-histdb --flake "$DIR/../../"
nix flake update ansible-sshjail --flake "$DIR/../../"
for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
nixos-rebuild switch --flake "$DIR/../../#ionlybootzfs" --target-host "$TARGET" --build-host "$TARGET" --fast --use-remote-sudo --max-jobs "$JOBS" --log-format internal-json -v "${@}" |& nom --json
# rsync -av --progress --delete --exclude=.git "$DIR/../../../configuration" "talexander@${TARGET}:/persist/manual/" && ssh talexander@${TARGET} 'cd /persist/manual/configuration && nix flake update zsh-histdb && nix flake update ansible-sshjail && doas nice -n 19 nixos-rebuild switch --flake /persist/manual/configuration#ionlybootzfs'

12
nix/configuration/hosts/ionlybootzfs/ISO
View File

@@ -1,12 +0,0 @@
#!/usr/bin/env bash
#
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
: "${JOBS:="1"}"
nix flake update zsh-histdb --flake "$DIR/../../"
nix flake update ansible-sshjail --flake "$DIR/../../"
for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
nix build --extra-experimental-features nix-command --extra-experimental-features flakes "$DIR/../..#iso.ionlybootzfs" --max-jobs "$JOBS" --log-format internal-json -v "${@}" |& nom --json

63
nix/configuration/hosts/ionlybootzfs/default.nix
View File

@@ -1,63 +0,0 @@
#
# Testing:
# doas "$(nix-build '<nixpkgs>' --no-out-link -A 'qemu')/bin/qemu-system-x86_64" \
# -accel kvm \
# -cpu host \
# -smp cores=8 \
# -m 32768 \
# -drive "file=$(nix-build '<nixpkgs>' --no-out-link -A 'OVMF.fd')/FV/OVMF.fd,if=pflash,format=raw,readonly=on" \
# -drive file=/tmp/localdisk.img,if=none,id=nvm,format=raw \
# -device nvme,serial=deadbeef,drive=nvm \
# -nic user,hostfwd=tcp::60022-:22 \
# -boot order=d \
# -cdrom "$(readlink -f /persist/machine_setup/nix/configuration/result/iso/nixos*.iso)" \
# -display vnc=127.0.0.1:0
#
{
config,
lib,
pkgs,
...
}:
{
imports = [
./wrapped-disk-config.nix
./hardware-configuration.nix
];
# Generate with `head -c4 /dev/urandom | od -A none -t x4`
networking.hostId = "fbd233d8";
networking.hostName = "ionlybootzfs"; # Define your hostname.
time.timeZone = "America/New_York";
i18n.defaultLocale = "en_US.UTF-8";
me.secureBoot.enable = true;
me.optimizations = {
enable = false;
arch = "znver4";
system_features = [
"gccarch-znver4"
"gccarch-skylake"
# "gccarch-alderlake" missing WAITPKG
"gccarch-x86-64-v3"
"gccarch-x86-64-v4"
"benchmark"
"big-parallel"
"kvm"
"nixos-test"
];
};
# Mount tmpfs at /tmp
boot.tmp.useTmpfs = true;
me.emacs_flavor = "plainmacs";
me.graphical = false;
me.wireguard.activated = [ ];
me.wireguard.deactivated = [ ];
me.zsh.enable = true;
}

142
nix/configuration/hosts/ionlybootzfs/disk-config.nix
View File

@@ -1,142 +0,0 @@
# Manual Step:
# Check if drive supports 4kn: nvme id-ns -H /dev/nvme0n1
# Format the drive to 4kn: nvme format --lbaf=1 /dev/nvme0n1
{
disko.devices = {
disk = {
main = {
type = "disk";
device = "/dev/nvme0n1";
content = {
type = "gpt";
partitions = {
ESP = {
size = "1G";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [
"umask=0077"
"noatime"
"discard"
];
};
};
zfs = {
size = "100%";
content = {
type = "zfs";
pool = "zroot";
};
};
};
};
};
};
zpool = {
zroot = {
type = "zpool";
# mode = "mirror";
# Workaround: cannot import 'zroot': I/O error in disko tests
options.cachefile = "none";
options = {
ashift = "12";
compatibility = "openzfs-2.2-freebsd";
autotrim = "on";
};
rootFsOptions = {
acltype = "posixacl";
atime = "off";
relatime = "off";
xattr = "sa";
mountpoint = "none";
compression = "lz4";
canmount = "off";
utf8only = "on";
dnodesize = "auto";
normalization = "formD";
};
datasets = {
"linux/nix" = {
type = "zfs_fs";
options.mountpoint = "none";
options = {
encryption = "aes-256-gcm";
keyformat = "passphrase";
# keylocation = "file:///tmp/secret.key";
};
};
"linux/nix/root" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot/linux/nix/root@blank$' || zfs snapshot zroot/linux/nix/root@blank";
};
"linux/nix/nix" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/nix";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot/linux/nix/nix@blank$' || zfs snapshot zroot/linux/nix/nix@blank";
options = {
recordsize = "16MiB";
compression = "zstd-19";
};
};
"linux/nix/home" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/home";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot/linux/nix/home@blank$' || zfs snapshot zroot/linux/nix/home@blank";
};
"linux/nix/persist" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/persist";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot/linux/nix/persist@blank$' || zfs snapshot zroot/linux/nix/persist@blank";
};
"linux/nix/state" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/state";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot/linux/nix/state@blank$' || zfs snapshot zroot/linux/nix/state@blank";
};
};
};
};
};
# Make sure all persistent volumes are marked as neededForBoot
#
# Also mounts /home so it is mounted before the user home directories are created.
fileSystems."/persist".neededForBoot = true;
fileSystems."/state".neededForBoot = true;
fileSystems."/home".neededForBoot = true;
fileSystems."/".options = [
"noatime"
"norelatime"
];
fileSystems."/nix".options = [
"noatime"
"norelatime"
];
fileSystems."/persist".options = [
"noatime"
"norelatime"
];
fileSystems."/state".options = [
"noatime"
"norelatime"
];
fileSystems."/home".options = [
"noatime"
"norelatime"
];
# Only attempt to decrypt the main pool. Otherwise it attempts to decrypt pools that aren't even used.
boot.zfs.requestEncryptionCredentials = [ "zroot/linux/nix" ];
}

38
nix/configuration/hosts/ionlybootzfs/hardware-configuration.nix
View File

@@ -1,38 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [
"xhci_pci"
"nvme"
"usbhid"
"usb_storage"
"sd_mod"
"sdhci_pci"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.dhcpcd.enable = lib.mkForce true;
networking.useDHCP = lib.mkForce true;
# systemd.network.enable = true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

131
nix/configuration/hosts/ionlybootzfs/optimized_build.nix
View File

@@ -1,131 +0,0 @@
{
config,
lib,
pkgs,
pkgs-unoptimized,
...
}:
{
imports = [ ];
config = lib.mkMerge [
{ }
(lib.mkIf (!config.me.optimizations.enable) {
boot.kernelPackages = pkgs.linuxPackagesFor pkgs.linux_6_14;
})
(lib.mkIf (config.me.optimizations.enable) {
nixpkgs.hostPlatform = {
gcc.arch = "znver4";
gcc.tune = "znver4";
system = "x86_64-linux";
};
nixpkgs.overlays = [
(
final: prev:
let
addConfig =
additionalConfig: pkg:
pkg.override (oldconfig: {
structuredExtraConfig = pkg.structuredExtraConfig // additionalConfig;
});
in
{
linux_me = addConfig {
# Full preemption
PREEMPT = lib.mkOverride 60 lib.kernel.yes;
PREEMPT_VOLUNTARY = lib.mkOverride 60 lib.kernel.no;
# Google's BBRv3 TCP congestion Control
TCP_CONG_BBR = lib.kernel.yes;
DEFAULT_BBR = lib.kernel.yes;
# Preemptive Full Tickless Kernel at 300Hz
HZ = lib.kernel.freeform "300";
HZ_300 = lib.kernel.yes;
HZ_1000 = lib.kernel.no;
} prev.linux_6_14;
# gsl = prev.gsl.overrideAttrs (old: {
# # gsl tests fails when optimizations are enabled.
# # > FAIL: cholesky_invert unscaled hilbert ( 4, 4)[0,2]: 2.55795384873636067e-13 0
# # > (2.55795384873636067e-13 observed vs 0 expected) [28259614]
# doCheck = false;
# });
}
)
(final: prev: {
haskellPackages = prev.haskellPackages.extend (
final': prev': {
inherit (pkgs-unoptimized.haskellPackages)
crypton
crypton-connection
crypton-x509
crypton-x509-store
crypton-x509-system
crypton-x509-validation
hspec-wai
http-client-tls
http2
pandoc
pandoc-cli
pandoc-lua-engine
pandoc-server
servant-server
tls
wai-app-static
wai-extra
warp
;
}
);
})
(final: prev: {
inherit (pkgs-unoptimized)
gsl
redis
valkey
;
})
];
boot.kernelPackages = pkgs.linuxPackagesFor pkgs.linux_me;
})
(lib.mkIf (!config.me.buildingIso) {
nix.settings.system-features = lib.mkForce [
"gccarch-znver4"
"gccarch-skylake"
# "gccarch-alderlake" missing WAITPKG
"gccarch-x86-64-v3"
"gccarch-x86-64-v4"
"benchmark"
"big-parallel"
"kvm"
"nixos-test"
];
# Keep ALL dependencies so we can rebuild offline. This DRASTICALLY increase disk usage, but disk space is cheap.
# system.includeBuildDependencies = true;
# This also should enable building offline? TODO: test.
nix.extraOptions = ''
keep-outputs = true
keep-derivations = true
'';
# # building ON
# nixpkgs.localSystem = { system = "aarch64-linux"; };
# # building FOR
# nixpkgs.crossSystem = { system = "aarch64-linux"; };
# nixpkgs.config = {
# replaceStdenv = ({ pkgs }: pkgs.clangStdenv);
# };
# or maybe an overlay
# stdenv = prev.clangStdenv;
})
(lib.mkIf (config.me.buildingIso) {
boot.supportedFilesystems.zfs = true;
})
];
}

8
nix/configuration/hosts/ionlybootzfs/wrapped-disk-config.nix
View File

@@ -1,8 +0,0 @@
{
config,
lib,
pkgs,
...
}:
lib.mkIf (!config.me.buildingIso) (import ./disk-config.nix)

19
nix/configuration/hosts/neelix/DEPLOY_BOOT
View File

@@ -1,19 +0,0 @@
#!/usr/bin/env bash
#
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
: "${JOBS:="1"}"
#TARGET=10.216.1.14
# TARGET=192.168.211.250
TARGET=neelix
nix flake update zsh-histdb --flake "$DIR/../../"
nix flake update ansible-sshjail --flake "$DIR/../../"
for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
nixos-rebuild boot --flake "$DIR/../../#neelix" --target-host "$TARGET" --build-host "$TARGET" --fast --use-remote-sudo --max-jobs "$JOBS" --log-format internal-json -v "${@}" |& nom --json
# rsync -av --progress --delete --exclude=.git "$DIR/../../../configuration" "talexander@${TARGET}:/persist/manual/" && ssh talexander@${TARGET} 'cd /persist/manual/configuration && nix flake update zsh-histdb && nix flake update ansible-sshjail && doas nice -n 19 nixos-rebuild boot --flake /persist/manual/configuration#neelix'

