{ config, pkgs, lib, ... }: let aliases = import ../data/aliases.nix; my-overlay = self: super: { my-linuxPackages = super.unstable.linuxPackages_latest; }; in { orbekk.simple-firewall.enable = lib.mkForce false; orbekk.gaming.enable = true; orbekk.desktop.enable = true; orbekk.builder.enableRemoteBuilds = true; orbekk.rtc-wakeup.enable = true; orbekk.vpn.enable = true; # Don't run gc on startup. nix.gc.persistent = false; services.logind.extraConfig = '' HandlePowerKey=suspend IdleAction=suspend IdleActionSec=30m ''; systemd.watchdog.runtimeTime = "30s"; services.fwupd.enable = true; services.guix.enable = true; nixpkgs.overlays = [ my-overlay ]; hardware.uinput.enable = true; services.openssh.enable = true; networking.firewall.allowedTCPPorts = [ 22 4713 # Baldur's Gate 3 23253 ]; networking.firewall.allowedUDPPorts = [ # Baldur's Gate 3 23253 ]; networking.networkmanager.enable = true; networking.networkmanager.wifi.powersave = false; networking.vlans = { "enp37s0.admin" = { id = 255; interface = "enp37s0"; }; }; networking.interfaces."enp37s0.admin".useDHCP = true; systemd.extraConfig = "DefaultLimitNOFILE=1048576"; security.pam.loginLimits = [{ domain = "*"; type = "hard"; item = "nofile"; value = "1048576"; }]; hardware.cpu.amd.updateMicrocode = true; hardware.enableAllFirmware = true; hardware.enableRedistributableFirmware = true; # To use steam driver instead: # boot.blacklistedKernelModules = [ "hid_playstation" ]; boot.loader.timeout = 1; boot.loader.grub.enable = true; boot.loader.grub.devices = [ "nodev" ]; boot.loader.grub.efiSupport = true; boot.loader.efi.canTouchEfiVariables = true; # boot.loader.grub.efiInstallAsRemovable = true; # boot.kernelPackages = pkgs.my-linuxPackages; boot.kernelModules = [ "i2c-dev" ]; # https://bugzilla.kernel.org/show_bug.cgi?id=203709 boot.extraModprobeConfig = '' # options iwlwifi power_save=0 # options iwlwifi swcrypto=1 # options iwlwifi disable_11ax=1 # options iwlwifi bt_coex_active=0 # options iwlmvm power_scheme=1 # options bluetooth disable_ertm=1 ''; systemd.services.monitor-switch-to-me = { description = "Switch monitor to this computer"; path = [ pkgs.ddcutil ]; script = let target = "0x0f"; in '' # Would like to avoid switching if possible; sadly this doesn't reliably # report other input sources. # ddcutil --mfg HPN getvcp 60 | grep sl=${target} || \ ddcutil --mfg HPN setvcp 60 ${target} --sleep-multiplier 4 # Prevent from getting executed multiple times in succession. sleep 15 ''; }; services.udev.extraRules = '' # ACTION!="add", GOTO="display_switch_end" # # Trigger on 0bda:5411 usb hub plugin. # ATTRS{idVendor}=="0bda",\ # ATTRS{idProduct}=="5411",\ # RUN+="${pkgs.systemd}/bin/systemctl start --no-block monitor-switch-to-me.service" # LABEL="display_switch_end" # For xpadneo ACTION=="add", KERNEL=="0005:045E:02FD.*|0005:045E:02E0.*|0005:045E:0B05.*|0005:045E:0B13.*", SUBSYSTEM=="hid", DRIVER!="xpadneo", ATTR{driver/unbind}="%k", ATTR{[drivers/hid:xpadneo]bind}="%k" ACTION=="add", DRIVERS=="xpadneo", SUBSYSTEM=="input", ENV{ID_INPUT_JOYSTICK}=="1", TAG+="uaccess", MODE="0664", ENV{LIBINPUT_IGNORE_DEVICE}="1" ''; boot.kernelParams = [ ]; networking.hostName = "firelink"; # Define your hostname. system.stateVersion = lib.mkForce "20.03"; # SSD configuration fileSystems."/" = { device = "/dev/mapper/cryptsystem"; fsType = "ext4"; options = [ "noatime" "discard" ]; }; boot.initrd.luks.devices."cryptsystem" = { device = "/dev/disk/by-uuid/8acc11c2-e540-4561-8c88-34176fca1a72"; allowDiscards = true; keyFile = "/dev/zero"; keyFileSize = 32; fallbackToPassword = true; }; fileSystems."/boot" = { device = "/dev/disk/by-uuid/C636-D264"; fsType = "vfat"; }; programs.ssh.askPassword = "${pkgs.x11_ssh_askpass}/libexec/x11-ssh-askpass"; # 60 fps services.xserver.xrandrHeads = let monitor = name: { output = name; monitorConfig = '' ModeLine "3840x2160" 594.00 3840 4016 4104 4400 2160 2168 2178 2250 +hsync +vsync Option "PreferredMode" "3840x2160_60" ''; }; in [ (monitor "HDMI-0") (monitor "HDMI-1") ]; }