kookie
/
nomicon
1
0
Fork 0
Code Issues Projects Releases 1 Activity
My personal project and infrastructure archive
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
314496 Commits
7 Branches
1 Tag
1.4 GiB
 
 
 
 
 
 
Tag: Branch: Tree: 3a52c7017b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '3a52c7017b'
${ noResults }
nomicon/infra/libkookie/roots/tempest.nix

188 lines
5.4 KiB
Raw Blame History

/* TOP LEVEL DEVICE CONFIGURATION FOR
*
* tempest (AMD workstation)
*
*
* This file is part of LIBKOOKIE, a collection of nix expressions.
* LIBKOOKIE is licensed under the GPL-3.0 (or later) -- see LICENSE
*/
{ lib, config, pkgs, ... } @ args:
let klib = (import <modules/harness/lib.nix>) args;
in
{
###################################################################
# libkookie configuration
#
#
#
imports = with klib; [
# Load base modules required to bootstrap libkookie
<home-manager/nixos> <modules> <configuration/nix>
#################################################################
# Modules that require NixOS integration
#
<configuration/workstation/fonts>
<configuration/workstation/printing>
<configuration/workstation/xkblayout>
<configuration/workstation/yubikey>
<configuration/workstation/gpg>
# TODO: build a beter loader
<configuration/workstation/net/tempest.nix>
<configuration/workstation/time/local.nix>
# TODO: not just for servers
<configuration/server/docker>
#################################################################
# home-manager modules that exist entirely in userspace
#
(loadModule <configuration/base> "default")
# Set of base tools and system settings
(loadModule <configuration/workstation/audio> "default")
(loadModule <configuration/workstation/firefox> "default")
(loadModule <configuration/workstation/i3> "tempest")
(loadModule <configuration/workstation/ispell> "default")
(loadModule <configuration/workstation/kitty> "default")
(loadModule <configuration/workstation/mail> "default")
(loadModule <configuration/workstation/office> "default")
(loadModule <configuration/workstation/redshift> "default")
(loadModule <configuration/workstation/devel> "default")
(loadModule <configuration/workstation/syncthing> "default")
# Various other graphical tools
(loadModule <configuration/workstation/chat> "default")
(loadModule <configuration/workstation/creative> "default")
(loadModule <configuration/workstation/games> "default")
(loadModule <configuration/workstation/gtk> "default")
(loadModule <configuration/workstation/music> "default")
(loadModule <configuration/workstation/pass> "default")
(loadModule <configuration/workstation/zoom> "default")
];
# Configure i3 with the amdgpu driver
libkookie.ui.i3 = { enable = true; videoDrivers = [ "amdgpu" ]; };
# Configure audio
libkookie.audio = { enable = true; discovery = true; jack = true; };
# Enable fish shell handling on the system
libkookie.base.fish.enable = true;
# Configure mail handling
libkookie.workstation.mail = {
enable = true;
configPath = ../ext/mail;
mailArchive = "/home/Office/mail";
access = { user = "spacekookie"; group = "spacekookie"; };
};
# Enable desired users
libkookie.activeUsers = [ (klib.load <configuration/users/spacekookie>) ];
#
#
#
#
###################################################################
###################################################################
# NixOS base system options
#
#
#
# Use the GRUB 2 boot loader.
boot.loader.grub = {
enable = true;
device = "/dev/disk/by-id/nvme-Samsung_SSD_970_EVO_Plus_2TB_S4J4NG0M920511P";
enableCryptodisk = true;
zfsSupport = true;
version = 2;
};
hardware.cpu.amd.updateMicrocode = true;
hardware.enableRedistributableFirmware = true;
boot.initrd.availableKernelModules =
[ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" "nvme" "nvme_core" ];
boot.initrd.kernelModules = [ "dm-snapshot" ];
boot.kernelModules = [ "kvm-amd" ];
boot.kernelPackages = with pkgs; linuxPackagesFor manjaro-kernel;
boot.kernelParams = [
"boot.debug1devices"
"pstore_blk.blkdev=/dev/sdc1"
"best_effort=y"
];
boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];
services.zfs.autoSnapshot.enable = true;
fileSystems."/" = {
device = "zroot";
fsType = "zfs";
encrypted = {
enable = true;
label = "lvm";
blkDev = "/dev/disk/by-uuid/e01e1473-ea51-4ec7-a5a9-44d673396644";
};
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/0583b1a0-88c1-4e1c-855e-2df948272cbf";
options = [ "defaults" "discard" ];
fsType = "ext4";
};
swapDevices = [];
nix.maxJobs = 16;
# networking.firewall.allowedTCPPorts = [ 9000 ]; ?????
networking.useDHCP = false;
#networking.interfaces.enp8s0.useDHCP = true;
networking.interfaces.eth0.useDHCP = true;
networking.hosts = {
"10.7.1.3" = [ "music.kookiejar.tech" "media.kookiejar.tech" "cloud.kookiejar.tech" ];
};
# Select internationalisation properties.
i18n.defaultLocale = "en_GB.UTF-8";
# Set your time zone.
time.timeZone = "Europe/Berlin";
programs.mtr.enable = true;
programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
services.openssh.enable = true;
#
#
#
#
###################################################################
# This setting is not really relevant on this desktop machine, so
# just update it when new stable NixOS releases are branched off
system.stateVersion = "20.09";
# Set a static password for this user
users.users.spacekookie.hashedPassword = "$6$rounds=1000000$IncTbazL/YhUV5$brzwb3Xa0cmmazpxJGPPo93wfs6jAomL1NYJ7Amw3WSyTjXGXGbedIMmm06nkeCnJfJzoZ.Jd47q88ot3USZi/";
}