19
nix/configuration/hosts/neelix/DEPLOY_SWITCH
View File

@@ -1,19 +0,0 @@
#!/usr/bin/env bash
#
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
: "${JOBS:="1"}"
#TARGET=10.216.1.14
# TARGET=192.168.211.250
TARGET=neelix
nix flake update zsh-histdb --flake "$DIR/../../"
nix flake update ansible-sshjail --flake "$DIR/../../"
for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
nixos-rebuild switch --flake "$DIR/../../#neelix" --target-host "$TARGET" --build-host "$TARGET" --fast --use-remote-sudo --max-jobs "$JOBS" --log-format internal-json -v "${@}" |& nom --json
# rsync -av --progress --delete --exclude=.git "$DIR/../../../configuration" "talexander@${TARGET}:/persist/manual/" && ssh talexander@${TARGET} 'cd /persist/manual/configuration && nix flake update zsh-histdb && nix flake update ansible-sshjail && doas nice -n 19 nixos-rebuild switch --flake /persist/manual/configuration#neelix'

19
nix/configuration/hosts/neelix/default.nix
View File

@@ -3,11 +3,12 @@
imports = [
./hardware-configuration.nix
./disk-config.nix
./optimized_build.nix
./power_management.nix
];
# Generate with `head -c4 /dev/urandom | od -A none -t x4`
networking.hostId = "bca9d0a5";
networking.hostId = "fbd233d8";
networking.hostName = "neelix"; # Define your hostname.
@@ -16,25 +17,11 @@
me.secureBoot.enable = false;
me.optimizations = {
enable = false;
arch = "alderlake";
system_features = [
"gccarch-alderlake"
"gccarch-x86-64-v3"
"gccarch-x86-64-v4"
"benchmark"
"big-parallel"
"kvm"
"nixos-test"
];
};
# Early KMS
boot.initrd.kernelModules = [ "i915" ];
# Mount tmpfs at /tmp
# boot.tmp.useTmpfs = true;
boot.tmp.useTmpfs = true;
me.bluetooth.enable = true;
me.emacs_flavor = "plainmacs";

11
nix/configuration/hosts/neelix/hardware-configuration.nix
View File

@@ -14,14 +14,7 @@
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [
"xhci_pci"
"nvme"
"usbhid"
"usb_storage"
"sd_mod"
"sdhci_pci"
];
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
@@ -30,7 +23,7 @@
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
# networking.useDHCP = lib.mkDefault true;
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.eno1.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp58s0.useDHCP = lib.mkDefault true;

78
nix/configuration/hosts/neelix/optimized_build.nix Normal file
View File

@@ -0,0 +1,78 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
config = lib.mkMerge [
{ }
(lib.mkIf (!config.me.buildingIso) {
nix.settings.system-features = lib.mkForce [
"gccarch-alderlake"
"gccarch-x86-64-v3"
"benchmark"
"big-parallel"
"kvm"
"nixos-test"
];
# nixpkgs.hostPlatform = {
# gcc.arch = "alderlake";
# gcc.tune = "alderlake";
# system = "x86_64-linux";
# };
nixpkgs.overlays = [
(
self: super:
let
optimizeWithFlags =
pkg: flags:
pkg.overrideAttrs (old: {
NIX_CFLAGS_COMPILE = [ (old.NIX_CFLAGS_COMPILE or "") ] ++ flags;
});
addConfig =
additionalConfig: pkg:
pkg.override (oldconfig: {
structuredExtraConfig = pkg.structuredExtraConfig // additionalConfig;
});
in
{
linux_alderlake =
addConfig
{
# Full preemption
PREEMPT = lib.mkOverride 60 lib.kernel.yes;
PREEMPT_VOLUNTARY = lib.mkOverride 60 lib.kernel.no;
# Google's BBRv3 TCP congestion Control
TCP_CONG_BBR = lib.kernel.yes;
DEFAULT_BBR = lib.kernel.yes;
# Preemptive Full Tickless Kernel at 300Hz
HZ = lib.kernel.freeform "300";
HZ_300 = lib.kernel.yes;
HZ_1000 = lib.kernel.no;
}
(
optimizeWithFlags super.linux_6_12 [
"-march=alderlake"
"-mtune=alderlake"
]
);
}
)
];
boot.kernelPackages = pkgs.linuxPackagesFor pkgs.linux_alderlake;
})
(lib.mkIf (config.me.buildingIso) {
boot.kernelPackages = pkgs.linuxPackagesFor pkgs.linux_6_12;
boot.supportedFilesystems = [ "zfs" ];
})
];
}

19
nix/configuration/hosts/odo/DEPLOY_BOOT
View File

@@ -1,19 +0,0 @@
#!/usr/bin/env bash
#
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
: "${JOBS:="1"}"
# TARGET=10.216.1.15
# TARGET=192.168.211.250
TARGET=odo
nix flake update zsh-histdb --flake "$DIR/../../"
nix flake update ansible-sshjail --flake "$DIR/../../"
for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
nixos-rebuild boot --flake "$DIR/../../#odo" --target-host "$TARGET" --build-host "$TARGET" --fast --use-remote-sudo --max-jobs "$JOBS" --log-format internal-json -v "${@}" |& nom --json
# rsync -av --progress --delete --exclude=.git "$DIR/../../../configuration" "talexander@${TARGET}:/persist/manual/" && ssh talexander@${TARGET} 'cd /persist/manual/configuration && nix flake update zsh-histdb && nix flake update ansible-sshjail && doas nice -n 19 nixos-rebuild boot --flake /persist/manual/configuration#odo'

19
nix/configuration/hosts/odo/DEPLOY_SWITCH
View File

@@ -1,19 +0,0 @@
#!/usr/bin/env bash
#
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
: "${JOBS:="1"}"
#TARGET=10.216.1.14
# TARGET=192.168.211.250
TARGET=odo
nix flake update zsh-histdb --flake "$DIR/../../"
nix flake update ansible-sshjail --flake "$DIR/../../"
for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
nixos-rebuild switch --flake "$DIR/../../#odo" --target-host "$TARGET" --build-host "$TARGET" --fast --use-remote-sudo --max-jobs "$JOBS" --log-format internal-json -v "${@}" |& nom --json
# rsync -av --progress --delete --exclude=.git "$DIR/../../../configuration" "talexander@${TARGET}:/persist/manual/" && ssh talexander@${TARGET} 'cd /persist/manual/configuration && nix flake update zsh-histdb && nix flake update ansible-sshjail && doas nice -n 19 nixos-rebuild switch --flake /persist/manual/configuration#odo'

12
nix/configuration/hosts/odo/ISO
View File

@@ -1,12 +0,0 @@
#!/usr/bin/env bash
#
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
: "${JOBS:="1"}"
nix flake update zsh-histdb --flake "$DIR/../../"
nix flake update ansible-sshjail --flake "$DIR/../../"
for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
nix build --extra-experimental-features nix-command --extra-experimental-features flakes "$DIR/../..#iso.odo" --max-jobs "$JOBS" --log-format internal-json -v "${@}" |& nom --json

12
nix/configuration/hosts/odo/SELF_BOOT
View File

@@ -1,12 +0,0 @@
#!/usr/bin/env bash
#
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
: "${JOBS:="1"}"
nix flake update zsh-histdb --flake "$DIR/../../"
nix flake update ansible-sshjail --flake "$DIR/../../"
for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
nixos-rebuild boot --show-trace --use-remote-sudo --max-jobs "$JOBS" --flake "$DIR/../../#odo" --log-format internal-json -v "${@}" |& nom --json

12
nix/configuration/hosts/odo/SELF_BUILD
View File

@@ -1,12 +0,0 @@
#!/usr/bin/env bash
#
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
: "${JOBS:="1"}"
nix flake update zsh-histdb --flake "$DIR/../../"
nix flake update ansible-sshjail --flake "$DIR/../../"
for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
nixos-rebuild build --show-trace --use-remote-sudo --max-jobs "$JOBS" --flake "$DIR/../../#odo" --log-format internal-json -v "${@}" |& nom --json

12
nix/configuration/hosts/odo/SELF_SWITCH
View File

@@ -1,12 +0,0 @@
#!/usr/bin/env bash
#
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
: "${JOBS:="1"}"
nix flake update zsh-histdb --flake "$DIR/../../"
nix flake update ansible-sshjail --flake "$DIR/../../"
for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
nixos-rebuild switch --show-trace --use-remote-sudo --max-jobs "$JOBS" --flake "$DIR/../../#odo" --log-format internal-json -v "${@}" |& nom --json

53
nix/configuration/hosts/odo/default.nix
View File

@@ -1,18 +1,12 @@
{
config,
lib,
pkgs,
...
}:
{ config, pkgs, ... }:
{
imports = [
./hardware-configuration.nix
./wrapped-disk-config.nix
./distributed_build.nix
./disk-config.nix
./optimized_build.nix
./power_management.nix
./screen_brightness.nix
./wifi.nix
./framework_module.nix
];
# Generate with `head -c4 /dev/urandom | od -A none -t x4`
@@ -25,22 +19,6 @@
me.secureBoot.enable = true;
me.optimizations = {
enable = false;
arch = "znver4";
system_features = [
"gccarch-znver4"
"gccarch-skylake"
# "gccarch-alderlake" missing WAITPKG
"gccarch-x86-64-v3"
"gccarch-x86-64-v4"
"benchmark"
"big-parallel"
"kvm"
"nixos-test"
];
};
# Early KMS
boot.initrd.kernelModules = [ "amdgpu" ];
@@ -49,58 +27,35 @@
environment.systemPackages = with pkgs; [
fw-ectool
framework-tool
];
# Enable light sensor
# hardware.sensor.iio.enable = lib.mkDefault true;
# Enable TRIM
# services.fstrim.enable = lib.mkDefault true;
me.alacritty.enable = true;
me.amd_s2idle.enable = true;
me.ansible.enable = true;
me.ares.enable = true;
me.bluetooth.enable = true;
me.chromecast.enable = true;
me.chromium.enable = true;
me.d2.enable = true;
me.direnv.enable = true;
me.docker.enable = true;
me.ecc.enable = false;
me.emacs_flavor = "full";
me.firefox.enable = true;
me.flux.enable = true;
me.gcloud.enable = true;
me.git.config = ../../roles/git/files/gitconfig_home;
me.gnuplot.enable = true;
me.gpg.enable = true;
me.graphical = true;
me.graphics_card_type = "amd";
me.iso_mount.enable = true;
me.kanshi.enable = false;
me.kanshi.enable = true;
me.kubernetes.enable = true;
me.latex.enable = true;
me.launch_keyboard.enable = true;
me.lvfs.enable = true;
me.media.enable = true;
me.nix_index.enable = true;
me.pcsx2.enable = true;
me.python.enable = true;
me.qemu.enable = true;
me.rpcs3.enable = true;
me.rust.enable = true;
me.shadps4.enable = true;
me.shikane.enable = true;
me.sops.enable = true;
me.sound.enable = true;
me.steam.enable = true;
me.steam_run_free.enable = true;
me.sway.enable = true;
me.tekton.enable = true;
me.terraform.enable = true;
me.thunderbolt.enable = true;
me.vnc_client.enable = true;
me.vscode.enable = true;
me.wasm.enable = true;

8
nix/configuration/hosts/odo/disk-config.nix
View File

@@ -1,8 +1,14 @@
# Manual Step:
# Check if drive supports 4kn: nvme id-ns -H /dev/nvme0n1
# Format the drive to 4kn: nvme format --lbaf=1 /dev/nvme0n1
{
config,
lib,
pkgs,
...
}:
lib.mkIf (!config.me.buildingIso) {
disko.devices = {
disk = {
main = {

