From e62f947ab16072bacdbd3ff0d2cd3b56b7e0a044 Mon Sep 17 00:00:00 2001 From: Kjetil Orbekk Date: Sat, 24 Oct 2020 18:16:55 -0400 Subject: Add firelink config --- machines/firelink.nix | 163 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 163 insertions(+) create mode 100644 machines/firelink.nix (limited to 'machines/firelink.nix') diff --git a/machines/firelink.nix b/machines/firelink.nix new file mode 100644 index 0000000..ac588e1 --- /dev/null +++ b/machines/firelink.nix @@ -0,0 +1,163 @@ +{ config, pkgs, lib, ... }: + +let + nixpkgs-unstable = import {}; +in +{ + imports = [ + ../config/gaming.nix + ../config/ap.nix + ../config/common.nix + ../config/desktop.nix + ../config/yubikey.nix + ]; + + programs.bcc.enable = true; + + systemd.extraConfig = "DefaultLimitNOFILE=1048576"; + + security.pam.loginLimits = [{ + domain = "*"; + type = "hard"; + item = "nofile"; + value = "1048576"; + }]; + + virtualisation.libvirtd.enable = true; + + # Streaming test + # services.nginx.enable = true; + # services.nginx.appendConfig = '' + # rtmp { + # server { + # listen 1935; + # chunk_size 4096; + # application live { + # live on; + # record off; + # } + # } + # } + # ''; + + systemd.services.duckdns = { + description = "Update orbekk.duckdns.org"; + path = [ pkgs.curl ]; + after = [ "network.target" ]; + script = let token = (import ../duckdns-token.nix).token; in '' + curl "https://www.duckdns.org/update?domains=orbekk&token=${token}&ip=" + ''; + }; + systemd.timers.duckdns = { + wantedBy = [ "timers.target" ]; + timerConfig = { + OnBootSec = "1m"; + OnUnitInactiveSec = "10m"; + }; + }; + + services.blueman.enable = true; + + hardware.steam-hardware.enable = true; + services.xserver.videoDrivers = [ "amdgpu" ]; + services.xserver.resolutions = [{x=2560; y=1440;}]; + + hardware.cpu.amd.updateMicrocode = true; + hardware.enableAllFirmware = true; + hardware.enableRedistributableFirmware = true; + + console.font = "ter-i32b"; + console.packages = [ pkgs.terminus_font ]; + console.earlySetup = true; + + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + boot.loader.grub.device = "nodev"; + boot.loader.grub.efiSupport = true; + boot.loader.efi.canTouchEfiVariables = true; + boot.kernelPackages = pkgs.linuxPackages_latest; + boot.kernelModules = [ "kvm-amd" "i2c-dev" ]; + # boot.kernelPackages = nixpkgs-unstable.linuxPackages_latest; + + systemd.services.monitor-switch-to-me = { + description = "Switch monitor to this computer"; + path = [ pkgs.ddcutil ]; + script = let target = "0x0f"; in '' + # Would like to avoid switching if possible; sadly this doesn't reliably + # report other input sources. + # ddcutil --mfg HPN getvcp 60 | grep sl=${target} || \ + ddcutil --mfg HPN setvcp 60 ${target} --sleep-multiplier 4 + # Prevent from getting executed multiple times in succession. + sleep 15 + ''; + }; + + services.udev.extraRules = '' + ACTION!="add", GOTO="display_switch_end" + + # Trigger on Planck keyboard. + ATTRS{idVendor}=="feed",\ + ATTRS{idProduct}=="6060",\ + RUN+="${pkgs.systemd}/bin/systemctl start --no-block monitor-switch-to-me.service" + + LABEL="display_switch_end" + ''; + + # boot.kernelPackages = let + # linux_pkg = { fetchgit, buildLinux, ... } @ args: + # buildLinux (args // rec { + # version = "5.6"; + # modDirVersion = "5.6.0"; + # src = pkgs.fetchgit { + # url = "https://kernel.googlesource.com/pub/scm/linux/kernel/git/torvalds/linux.git"; + # rev = "v5.6"; + # sha256 = "06xddhg04gv9azqikvv98xcv8x6h0x3xy2zc6r7m7jjd28a5bh6j"; + # }; + # kernelPatches = []; + # } // (args.argsOverride or {})); + # linux = pkgs.callPackage linux_pkg {}; + # in pkgs.recurseIntoAttrs (pkgs.linuxPackagesFor linux); + + boot.kernelParams = ["amdgpu.dc=1"]; + + networking.hostName = "firelink"; # Define your hostname. + + # networking.interfaces.enp37s0.useDHCP = true; + # networking.interfaces.enp37s0.macAddress = "3c:97:0e:19:7e:5c"; + + system.stateVersion = lib.mkForce "20.03"; + + # SSD configuration + fileSystems."/" = + { device = "/dev/mapper/cryptsystem"; + fsType = "ext4"; + options = ["noatime" "discard"]; + }; + + boot.initrd.luks.devices."cryptsystem".device = "/dev/disk/by-uuid/8acc11c2-e540-4561-8c88-34176fca1a72"; + boot.initrd.luks.devices."cryptsystem".allowDiscards = true; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/C636-D264"; + fsType = "vfat"; + }; + + programs.ssh.askPassword = "${pkgs.x11_ssh_askpass}/libexec/x11-ssh-askpass"; + services.xserver.desktopManager.plasma5.enable = true; + + # 60 fps + services.xserver.xrandrHeads = + let monitor = name: { + output = name; + monitorConfig = '' + ModeLine "3840x2160" 594.00 3840 4016 4104 4400 2160 2168 2178 2250 +hsync +vsync + Option "PreferredMode" "3840x2160_60" + ''; + + }; in + [ + (monitor "HDMI-A-0") + (monitor "HDMI-A-1") + ]; +} + -- cgit v1.2.3