27
nix/configuration/hosts/odo/distributed_build.nix
View File

@@ -1,27 +0,0 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
config = lib.mkMerge [
{
me.distributed_build.enable = true;
me.distributed_build.machines.hydra = {
enable = true;
additional_config = {
speedFactor = 2;
};
};
me.distributed_build.machines.quark = {
enable = true;
additional_config = {
speedFactor = 2;
};
};
}
];
}

23
nix/configuration/hosts/odo/framework_module.nix
View File

@@ -1,23 +0,0 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
config = lib.mkMerge [
{
boot.extraModulePackages = with config.boot.kernelPackages; [
framework-laptop-kmod
];
# https://github.com/DHowett/framework-laptop-kmod?tab=readme-ov-file#usage
boot.kernelModules = [
"cros_ec"
"cros_ec_lpcs"
];
}
];
}

2
nix/configuration/hosts/odo/hardware-configuration.nix
View File

@@ -27,7 +27,7 @@
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
# networking.useDHCP = lib.mkDefault true;
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.eno1.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp58s0.useDHCP = lib.mkDefault true;

81
nix/configuration/hosts/odo/optimized_build.nix Normal file
View File

@@ -0,0 +1,81 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
config = lib.mkMerge [
{ }
(lib.mkIf (!config.me.buildingIso) {
nix.settings.system-features = lib.mkForce [
"gccarch-znver4"
"gccarch-skylake"
# "gccarch-alderlake" missing WAITPKG
"gccarch-x86-64-v3"
"gccarch-x86-64-v4"
"benchmark"
"big-parallel"
"kvm"
"nixos-test"
];
# nixpkgs.hostPlatform = {
# gcc.arch = "znver4";
# gcc.tune = "znver4";
# system = "x86_64-linux";
# };
nixpkgs.overlays = [
(
self: super:
let
optimizeWithFlags =
pkg: flags:
pkg.overrideAttrs (old: {
NIX_CFLAGS_COMPILE = [ (old.NIX_CFLAGS_COMPILE or "") ] ++ flags;
});
addConfig =
additionalConfig: pkg:
pkg.override (oldconfig: {
structuredExtraConfig = pkg.structuredExtraConfig // additionalConfig;
});
in
{
linux_znver4 =
addConfig
{
# Full preemption
PREEMPT = lib.mkOverride 60 lib.kernel.yes;
PREEMPT_VOLUNTARY = lib.mkOverride 60 lib.kernel.no;
# Google's BBRv3 TCP congestion Control
TCP_CONG_BBR = lib.kernel.yes;
DEFAULT_BBR = lib.kernel.yes;
# Preemptive Full Tickless Kernel at 300Hz
HZ = lib.kernel.freeform "300";
HZ_300 = lib.kernel.yes;
HZ_1000 = lib.kernel.no;
}
(
optimizeWithFlags super.linux_6_12 [
"-march=znver4"
"-mtune=znver4"
]
);
}
)
];
boot.kernelPackages = pkgs.linuxPackagesFor pkgs.linux_znver4;
})
(lib.mkIf (config.me.buildingIso) {
boot.kernelPackages = pkgs.linuxPackagesFor pkgs.linux_6_12;
boot.supportedFilesystems.zfs = true;
})
];
}

18
nix/configuration/hosts/odo/power_management.nix
View File

@@ -20,7 +20,7 @@
# amd_pstate=guided :: Same as passive except we can set upper and lower frequency bounds.
# amdgpu.dcdebugmask=0x10 :: Allegedly disables Panel Replay from https://community.frame.work/t/tracking-freezing-arch-linux-amd/39495/32
boot.kernelParams = [
"amdgpu.abmlevel=2"
"amdgpu.abmlevel=3"
"pcie_aspm=force"
# "pcie_aspm.policy=powersupersave"
"nowatchdog"
@@ -47,22 +47,6 @@
"w- /sys/devices/system/cpu/cpufreq/policy13/energy_performance_preference - - - - power"
"w- /sys/devices/system/cpu/cpufreq/policy14/energy_performance_preference - - - - power"
"w- /sys/devices/system/cpu/cpufreq/policy15/energy_performance_preference - - - - power"
"w- /sys/devices/system/cpu/cpu0/cpufreq/boost - - - - 0"
"w- /sys/devices/system/cpu/cpu1/cpufreq/boost - - - - 0"
"w- /sys/devices/system/cpu/cpu2/cpufreq/boost - - - - 0"
"w- /sys/devices/system/cpu/cpu3/cpufreq/boost - - - - 0"
"w- /sys/devices/system/cpu/cpu4/cpufreq/boost - - - - 0"
"w- /sys/devices/system/cpu/cpu5/cpufreq/boost - - - - 0"
"w- /sys/devices/system/cpu/cpu6/cpufreq/boost - - - - 0"
"w- /sys/devices/system/cpu/cpu7/cpufreq/boost - - - - 0"
"w- /sys/devices/system/cpu/cpu8/cpufreq/boost - - - - 0"
"w- /sys/devices/system/cpu/cpu9/cpufreq/boost - - - - 0"
"w- /sys/devices/system/cpu/cpu10/cpufreq/boost - - - - 0"
"w- /sys/devices/system/cpu/cpu11/cpufreq/boost - - - - 0"
"w- /sys/devices/system/cpu/cpu12/cpufreq/boost - - - - 0"
"w- /sys/devices/system/cpu/cpu13/cpufreq/boost - - - - 0"
"w- /sys/devices/system/cpu/cpu14/cpufreq/boost - - - - 0"
"w- /sys/devices/system/cpu/cpu15/cpufreq/boost - - - - 0"
];
boot.extraModprobeConfig = ''

2
nix/configuration/hosts/odo/screen_brightness.nix
View File

@@ -9,6 +9,6 @@
imports = [ ];
systemd.tmpfiles.rules = [
"w- /sys/class/backlight/amdgpu_bl1/brightness - - - - 21845"
"w- /sys/class/backlight/amdgpu_bl1/brightness - - - - 85"
];
}

7
nix/configuration/hosts/odo/wifi.nix
View File

@@ -9,10 +9,9 @@
imports = [ ];
config = {
# Doesn't seem necessary starting with 6.13
# environment.loginShellInit = lib.mkIf (!config.me.buildingIso) ''
# doas iw dev wlan0 set power_save off
# '';
environment.loginShellInit = lib.mkIf (!config.me.buildingIso) ''
doas iw dev wlan0 set power_save off
'';
# Enable debug logging for ath12k wifi card.
boot.kernelParams = [

8
nix/configuration/hosts/odo/wrapped-disk-config.nix
View File

@@ -1,8 +0,0 @@
{
config,
lib,
pkgs,
...
}:
lib.mkIf (!config.me.buildingIso) (import ./disk-config.nix)

19
nix/configuration/hosts/quark/DEPLOY_BOOT
View File

@@ -1,19 +0,0 @@
#!/usr/bin/env bash
#
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
: "${JOBS:="1"}"
#TARGET=10.216.1.15
# TARGET=192.168.211.250
TARGET=quark
nix flake update zsh-histdb --flake "$DIR/../../"
nix flake update ansible-sshjail --flake "$DIR/../../"
for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
nixos-rebuild boot --flake "$DIR/../../#quark" --target-host "$TARGET" --build-host "$TARGET" --fast --use-remote-sudo --max-jobs "$JOBS" --log-format internal-json -v "${@}" |& nom --json
# rsync -av --progress --delete --exclude=.git "$DIR/../../../configuration" "talexander@${TARGET}:/persist/manual/" && ssh talexander@${TARGET} 'cd /persist/manual/configuration && nix flake update zsh-histdb && nix flake update ansible-sshjail && doas nice -n 19 nixos-rebuild boot --flake /persist/manual/configuration#quark'

19
nix/configuration/hosts/quark/DEPLOY_SWITCH
View File

@@ -1,19 +0,0 @@
#!/usr/bin/env bash
#
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
: "${JOBS:="1"}"
#TARGET=10.216.1.14
# TARGET=192.168.211.250
TARGET=quark
nix flake update zsh-histdb --flake "$DIR/../../"
nix flake update ansible-sshjail --flake "$DIR/../../"
for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
nixos-rebuild switch --flake "$DIR/../../#quark" --target-host "$TARGET" --build-host "$TARGET" --fast --use-remote-sudo --max-jobs "$JOBS" --log-format internal-json -v "${@}" |& nom --json
# rsync -av --progress --delete --exclude=.git "$DIR/../../../configuration" "talexander@${TARGET}:/persist/manual/" && ssh talexander@${TARGET} 'cd /persist/manual/configuration && nix flake update zsh-histdb && nix flake update ansible-sshjail && doas nice -n 19 nixos-rebuild switch --flake /persist/manual/configuration#quark'

12
nix/configuration/hosts/quark/ISO
View File

@@ -1,12 +0,0 @@
#!/usr/bin/env bash
#
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
: "${JOBS:="1"}"
nix flake update zsh-histdb --flake "$DIR/../../"
nix flake update ansible-sshjail --flake "$DIR/../../"
for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
nix build --extra-experimental-features nix-command --extra-experimental-features flakes "$DIR/../..#iso.quark" --max-jobs "$JOBS" --log-format internal-json -v "${@}" |& nom --json

12
nix/configuration/hosts/quark/SELF_BOOT
View File

@@ -1,12 +0,0 @@
#!/usr/bin/env bash
#
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
: "${JOBS:="1"}"
nix flake update zsh-histdb --flake "$DIR/../../"
nix flake update ansible-sshjail --flake "$DIR/../../"
for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
nixos-rebuild boot --show-trace --use-remote-sudo --max-jobs "$JOBS" --flake "$DIR/../../#quark" --log-format internal-json -v "${@}" |& nom --json

12
nix/configuration/hosts/quark/SELF_BUILD
View File

@@ -1,12 +0,0 @@
#!/usr/bin/env bash
#
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
: "${JOBS:="1"}"
nix flake update zsh-histdb --flake "$DIR/../../"
nix flake update ansible-sshjail --flake "$DIR/../../"
for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
nixos-rebuild build --show-trace --use-remote-sudo --max-jobs "$JOBS" --flake "$DIR/../../#quark" --log-format internal-json -v "${@}" |& nom --json

12
nix/configuration/hosts/quark/SELF_SWITCH
View File

@@ -1,12 +0,0 @@
#!/usr/bin/env bash
#
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
: "${JOBS:="1"}"
nix flake update zsh-histdb --flake "$DIR/../../"
nix flake update ansible-sshjail --flake "$DIR/../../"
for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
nixos-rebuild switch --show-trace --use-remote-sudo --max-jobs "$JOBS" --flake "$DIR/../../#quark" --log-format internal-json -v "${@}" |& nom --json

117
nix/configuration/hosts/quark/default.nix
View File

@@ -1,117 +0,0 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [
./disk-config.nix
./distributed_build.nix
./hardware-configuration.nix
./power_management.nix
./wifi.nix
];
config = {
# Generate with `head -c4 /dev/urandom | od -A none -t x4`
networking.hostId = "47ee7d7c";
networking.hostName = "quark"; # Define your hostname.
time.timeZone = "America/New_York";
i18n.defaultLocale = "en_US.UTF-8";
me.secureBoot.enable = true;
me.optimizations = {
enable = true;
arch = "znver5";
system_features = [
"gccarch-znver4"
"gccarch-znver5"
"gccarch-skylake"
# "gccarch-alderlake" missing WAITPKG
"gccarch-x86-64-v3"
"gccarch-x86-64-v4"
"benchmark"
"big-parallel"
"kvm"
"nixos-test"
];
};
# Early KMS
boot.initrd.kernelModules = [ "amdgpu" ];
# Mount tmpfs at /tmp
boot.tmp.useTmpfs = true;
# Enable TRIM
# services.fstrim.enable = lib.mkDefault true;
# RPCS3 has difficulty with znver5
me.rpcs3.config.Core."Use LLVM CPU" = "znver4";
me.alacritty.enable = true;
me.amd_s2idle.enable = true;
me.ansible.enable = true;
me.ares.enable = true;
me.bluetooth.enable = true;
me.chromecast.enable = true;
me.chromium.enable = true;
me.d2.enable = true;
me.direnv.enable = true;
me.docker.enable = true;
me.ecc.enable = true;
me.emacs_flavor = "full";
me.firefox.enable = true;
me.flux.enable = true;
me.gcloud.enable = true;
me.git.config = ../../roles/git/files/gitconfig_home;
me.gnuplot.enable = true;
me.gpg.enable = true;
me.graphical = true;
me.graphics_card_type = "amd";
me.iso_mount.enable = true;
me.kanshi.enable = false;
me.kubernetes.enable = true;
me.latex.enable = true;
me.launch_keyboard.enable = true;
me.lvfs.enable = true;
me.media.enable = true;
me.nix_index.enable = true;
me.nix_worker.enable = true;
me.pcsx2.enable = true;
me.python.enable = true;
me.qemu.enable = true;
me.rpcs3.enable = true;
me.rust.enable = true;
me.shadps4.enable = true;
me.shikane.enable = true;
me.sops.enable = true;
me.sound.enable = true;
me.steam.enable = true;
me.steam_run_free.enable = true;
me.sway.enable = true;
me.tekton.enable = true;
me.terraform.enable = true;
me.thunderbolt.enable = true;
me.vnc_client.enable = true;
me.vscode.enable = true;
me.wasm.enable = true;
me.waybar.enable = true;
me.wireguard.activated = [
"drmario"
"wgh"
"colo"
];
me.wireguard.deactivated = [ "wgf" ];
me.zrepl.enable = true;
me.zsh.enable = true;
me.sm64ex.enable = true;
me.shipwright.enable = true;
me.ship2harkinian.enable = true;
};
}

148
nix/configuration/hosts/quark/disk-config.nix
View File

@@ -1,148 +0,0 @@
# Manual Step:
# Check if drive supports 4kn: nvme id-ns -H /dev/nvme0n1
# Format the drive to 4kn: nvme format --lbaf=1 /dev/nvme0n1
{
config,
lib,
pkgs,
...
}:
lib.mkIf (!config.me.buildingIso) {
disko.devices = {
disk = {
main = {
type = "disk";
device = "/dev/nvme0n1";
content = {
type = "gpt";
partitions = {
ESP = {
size = "1G";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [
"umask=0077"
"noatime"
"discard"
];
};
};
zfs = {
size = "100%";
content = {
type = "zfs";
pool = "zroot";
};
};
};
};
};
};
zpool = {
zroot = {
type = "zpool";
# mode = "mirror";
# Workaround: cannot import 'zroot': I/O error in disko tests
options.cachefile = "none";
options = {
ashift = "12";
compatibility = "openzfs-2.2-freebsd";
autotrim = "on";
};
rootFsOptions = {
acltype = "posixacl";
atime = "off";
relatime = "off";
xattr = "sa";
mountpoint = "none";
compression = "lz4";
canmount = "off";
utf8only = "on";
dnodesize = "auto";
normalization = "formD";
};
datasets = {
"linux/nix" = {
type = "zfs_fs";
options.mountpoint = "none";
options = {
encryption = "aes-256-gcm";
keyformat = "passphrase";
# keylocation = "file:///tmp/secret.key";
};
};
"linux/nix/root" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot/linux/nix/root@blank$' || zfs snapshot zroot/linux/nix/root@blank";
};
"linux/nix/nix" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/nix";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot/linux/nix/nix@blank$' || zfs snapshot zroot/linux/nix/nix@blank";
options = {
recordsize = "16MiB";
compression = "zstd-19";
};
};
"linux/nix/home" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/home";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot/linux/nix/home@blank$' || zfs snapshot zroot/linux/nix/home@blank";
};
"linux/nix/persist" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/persist";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot/linux/nix/persist@blank$' || zfs snapshot zroot/linux/nix/persist@blank";
};
"linux/nix/state" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/state";
postCreateHook = "zfs list -t snapshot -H -o name | grep -E '^zroot/linux/nix/state@blank$' || zfs snapshot zroot/linux/nix/state@blank";
};
};
};
};
};
# Make sure all persistent volumes are marked as neededForBoot
#
# Also mounts /home so it is mounted before the user home directories are created.
fileSystems."/persist".neededForBoot = true;
fileSystems."/state".neededForBoot = true;
fileSystems."/home".neededForBoot = true;
fileSystems."/".options = [
"noatime"
"norelatime"
];
fileSystems."/nix".options = [
"noatime"
"norelatime"
];
fileSystems."/persist".options = [
"noatime"
"norelatime"
];
fileSystems."/state".options = [
"noatime"
"norelatime"
];
fileSystems."/home".options = [
"noatime"
"norelatime"
];
# Only attempt to decrypt the main pool. Otherwise it attempts to decrypt pools that aren't even used.
boot.zfs.requestEncryptionCredentials = [ "zroot/linux/nix" ];
}

21
nix/configuration/hosts/quark/distributed_build.nix
View File

@@ -1,21 +0,0 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
config = lib.mkMerge [
{
me.distributed_build.enable = true;
me.distributed_build.machines.hydra = {
enable = true;
additional_config = {
speedFactor = 2;
};
};
}
];
}

35
nix/configuration/hosts/quark/hardware-configuration.nix
View File

@@ -1,35 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [
"nvme"
"xhci_pci"
"thunderbolt"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
# networking.useDHCP = lib.mkDefault true;
# networking.interfaces.eno1.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp58s0.useDHCP = lib.mkDefault true;
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

48
nix/configuration/hosts/quark/power_management.nix
View File

@@ -1,48 +0,0 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
environment.systemPackages = with pkgs; [
powertop
];
boot.kernelParams = [
# Enable undervolting GPU.
# "amdgpu.ppfeaturemask=0xfff7ffff"
];
systemd.tmpfiles.rules = [
# "w- /sys/devices/system/cpu/cpufreq/policy0/energy_performance_preference - - - - power"
# "w- /sys/devices/system/cpu/cpufreq/policy1/energy_performance_preference - - - - power"
# "w- /sys/devices/system/cpu/cpufreq/policy2/energy_performance_preference - - - - power"
# "w- /sys/devices/system/cpu/cpufreq/policy3/energy_performance_preference - - - - power"
# "w- /sys/devices/system/cpu/cpufreq/policy4/energy_performance_preference - - - - power"
# "w- /sys/devices/system/cpu/cpufreq/policy5/energy_performance_preference - - - - power"
# "w- /sys/devices/system/cpu/cpufreq/policy6/energy_performance_preference - - - - power"
# "w- /sys/devices/system/cpu/cpufreq/policy7/energy_performance_preference - - - - power"
# "w- /sys/devices/system/cpu/cpufreq/policy8/energy_performance_preference - - - - power"
# "w- /sys/devices/system/cpu/cpufreq/policy9/energy_performance_preference - - - - power"
# "w- /sys/devices/system/cpu/cpufreq/policy10/energy_performance_preference - - - - power"
# "w- /sys/devices/system/cpu/cpufreq/policy11/energy_performance_preference - - - - power"
# "w- /sys/devices/system/cpu/cpufreq/policy12/energy_performance_preference - - - - power"
# "w- /sys/devices/system/cpu/cpufreq/policy13/energy_performance_preference - - - - power"
# "w- /sys/devices/system/cpu/cpufreq/policy14/energy_performance_preference - - - - power"
# "w- /sys/devices/system/cpu/cpufreq/policy15/energy_performance_preference - - - - power"
];
# services.udev.packages = [
# (pkgs.writeTextFile {
# name = "amdgpu-low-power";
# text = ''
# ACTION=="add", SUBSYSTEM=="drm", DRIVERS=="amdgpu", ATTR{device/power_dpm_force_performance_level}="low"
# '';
# destination = "/etc/udev/rules.d/30-amdgpu-low-power.rules";
# })
# ];
}

16
nix/configuration/hosts/quark/wifi.nix
View File

@@ -1,16 +0,0 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
config = {
environment.loginShellInit = lib.mkIf (!config.me.buildingIso) ''
doas iw dev wlan0 set power_save off
'';
};
}

10
nix/configuration/roles/alacritty/default.nix
View File

@@ -24,11 +24,13 @@
xdg-utils # for xdg-open
];
me.install.user.talexander.file = {
".config/alacritty/alacritty.toml" = {
source = ./files/alacritty.toml;
home-manager.users.talexander =
{ pkgs, ... }:
{
home.file.".config/alacritty/alacritty.toml" = {
source = ./files/alacritty.toml;
};
};
};
})
]
);

29
nix/configuration/roles/amd_s2idle/default.nix
View File

@@ -1,29 +0,0 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
options.me = {
amd_s2idle.enable = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = "Whether we want to install amd_s2idle.";
};
};
config = lib.mkIf config.me.amd_s2idle.enable (
lib.mkMerge [
{
environment.systemPackages = with pkgs; [
amd-debug-tools
];
}
]
);
}

13
nix/configuration/roles/boot/default.nix
View File

@@ -75,14 +75,9 @@
# options root=PARTUUID=17e325bf-a378-4d1d-be6a-f6df5476f0fa
# '';
# };
environment.persistence."/persist" = lib.mkIf (!config.me.buildingIso) {
hideMounts = true;
directories = [
"/var/lib/sbctl" # Secure Boot Keys
];
};
})
(lib.mkIf (config.me.secureBoot.enable) {
environment.systemPackages = with pkgs; [
sbctl
];
@@ -91,6 +86,12 @@
enable = true;
pkiBundle = "/var/lib/sbctl";
};
environment.persistence."/persist" = lib.mkIf (!config.me.buildingIso) {
hideMounts = true;
directories = [
"/var/lib/sbctl" # Secure Boot Keys
];
};
})
];
}

16
nix/configuration/roles/chromium/default.nix
View File

@@ -22,7 +22,7 @@
{ }
(lib.mkIf config.me.graphical {
environment.systemPackages = with pkgs; [
chromium
(chromium.override { enableWideVine = true; })
];
allowedUnfree = [
"chromium"
@@ -57,18 +57,8 @@
};
};
nixpkgs.overlays = [
(final: prev: {
chromium = prev.chromium.override {
enableWideVine = true;
commandLineArgs = [
"--enable-features=VaapiVideoDecoder,VaapiIgnoreDriverChecks,Vulkan,DefaultANGLEVulkan,VulkanFromANGLE,AcceleratedVideoEncoder"
# Enabling vulkan causes video to render as white
# "--enable-features=Vulkan";
];
};
})
];
# Enabling vulkan causes video to render as white
# nixpkgs.config.chromium.commandLineArgs = "--enable-features=Vulkan";
})
]
);

29
nix/configuration/roles/d2/default.nix
View File

@@ -1,29 +0,0 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
options.me = {
d2.enable = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = "Whether we want to install d2.";
};
};
config = lib.mkIf config.me.d2.enable (
lib.mkMerge [
{
environment.systemPackages = with pkgs; [
d2
];
}
]
);
}

55
nix/configuration/roles/direnv/default.nix
View File

@@ -1,55 +0,0 @@
{
config,
lib,
pkgs,
...
}:
let
direnv_zsh_hook = pkgs.writeTextFile {
name = "direnv_zsh_hook.zsh";
text = ''
eval "$(direnv hook zsh)"
'';
};
in
{
imports = [ ];
options.me = {
direnv.enable = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = "Whether we want to install direnv.";
};
};
config = lib.mkIf config.me.direnv.enable (
lib.mkMerge [
{
environment.systemPackages = with pkgs; [
direnv
nix-direnv
];
me.zsh.includes = [ direnv_zsh_hook ];
environment.persistence."/persist" = lib.mkIf (!config.me.buildingIso) {
hideMounts = true;
users.talexander = {
directories = [
{
# List of allowed directories from `direnv allow`.
directory = ".local/share/direnv";
user = "talexander";
group = "talexander";
mode = "0755";
}
];
};
};
}
]
);
}

105
nix/configuration/roles/distributed_build/default.nix
View File

@@ -1,105 +0,0 @@
{
config,
lib,
pkgs,
...
}:
let
make_machine_config = name: {
enable = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = "Whether we want to use the ${name} machine during distributed builds.";
};
additional_config = lib.mkOption {
type = lib.types.attrs;
default = { };
example = lib.literalExpression {
speedFactor = 2;
};
description = "Additional config values for the buildMachines entry. For example, speedFactor.";
};
};
in
{
imports = [ ];
options.me = {
distributed_build.enable = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = "Whether we want to use multiple machines to perform a nixos-rebuild.";
};
distributed_build.machines.hydra = make_machine_config "hydra";
distributed_build.machines.quark = make_machine_config "quark";
};
config = lib.mkIf config.me.distributed_build.enable (
lib.mkMerge [
{
nix.distributedBuilds = true;
}
(lib.mkIf config.me.distributed_build.machines.hydra.enable {
nix.buildMachines = [
(
{
hostName = "hydra";
sshUser = "nixworker";
# sshKey = "";
# publicHostKey = "";
systems = [
"x86_64-linux"
# "aarch64-linux"
];
maxJobs = 1;
supportedFeatures = [
# "nixos-test"
"benchmark"
"big-parallel"
# "kvm"
"gccarch-x86-64-v3"
"gccarch-x86-64-v4"
"gccarch-znver4"
];
}
// config.me.distributed_build.machines.hydra.additional_config
)
];
})
(lib.mkIf config.me.distributed_build.machines.quark.enable {
nix.buildMachines = [
(
{
hostName = "quark";
sshUser = "nixworker";
sshKey = "/persist/manual/ssh/root/keys/id_ed25519";
# From: base64 -w0 /persist/ssh/ssh_host_ed25519_key.pub
publicHostKey = "c3NoLWVkMjU1MTkgQUFBQUMzTnphQzFsWkRJMU5URTVBQUFBSUx0alplYlVYTkRkU3Y1enVGbjM3eFNMZUN3S2hPKzFMdWovM2FYNFJRTEEgcm9vdEBxdWFyawo=";
systems = [
"x86_64-linux"
# "aarch64-linux"
];
maxJobs = 1;
supportedFeatures = [
# "nixos-test"
"benchmark"
"big-parallel"
# "kvm"
"gccarch-x86-64-v3"
"gccarch-x86-64-v4"
"gccarch-znver4"
"gccarch-znver5"
];
}
// config.me.distributed_build.machines.quark.additional_config
)
];
})
]
);
}

26
nix/configuration/roles/docker/default.nix
View File

@@ -56,32 +56,6 @@
# };
};
systemd.services.link-docker-creds = {
# Contains credentials so it cannot be added to the nix store
enable = true;
description = "link-docker-creds";
wantedBy = [ "multi-user.target" ];
wants = [ "multi-user.target" ];
after = [ "multi-user.target" ];
# path = with pkgs; [
# zfs
# ];
unitConfig.DefaultDependencies = "no";
serviceConfig = {
Type = "oneshot";
RemainAfterExit = "yes";
};
script = ''
if [ -e /persist/manual/docker/config.json ]; then
install --directory --owner talexander --group talexander --mode 0700 /home/talexander/.docker
ln -s /persist/manual/docker/config.json /home/talexander/.docker/config.json
fi
'';
preStop = ''
rm -f /home/talexander/.docker/config.json
'';
};
# Needed for non-rootless docker
users.users.talexander.extraGroups = [ "docker" ];
}

28
nix/configuration/roles/ecc/default.nix
View File

@@ -1,28 +0,0 @@
# Check memory errors with: ras-mc-ctl --error-count
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
options.me = {
ecc.enable = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = "Whether we want to install ecc.";
};
};
config = lib.mkIf config.me.ecc.enable (
lib.mkMerge [
{
hardware.rasdaemon.enable = true;
}
]
);
}

22
nix/configuration/roles/emacs/default.nix
View File

@@ -89,7 +89,7 @@ in
(lib.mkIf (config.me.graphical) {
nixpkgs.overlays = [
(final: prev: {
my_emacs = final.emacs-pgtk;
my_emacs = final.emacs29-pgtk;
})
];
})
@@ -113,7 +113,7 @@ in
"doc"
"info"
];
nativeBuildInputs = [ final.makeWrapper ];
buildInputs = [ final.makeWrapper ];
postBuild = ''
wrapProgram $out/bin/emacs --prefix PATH : ${
lib.makeBinPath [
@@ -121,7 +121,6 @@ in
dicts: with dicts; [
en
en-computers
# en-science # TODO: Why is en-science non-free?
]
))
final.nixd # nix language server
@@ -130,11 +129,6 @@ in
final.shellcheck
final.cmake-language-server
final.cmake # Used by cmake-language-server
final.rust-analyzer
final.prettier # Format yaml, json, and JS
final.terraform-ls
final.typescript-language-server
final.tex
]
}
'';
@@ -142,12 +136,14 @@ in
})
];
me.install.user.talexander.file = {
".config/emacs" = {
source = ./files/emacs;
recursive = true;
home-manager.users.talexander =
{ pkgs, ... }:
{
home.file.".config/emacs" = {
source = ./files/emacs;
recursive = true;
};
};
};
})
(lib.mkIf (config.me.emacs_flavor == "plainmacs") {
nixpkgs.overlays = [

25
nix/configuration/roles/emacs/files/emacs/elisp/base-extensions.el
View File

@@ -14,6 +14,17 @@
;; Other packages
(use-package emacs
:config
(setq enable-recursive-minibuffers t)
;; Filter the M-x list base on the current mode
(setq read-extended-command-predicate #'command-completion-default-include-p)
;; Enable triggering completion with the tab key.
(setq tab-always-indent 'complete)
)
(use-package dashboard
:config
(dashboard-setup-startup-hook))
@@ -40,27 +51,17 @@
;; Persist history over Emacs restarts. Vertico sorts by history position.
(use-package savehist
;; This is an emacs built-in but we're pulling the latest version
:pin gnu
:config
(savehist-mode))
(use-package which-key
:pin gnu
:diminish
:config
(which-key-mode))
(use-package windmove
;; This is an emacs built-in but we're pulling the latest version
:pin gnu
:bind
(
("S-<up>" . windmove-up)
("S-<right>" . windmove-right)
("S-<down>" . windmove-down)
("S-<left>" . windmove-left)
)
)
:config
(windmove-default-keybindings))
(setq tramp-default-method "ssh")

57
nix/configuration/roles/emacs/files/emacs/elisp/base.el
View File

@@ -24,51 +24,11 @@
(setq autoload-directory (concat user-emacs-directory (file-name-as-directory "elisp") (file-name-as-directory "autoload")))
(add-to-list 'load-path (assert-directory autoload-directory))
(use-package emacs
:ensure nil
:bind
(("C-z" . nil)
("C-x C-z" . nil)
("RET" . newline-and-indent)
)
:custom
;; Replace highlighted text if you start typing.
(delete-selection-mode 1)
(history-length 300)
;; Enable auto-revert for buffers like dired
(global-auto-revert-non-file-buffers t)
;; If the underlying file changes, reload it automatically. This is useful for moving around in git without confusing language servers.
(auto-revert-avoid-polling t)
(auto-revert-interval 5)
(auto-revert-check-vc-info t)
(global-auto-revert-mode t)
;; Disable backup files and lockfiles
(create-lockfiles nil)
(make-backup-files nil)
(backup-inhibited t)
;; Do not auto-save files
(auto-save-default nil)
(pixel-scroll-precision-mode t)
(pixel-scroll-precision-use-momentum nil)
:config
(setq enable-recursive-minibuffers t)
;; Filter the M-x list base on the current mode
(setq read-extended-command-predicate #'command-completion-default-include-p)
;; Enable triggering completion with the tab key.
(setq tab-always-indent 'complete)
)
(setq-default
;; Disable backup files and lockfiles
make-backup-files nil
auto-save-default nil
create-lockfiles nil
;; Unless otherwise specified, always install packages if they are absent.
use-package-always-ensure t
;; Point custom-file at /dev/null so emacs does not write any settings to my dotfiles.
@@ -103,9 +63,6 @@
show-trailing-whitespace t
;; Remove the line when killing it with ctrl-k
kill-whole-line t
;; Show the current project in the mode line
project-mode-line t
)
;; (setq-default fringes-outside-margins t)
@@ -120,6 +77,12 @@
;; Delete trailing whitespace before save
(add-hook 'before-save-hook 'delete-trailing-whitespace)
;; If the underlying file changes, reload it automatically. This is useful for moving around in git without confusing language servers.
(setopt auto-revert-avoid-polling t)
(setopt auto-revert-interval 5)
(setopt auto-revert-check-vc-info t)
(global-auto-revert-mode)
;;;;; Performance
;; Run garbage collect when emacs is idle
(run-with-idle-timer 5 t (lambda () (garbage-collect)))

16
nix/configuration/roles/emacs/files/emacs/elisp/lang-d2.el
View File

@@ -1,16 +0,0 @@
(defun d2-format-buffer ()
"Run prettier."
(interactive)
(run-command-on-buffer "d2" "fmt" "-")
)
(use-package d2-mode
:commands (d2-mode)
:hook (
(d2-mode . (lambda ()
;; (add-hook 'before-save-hook 'd2-format-buffer nil 'local)
))
)
)
(provide 'lang-d2)

10
nix/configuration/roles/emacs/files/emacs/elisp/lang-javascript.el
View File

@@ -1,12 +1,6 @@
(require 'common-lsp)
(require 'util-tree-sitter)
(defun js-format-buffer ()
"Run prettier."
(interactive)
(run-command-on-buffer "prettier" "--stdin-filepath" buffer-file-name)
)
(use-package json-ts-mode
:ensure nil
:pin manual
@@ -119,14 +113,10 @@
("\\.js\\'" . js-ts-mode)
)
:commands (js-ts-mode)
:custom (
(js-indent-level 2)
)
:hook (
(js-ts-mode . (lambda ()
(when-linux
(eglot-ensure)
(add-hook 'before-save-hook 'js-format-buffer nil 'local)
)
))
)

19
nix/configuration/roles/emacs/files/emacs/elisp/lang-org.el
View File

@@ -1,23 +1,16 @@
(use-package org
:ensure nil
:commands org-mode
:bind (:map org-mode-map
:bind (
("C-c l" . org-store-link)
("C-c a" . org-agenda)
("S-<up>" . org-shiftup)
("S-<right>" . org-shiftright)
("S-<down>" . org-shiftdown)
("S-<left>" . org-shiftleft)
("C--" . org-timestamp-down)
("C-=" . org-timestamp-up)
)
:hook (
(org-mode . (lambda ()
(org-indent-mode +1)
))
;; Make windmove work in Org mode:
(org-shiftup-final . windmove-up)
(org-shiftleft-final . windmove-left)
(org-shiftdown-final . windmove-down)
(org-shiftright-final . windmove-right)
))
)
:config
(require 'org-tempo)
@@ -87,8 +80,4 @@
(use-package gnuplot)
(use-package graphviz-dot-mode)
(use-package htmlize
;; For syntax highlighting when exporting to HTML.
)
(provide 'lang-org)

6
nix/configuration/roles/emacs/files/emacs/elisp/lang-rust.el
View File

@@ -46,7 +46,7 @@
(when rust-analyzer-command
;; (add-to-list 'eglot-server-programs `(rust-ts-mode . (,rust-analyzer-command)))
(add-to-list 'eglot-server-programs `(rust-ts-mode . (,rust-analyzer-command :initializationOptions (:imports (:granularity (:enforce t :group "item")
:merge (:glob :json-false)
:merge (:glob nil)
:prefix "self")
))))
)
@@ -60,8 +60,8 @@
(unless (treesit-ready-p 'rust) (treesit-install-language-grammar 'rust))
:config
;; Add keybindings for interacting with Cargo
;; (use-package cargo
;; :hook (rust-ts-mode . cargo-minor-mode))
(use-package cargo
:hook (rust-ts-mode . cargo-minor-mode))
)
(use-package toml-ts-mode

2
nix/configuration/roles/emacs/files/emacs/init.el
View File

@@ -40,6 +40,4 @@
(require 'lang-cmake)
(require 'lang-d2)
(load-directory autoload-directory)

11
nix/configuration/roles/firefox/default.nix
View File

@@ -73,9 +73,6 @@
"+AllTargets,-CSSPrefersColorScheme,-JSDateTimeUTC,-CanvasExtractionBeforeUserInputIsBlocked";
# Disable weather on new tab page
"browser.newtabpage.activity-stream.showWeather" = false;
# Disable AI stuff that wastes battery life
"browser.ml.chat.enabled" = false;
"browser.ml.enabled" = false;
};
# Check about:policies#documentation and https://mozilla.github.io/policy-templates/ for options.
policies = {
@@ -91,10 +88,10 @@
install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi";
installation_mode = "force_installed";
};
# "firefox@teleparty.com" = {
# install_url = "https://addons.mozilla.org/firefox/downloads/latest/netflix-party-is-now-teleparty/latest.xpi";
# installation_mode = "normal_installed";
# };
"firefox@teleparty.com" = {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/netflix-party-is-now-teleparty/latest.xpi";
installation_mode = "normal_installed";
};
"@ublacklist" = {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublacklist/latest.xpi";
installation_mode = "normal_installed";

29
nix/configuration/roles/flux/default.nix
View File

@@ -1,29 +0,0 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
options.me = {
flux.enable = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = "Whether we want to install flux.";
};
};
config = lib.mkIf config.me.flux.enable (
lib.mkMerge [
{
environment.systemPackages = with pkgs; [
fluxcd
];
}
]
);
}

18
nix/configuration/roles/fonts/files/fonts.conf
View File

@@ -47,17 +47,17 @@
</alias>
<!-- Screw it. Force Liberation Mono to be cascadia mono. -->
<!-- <match target="pattern"> -->
<!-- <test qual="any" name="family"><string>Liberation Mono</string></test> -->
<!-- <edit name="family" mode="assign" binding="same"><string>Cascadia Mono</string></edit> -->
<!-- </match> -->
<!-- Screw it. Force Liberation Mono to be source code pro. -->
<match target="pattern">
<test qual="any" name="family"><string>Liberation Mono</string></test>
<edit name="family" mode="assign" binding="same"><string>Cascadia Mono</string></edit>
</match>
<!-- Dejavu Sans Mono keeps coming back when I query "monospace". Doesn't happen when I'm using Souce Code Pro but does happen with cascadia... force it to cascadia -->
<!-- <match target="pattern"> -->
<!-- <test qual="any" name="family"><string>monospace</string></test> -->
<!-- <edit name="family" mode="assign" binding="same"><string>Cascadia Mono</string></edit> -->
<!-- </match> -->
<match target="pattern">
<test qual="any" name="family"><string>monospace</string></test>
<edit name="family" mode="assign" binding="same"><string>Cascadia Mono</string></edit>
</match>
<!-- Disable ligatures in monospace fonts. -->
<match target="font">

43
nix/configuration/roles/gcloud/default.nix
View File

@@ -1,43 +0,0 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
options.me = {
gcloud.enable = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = "Whether we want to install gcloud.";
};
};
config = lib.mkIf config.me.gcloud.enable (
lib.mkMerge [
{
environment.systemPackages = with pkgs; [
(google-cloud-sdk.withExtraComponents [ google-cloud-sdk.components.gke-gcloud-auth-plugin ])
];
environment.persistence."/state" = lib.mkIf (!config.me.buildingIso) {
hideMounts = true;
users.talexander = {
directories = [
{
directory = ".config/gcloud";
user = "talexander";
group = "talexander";
mode = "0700";
}
];
};
};
}
]
);
}

106
nix/configuration/roles/git/default.nix
View File

@@ -5,18 +5,6 @@
...
}:
let
git_wrapped =
package: prog:
pkgs.writeShellScriptBin "${prog}" ''
export PATH="${
lib.makeBinPath [
pkgs.meld
]
}:$PATH"
exec ${package}/bin/${prog} "''${@}"
'';
in
{
imports = [ ];
@@ -32,48 +20,66 @@ in
config = lib.mkMerge [
{
environment.systemPackages = with pkgs; [
my_git
git
];
}
(lib.mkIf (config.me.git.config != null) {
me.install.user.talexander.file = {
".gitconfig" = {
source = config.me.git.config;
home-manager.users.talexander =
{ pkgs, ... }:
{
home.file.".gitconfig" = {
source = config.me.git.config;
};
};
};
})
(lib.mkIf (config.me.graphical) {
nixpkgs.overlays = [
(final: prev: {
my_git = (
pkgs.buildEnv {
name = prev.git.name;
version = prev.git.version;
paths =
(builtins.map (git_wrapped prev.git) [
"git"
])
++ [
prev.git
];
extraOutputsToInstall = [
"man"
"doc"
"info"
];
nativeBuildInputs = [ final.makeWrapper ];
ignoreCollisions = true;
}
);
})
];
})
(lib.mkIf (!config.me.graphical) {
nixpkgs.overlays = [
(final: prev: {
my_git = prev.git;
})
];
})
# (lib.mkIf (config.me.graphical) {
# nixpkgs.overlays = [
# (final: prev: {
# git = pkgs.buildEnv {
# name = prev.git.name;
# paths = [
# prev.git
# ];
# extraOutputsToInstall = [
# "man"
# "doc"
# "info"
# ];
# buildInputs = [ final.makeWrapper ];
# postBuild = ''
# wrapProgram $out/bin/git --prefix PATH : ${
# lib.makeBinPath [
# final.meld
# ]
# }
# '';
# };
# })
# ];
# })
# (lib.mkIf (!config.me.graphical) {
# nixpkgs.overlays = [
# (final: prev: {
# git = pkgs.buildEnv {
# name = prev.git.name;
# paths = [
# prev.git
# ];
# extraOutputsToInstall = [
# "man"
# "doc"
# "info"
# ];
# buildInputs = [ final.makeWrapper ];
# postBuild = ''
# wrapProgram $out/bin/git --prefix PATH : ${
# lib.makeBinPath [
# ]
# }
# '';
# };
# })
# ];
# })
];
}

28
nix/configuration/roles/git/files/gitconfig_home
View File

@@ -3,53 +3,33 @@
name = Tom Alexander
signingkey = D3A179C9A53C0EDE
[push]
default = simple # (default since 2.0)
default = simple
[alias]
lg = log --color --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit
bh = log --oneline --branches=* --remotes=* --graph --decorate
amend = commit --amend --no-edit
authorcount = shortlog --summary --numbered --all --no-merges
[core]
excludesfile = ~/.gitignore_global
[commit]
gpgsign = true
verbose = true
[pull]
rebase = true
[log]
date = local
[init]
defaultBranch = main
# Use meld for `git difftool` and `git mergetool`
[diff]
tool = meld # Use meld for `git difftool` and `git mergetool`
algorithm = histogram
colorMoved = plain
mnemonicPrefix = true
renames = true
tool = meld
[difftool]
prompt = false
[difftool "meld"]
cmd = meld "$LOCAL" "$REMOTE"
[merge]
tool = meld
conflictStyle = zdiff3
[mergetool "meld"]
# Make the middle pane start with partially-merged contents:
cmd = meld "$LOCAL" "$MERGED" "$REMOTE" --output "$MERGED"
# Make the middle pane start without any merge progress:
# cmd = meld "$LOCAL" "$BASE" "$REMOTE" --output "$MERGED"
[column]
ui = auto
[branch]
sort = -committerdate
[tag]
sort = version:refname
[fetch]
prune = true
pruneTags = true
all = true
[rebase]
autoSquash = true
autoStash = true
# updateRefs was annoying when you want to split a branch in two by rebasing away from commits from one branch and rebasing away some commits from another branch.
updateRefs = false

4
nix/configuration/roles/global_options/default.nix
View File

@@ -8,6 +8,10 @@
{
imports = [ ];
options.me = {
};
# options.me.graphics_card_type = lib.mkOption {
# type = lib.types.nullOr (
# lib.types.enum [

29
nix/configuration/roles/gnuplot/default.nix
View File

@@ -1,29 +0,0 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
options.me = {
gnuplot.enable = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = "Whether we want to install gnuplot.";
};
};
config = lib.mkIf config.me.gnuplot.enable (
lib.mkMerge [
{
environment.systemPackages = with pkgs; [
gnuplot
];
}
]
);
}

11
nix/configuration/roles/gpg/default.nix
View File

@@ -57,11 +57,14 @@ in
# disable-ccid = true;
# };
me.install.user.talexander.file = {
".gnupg/scdaemon.conf" = {
source = ./files/scdaemon.conf;
# .gnupg/scdaemon.conf
home-manager.users.talexander =
{ pkgs, ... }:
{
home.file.".gnupg/scdaemon.conf" = {
source = ./files/scdaemon.conf;
};
};
};
# programs.gnupg.dirmngr.enable = true;
programs.gnupg.agent = {

20
nix/configuration/roles/graphics/default.nix
View File

@@ -37,26 +37,6 @@
xorg.xeyes # to test which windows are using x11
];
hardware.graphics.enable = true;
# hardware.graphics.enable32Bit = true;
# Vulkan Support (64-bit is enabled by default, 32-bit is disabled by default)
# hardware.opengl.driSupport = true; # This is already enabled by default
# hardware.opengl.driSupport32Bit = true; # For 32 bit applications
})
(lib.mkIf (config.me.graphics_card_type == "amd") {
environment.systemPackages = with pkgs; [
nvtopPackages.amd
];
})
(lib.mkIf (config.me.graphics_card_type == "intel") {
environment.systemPackages = with pkgs; [
nvtopPackages.intel
];
})
(lib.mkIf (config.me.graphics_card_type == "nvidia") {
environment.systemPackages = with pkgs; [
nvtopPackages.nvidia
];
})
]
);

49
nix/configuration/roles/hydra/default.nix
View File

@@ -1,49 +0,0 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
options.me = {
hydra.enable = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = "Whether we want to install hydra.";
};
};
config = lib.mkIf config.me.hydra.enable (
lib.mkMerge [
{
services.hydra = {
enable = true;
hydraURL = "http://localhost:3000"; # Externally visible URL
notificationSender = "hydra@localhost"; # "From" address for hydra emails.
# a standalone Hydra will require you to unset the buildMachinesFiles list to avoid using a nonexistant /etc/nix/machines
buildMachinesFiles = [ ];
useSubstitutes = true;
};
# nix.buildMachines = [
# {
# hostName = "localhost";
# protocol = null;
# system = "x86_64-linux";
# supportedFeatures = [
# "kvm"
# "nixos-test"
# "big-parallel"
# "benchmark"
# ];
# maxJobs = 8;
# }
# ];
}
]
);
}

45
nix/configuration/roles/iso_mount/default.nix
View File

@@ -1,45 +0,0 @@
{
config,
lib,
pkgs,
...
}:
let
iso_mount =
(pkgs.writeScriptBin "iso_mount" (builtins.readFile ./files/iso_mount.bash)).overrideAttrs
(old: {
buildCommand = "${old.buildCommand}\n patchShebangs $out";
});
iso_unmount =
(pkgs.writeScriptBin "iso_unmount" (builtins.readFile ./files/iso_unmount.bash)).overrideAttrs
(old: {
buildCommand = "${old.buildCommand}\n patchShebangs $out";
});
in
{
imports = [ ];
options.me = {
iso_mount.enable = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = "Whether we want to install iso_mount.";
};
};
config = lib.mkIf config.me.iso_mount.enable (
lib.mkMerge [
{
environment.systemPackages = [
iso_mount
iso_unmount
];
}
]
);
}

8
nix/configuration/roles/iso_mount/files/iso_mount.bash
View File

@@ -1,8 +0,0 @@
#!/usr/bin/env bash
#
# Mount a full-disk image as a loopback device so you can mount individual partitions from inside of it.
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
exec udisksctl loop-setup -r -f "${@}"

8
nix/configuration/roles/iso_mount/files/iso_unmount.bash
View File

@@ -1,8 +0,0 @@
#!/usr/bin/env bash
#
# Mount a full-disk image as a loopback device so you can mount individual partitions from inside of it.
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
exec udisksctl loop-delete "${@}"

12
nix/configuration/roles/kanshi/default.nix
View File

@@ -41,11 +41,15 @@ in
exec_kanshi
];
me.install.user.talexander.file = {
".config/kanshi/config" = {
source = ./files/config_kanshi;
home-manager.users.talexander =
{ pkgs, ... }:
{
home.file = {
".config/kanshi/config" = {
source = ./files/config_kanshi;
};
};
};
};
})
]
);

18
nix/configuration/roles/kodi/default.nix
View File

@@ -78,13 +78,21 @@
};
};
# home.file.".kodi/userdata/mediasources.xml".source = ./files/mediasources.xml;
home-manager.users.kodi =
{ pkgs, ... }:
{
# home.file.".kodi/userdata/mediasources.xml".source = ./files/mediasources.xml;
# home.file.".kodi/userdata/addon_data/peripheral.joystick/resources/buttonmaps/xml/linux/DualSense_Wireless_Controller_13b_8a.xml".source =
# ./files/DualSense_Wireless_Controller_13b_8a.xml;
# home.file.".kodi/userdata/addon_data/peripheral.joystick/resources/buttonmaps/xml/linux/DualSense_Wireless_Controller_13b_8a.xml".source =
# ./files/DualSense_Wireless_Controller_13b_8a.xml;
# TODO: Maybe .kodi/userdata/sources.xml
# TODO: ./userdata/guisettings.xml:303: <setting id="filecache.memorysize">128</setting>
# TODO: Maybe .kodi/userdata/sources.xml
# TODO: ./userdata/guisettings.xml:303: <setting id="filecache.memorysize">128</setting>
# The state version is required and should stay at the version you
# originally installed.
home.stateVersion = "24.11";
};
})
]
);

17
nix/configuration/roles/kubernetes/default.nix
View File

@@ -28,21 +28,6 @@ let
alias_klog = pkgs.writeShellScriptBin "klog" ''
exec ${pkgs.kubectl}/bin/kubectl logs --all-containers "$@"
'';
decrypt_k8s_secret =
(pkgs.writeScriptBin "decrypt_k8s_secret" (builtins.readFile ./files/decrypt_k8s_secret.bash))
.overrideAttrs
(old: {
buildCommand = "${old.buildCommand}\n patchShebangs $out";
nativeBuildInputs = [ pkgs.makeWrapper ];
postBuild = ''
wrapProgram $out/bin/decrypt_k8s_secret --prefix PATH : ${
lib.makeBinPath [
pkgs.kubectl
pkgs.jq
]
}
'';
});
in
{
imports = [ ];
@@ -70,8 +55,6 @@ in
alias_kdel
alias_kd
alias_klog
decrypt_k8s_secret
ingress2gateway # Convert ingress yaml to gateway yaml
];
environment.persistence."/persist" = lib.mkIf (!config.me.buildingIso) {

7
nix/configuration/roles/kubernetes/files/decrypt_k8s_secret.bash
View File

@@ -1,7 +0,0 @@
#!/usr/bin/env bash
#
set -euo pipefail
IFS=$'\n\t'
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
kubectl get secret -o json "${@}" | jq '.data[] |= @base64d | .data'

45
nix/configuration/roles/latex/default.nix
View File

@@ -5,6 +5,22 @@
...
}:
let
tex = (
pkgs.texlive.combine {
inherit (pkgs.texlive)
scheme-basic
dvisvgm
dvipng # for preview and export as html in org-mode
wrapfig
amsmath
ulem
hyperref
capt-of
;
}
);
in
{
imports = [ ];
@@ -24,35 +40,6 @@
tex
];
}
{
nixpkgs.overlays = [
(final: prev: {
tex = (
pkgs.texlive.combine {
inherit (pkgs.texlive)
scheme-basic
dvisvgm
dvipng # for preview and export as html in org-mode
wrapfig
amsmath
ulem
hyperref
capt-of
svg # emacs org-mode pdf export
catchfile # emacs org-mode pdf export
xcolor # emacs org-mode pdf export
transparent # emacs org-mode pdf export
pgf # emacs org-mode pdf export
minted # emacs org-mode pdf export code block highlighting
upquote # emacs org-mode pdf export
lineno # emacs org-mode pdf export
;
}
);
})
];
}
]
);
}

1
nix/configuration/roles/lvfs/default.nix
View File

@@ -20,7 +20,6 @@
config = lib.mkIf config.me.lvfs.enable (
lib.mkMerge [
{
# TODO: Is this installing firmware or just downloading it?
services.fwupd.enable = true;
environment.persistence."/persist" = lib.mkIf (!config.me.buildingIso) {
hideMounts = true;

33
nix/configuration/roles/media/default.nix
View File

@@ -17,8 +17,6 @@ let
buildCommand = "${old.buildCommand}\n patchShebangs $out";
});
kernel_version_check = lib.versionAtLeast config.boot.kernelPackages.kernel.version "6.12";
nixos_version_check = lib.versionAtLeast (lib.versions.majorMinor lib.version) "25.05";
in
{
imports = [ ];
@@ -28,7 +26,7 @@ in
type = lib.types.bool;
default = false;
example = true;
description = "Whether we want to install media utilities.";
description = "Whether we want to install media.";
};
};
@@ -37,10 +35,6 @@ in
{
environment.systemPackages = with pkgs; [
ffmpeg
libva-utils # for vainfo
vdpauinfo
mkvtoolnix-cli # for mkvmerge
yt-dlp
];
}
(lib.mkIf config.me.graphical {
@@ -52,32 +46,19 @@ in
imv
];
me.install.user.talexander.file = {
".config/mpv/mpv.conf" = {
source = ./files/mpv.conf;
home-manager.users.talexander =
{ pkgs, ... }:
{
home.file.".config/mpv/mpv.conf" = {
source = ./files/mpv.conf;
};
};
};
})
(lib.mkIf (config.me.graphics_card_type == "amd" || config.me.graphics_card_type == "intel") {
environment.systemPackages = with pkgs; [
cast_file_vaapi
];
})
(lib.mkIf (config.me.graphics_card_type == "amd") {
environment.sessionVariables = {
VDPAU_DRIVER = "radeonsi";
};
})
(lib.mkIf (config.me.graphics_card_type == "intel") {
hardware.graphics.extraPackages = with pkgs; [
intel-media-driver
libvdpau-va-gl # Support vdpau applications using va-api
];
environment.sessionVariables = {
VDPAU_DRIVER = "va_gl";
};
})
]
);
}

53
nix/configuration/roles/media/files/cast_file_vaapi
View File

@@ -6,7 +6,6 @@ DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
: ${VIDEO_BITRATE:="1M"} # Only for encoding modes targeting bitrate
: ${AUDIO_BITRATE:="192k"}
: ${SPEED:="1"}
############## Setup #########################
@@ -63,8 +62,6 @@ function copy {
"rtsp://$USERNAME:$PASSWORD@172.16.16.251:8554/fetch"
}
# benchmark vulkan decode:
# ffmpeg -init_hw_device "vulkan=vk:0" -hwaccel vulkan -hwaccel_output_format vulkan -i INPUT -f null - -benchmark
function convert {
local args=()
local acceleration_type="$1" # "software" or "hardware"
@@ -102,23 +99,11 @@ function convert {
if [ "$acceleration_type" == "software" ]; then
true
elif [ "$acceleration_type" == "hardware" ]; then
if [ "$codec" == "h264" ]; then
args+=(-init_hw_device vulkan)
elif [ "$codec" == "av1" ]; then
args+=(-vaapi_device /dev/dri/renderD128)
fi
args+=(-vaapi_device /dev/dri/renderD128)
fi
args+=(-i "$file_to_cast")
if [ "$SPEED" != "1" ]; then
local audio_speed video_speed
video_speed=$(bc -l <<< "1/${SPEED}")
audio_speed=$(bc -l <<< "${SPEED}/1")
args+=(-filter:v "setpts=${video_speed}*PTS")
args+=(-filter:a "atempo=${audio_speed}")
fi
if [ "$codec" == "h264" ]; then
if [ "$acceleration_type" == "software" ]; then
args+=(-c:v h264)
@@ -126,7 +111,7 @@ function convert {
args+=(-b:v "$VIDEO_BITRATE")
elif [ "$acceleration_type" == "hardware" ]; then
args+=(-vf 'format=nv12|vaapi,hwupload')
args+=(-c:v h264_vulkan)
args+=(-c:v h264_vaapi)
args+=(-profile:v high)
args+=(-b:v "$VIDEO_BITRATE")
fi
@@ -134,14 +119,12 @@ function convert {
if [ "$acceleration_type" == "software" ]; then
args+=(-c:v libsvtav1)
args+=(-preset 4) # [0-13] default 10, lower = higher quality / slower encode
# args+=(-crf 20) # [0-63] default 35, lower = higher quality / larger file
args+=(-crf 20) # [0-63] default 35, lower = higher quality / larger file
# Parameters: https://gitlab.com/AOMediaCodec/SVT-AV1/-/blob/master/Docs/Parameters.md
# fast-decode [0-2] default 0 (off), higher = faster decode
# tune [0-2] default 1, Specifies whether to use PSNR or VQ as the tuning metric [0 = VQ, 1 = PSNR, 2 = SSIM]
# film-grain-denoise, setting to 0 uses the original frames instead of denoising the film grain
# rc 1 = vbr 2 = cbr
# tbr = average bitrate
args+=(-svtav1-params "fast-decode=1:film-grain-denoise=0:tbr=${VIDEO_BITRATE}:rc=1:passes=2")
args+=(-svtav1-params "fast-decode=1:film-grain-denoise=0")
elif [ "$acceleration_type" == "hardware" ]; then
# -c:v av1_amf -quality quality
args+=(-vf 'format=nv12|vaapi,hwupload')
@@ -223,4 +206,32 @@ function encode_webcam {
"rtsp://$USERNAME:$PASSWORD@172.16.16.251:8554/fetch"
}
function speed_up_preprocess_vp8 {
local file_to_cast file_to_save
file_to_cast="$1"
file_to_save="$2"
set -x
# -bf 0 :: Disable b-frames because webrtc doesn't support h264 streams with b-frames.
# -strict -2 :: Enable support for experimental codecs like opus.
# -b:v 2M :: Target 2 megabit/s
# -crf 10 :: Target a quality level and adjust bitrate accordingly. This should be preferred, but ideally both should be used.
# Could also use -filter_complex "[0:v]setpts=0.5*PTS[v];[0:a]atempo=2.0[a]" -map "[v]" -map "[a]"
</dev/null exec ffmpeg \
-i "$file_to_cast" \
-filter:v "setpts=0.66666666*PTS" \
-filter:a "atempo=1.5" \
-c:v vp8 \
-b:v 2M \
-crf 10 \
-bf 0 \
-c:a opus \
-b:a 320k \
-ar 48000 \
-strict -2 \
"$file_to_save"
}
main "${@}"

14
nix/configuration/roles/memtest86/default.nix
View File

@@ -8,14 +8,10 @@
{
imports = [ ];
config = lib.mkMerge [
{
environment.systemPackages = with pkgs; [
memtest86plus
];
}
# (lib.mkIf (config.me.buildingIso) {
# boot.loader.systemd-boot.memtest86.enable = true;
# boot.loader.grub.memtest86.enable = true;
# })
{ }
(lib.mkIf (config.me.buildingIso) {
# boot.loader.systemd-boot.memtest86.enable = true;
boot.loader.grub.memtest86.enable = true;
})
];
}

45
nix/configuration/roles/network/default.nix
View File

@@ -2,7 +2,6 @@
config,
lib,
pkgs,
pkgs-dda3dcd3f,
...
}:
@@ -19,8 +18,8 @@
{
imports = [ ];
networking.dhcpcd.enable = lib.mkDefault false;
networking.useDHCP = lib.mkDefault false;
networking.dhcpcd.enable = false;
networking.useDHCP = false;
networking.nameservers = [
"194.242.2.2#doh.mullvad.net"
"2a07:e340::2#doh.mullvad.net"
@@ -33,17 +32,15 @@
dnsovertls = "true";
};
# Without this, systemd-resolved will send DNS requests for <X>.home.arpa to the per-link DNS server (172.16.0.1) which does not support DNS-over-TLS. This leads to the connection hanging and timing out. This causes firefox startup to take an extra 10+ seconds.
# Without this, systemd-resolved will send DNS requests for <X>.home.arpa to the per-link DNS server (172.16.0.1) which does not support DNS-over-TLS. This leads to the connection anging and timing out. This causes firefox startup to take an extra 10+ seconds.
#
# Test with: drill @127.0.0.53 odo.home.arpa
# TODO: The 127.0.0.1 address should probably be moved to a host-specific file.
networking.extraHosts = ''
127.0.0.1 ${config.networking.hostName}.home.arpa
127.0.0.1 odo.home.arpa
10.216.1.1 homeserver
10.216.1.6 media
10.216.1.12 odo
#10.216.1.12 odo
10.216.1.14 neelix
10.216.1.15 quark
10.217.1.1 drmario
10.217.2.1 mrmanager
'';
@@ -64,42 +61,10 @@
iwd
ldns # for drill
arp-scan # To find devices on the network
wavemon
dhcpcd # For Android USB tethering.
];
boot.extraModprobeConfig = ''
# Set wifi to US
options cfg80211 ieee80211_regdom=US
'';
boot.kernel.sysctl = {
# Enable TCP packetization-layer PMTUD when an ICMP black hole is detected.
"net.ipv4.tcp_mtu_probing" = 1;
# Switch to bbr tcp congestion control which should be better on lossy connections like bad wifi.
# We set this in the kernel config, but include this here for unoptimized builds.
"net.ipv4.tcp_congestion_control" = "bbr";
# Don't do a slow start after a connection has been idle for a single RTO.
"net.ipv4.tcp_slow_start_after_idle" = 0;
# 3x time to accumulate filesystem changes before flushing to disk.
"vm.dirty_writeback_centisecs" = 1500;
# Adjust ttl
"net.ipv4.ip_default_ttl" = 65;
"net.ipv6.conf.all.hop_limit" = 65;
"net.ipv6.conf.default.hop_limit" = 65;
# Enable IPv6 Privacy Extensions
"net.ipv6.conf.all.use_tempaddr" = 2;
# Enable IPv6 Privacy Extensions
# This is enabled by default in nixos.
# "net.ipv6.conf.default.use_tempaddr" = 2;
};
# nixpkgs.overlays = [
# (final: prev: {
# inherit (pkgs-dda3dcd3f)
# linux-firmware
# ;
# })
# ];
}

57
nix/configuration/roles/nix_worker/default.nix
View File

@@ -1,57 +0,0 @@
# MANUAL: Remember to set up root's ssh config with any necessary values. For example:
# Host foo
# HostName ns1.fizz.buzz
# Port 65122
# User nixworker
# IdentitiesOnly yes
# IdentityFile /persist/manual/ssh/root/keys/id_ed25519
# Host *
# Compression yes
{
config,
lib,
pkgs,
...
}:
{
imports = [ ];
options.me = {
nix_worker.enable = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = "Whether this machine should be set up to function as a nix.buildMachines. This does not configure nix.buildMachines, but only does the necessary setup to get the machine ready/capable of being a nix.buildMachines.";
};
};
config = lib.mkIf config.me.nix_worker.enable (
lib.mkMerge [
{
nix.settings.trusted-users = [ "nixworker" ];
users.users.nixworker = {
isNormalUser = true;
createHome = true; # https://github.com/NixOS/nixpkgs/issues/6481
group = "nixworker";
# extraGroups = [ "wheel" ];
# Generate with `mkpasswd -m scrypt`
hashedPassword = "$7$CU..../....VXvNQ8za3wSGpdzGXNT50/$HcFtn/yvwPMCw4888BelpiAPLAxe/zU87fD.d/N6U48";
openssh.authorizedKeys.keys = [
# Normal keys:
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGu+k5lrirokdW5zVdRVBOqEOAvAPlIkG/MdJNc9g5ky"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIEI6mu6I5Jp+Ib0vJxapGHbEShZjyvzV8jz5DnzDrI39AAAABHNzaDo="
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIAFNcSXwvy+brYTOGo56G93Ptuq2MmZsjvRWAfMqbmMLAAAABHNzaDo="
# Key for nix to connect:
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB/IlYTQ0M5pFN5tdoswh37CDl/gbULI3h+SsKXCansh talexander@odo"
];
};
users.groups.nixworker = { };
}
]
);
}

175
nix/configuration/roles/optimized_build/default.nix
View File

@@ -1,175 +0,0 @@
{
config,
lib,
pkgs,
pkgs-unoptimized,
...
}:
{
imports = [ ];
options.me = {
optimizations.enable = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = "Whether we want to enable CPU optimizations (will trigger a rebuild from source).";
};
optimizations.arch = lib.mkOption {
type = lib.types.str;
default = null;
example = "znver4";
description = "The CPU arch for which programs should be optimized.";
};
optimizations.system_features = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ ];
example = [
"gccarch-znver4"
"gccarch-znver5"
"gccarch-skylake"
# "gccarch-alderlake" missing WAITPKG
"gccarch-x86-64-v3"
"gccarch-x86-64-v4"
"benchmark"
"big-parallel"
"kvm"
"nixos-test"
];
description = "The list of CPU features that should be enabled on this machine.";
};
};
config = lib.mkMerge [
(lib.mkIf (!config.me.optimizations.enable) (
lib.mkMerge [
{
boot.kernelPackages = pkgs.linuxPackagesFor pkgs.linux_6_16;
}
]
))
(lib.mkIf config.me.optimizations.enable (
lib.mkMerge [
{
boot.kernelPackages = pkgs.linuxPackagesFor pkgs.linux_me;
nixpkgs.hostPlatform = {
gcc.arch = config.me.optimizations.arch;
gcc.tune = config.me.optimizations.arch;
system = "x86_64-linux";
};
# Uncomment on of these to enable cross compiling:
# nixpkgs.buildPlatform = builtins.currentSystem;
# nixpkgs.buildPlatform = {
# gcc.arch = "znver4";
# gcc.tune = "znver4";
# system = "x86_64-linux";
# };
nixpkgs.overlays = [
(
final: prev:
let
addConfig =
additionalConfig: pkg:
pkg.override (oldconfig: {
structuredExtraConfig = pkg.structuredExtraConfig // additionalConfig;
});
in
{
linux_me = addConfig {
# Full preemption
PREEMPT = lib.mkOverride 60 lib.kernel.yes;
PREEMPT_VOLUNTARY = lib.mkOverride 60 lib.kernel.no;
# Google's BBRv3 TCP congestion Control
TCP_CONG_BBR = lib.kernel.yes;
DEFAULT_BBR = lib.kernel.yes;
# Preemptive Full Tickless Kernel at 300Hz
HZ = lib.kernel.freeform "300";
HZ_300 = lib.kernel.yes;
HZ_1000 = lib.kernel.no;
} prev.linux_6_16;
}
)
(final: prev: {
haskellPackages = prev.haskellPackages.extend (
final': prev': {
inherit (pkgs-unoptimized.haskellPackages)
crypto-token
crypton
crypton-connection
crypton-x509
crypton-x509-store
crypton-x509-system
crypton-x509-validation
hspec-wai
http-client-tls
http2
pandoc
pandoc-cli
pandoc-lua-engine
pandoc-server
servant-server
tls
tls-session-manager
wai-app-static
wai-extra
warp
warp-tls
;
}
);
})
# (final: prev: {
# python = prev.python.override {
# packageOverrides = python-final: python-prev: {
# inherit (pkgs-unoptimized.pythonPackages) coverage;
# };
# };
# })
# (final: prev: {
# pythonPackagesOverlays = prev.pythonPackagesOverlays.extend (
# final': prev': {
# inherit (pkgs-unoptimized.pythonPackagesOverlays)
# coverage
# ;
# }
# );
# })
# (final: prev: {
# pythonPackagesExtensions = prev.pythonPackagesExtensions ++ [
# (python-final: python-prev: {
# inherit (pkgs-unoptimized.pythonPackages) coverage;
# })
# ];
# })
(final: prev: {
inherit (pkgs-unoptimized)
gsl
redis
valkey
nix-serve-ng
rapidjson
assimp
;
})
];
}
]
))
(lib.mkIf (config.me.optimizations.system_features != [ ]) (
lib.mkMerge [
{
nix.settings.system-features = lib.mkForce config.me.optimizations.system_features;
}
]
))
];
}

Some files were not shown because too many files have changed in this diff Show More