diff --git a/homes/aarch64-linux/harald@m4nix/default.nix b/homes/aarch64-linux/harald@m4nix/default.nix new file mode 100644 index 0000000..4fd150c --- /dev/null +++ b/homes/aarch64-linux/harald@m4nix/default.nix @@ -0,0 +1,61 @@ +{ lib, config, ... }: +{ + home.sessionPath = [ "$HOME/bin" ]; + + metacfg = { + user = { + enable = true; + name = config.snowfallorg.user.name; + }; + cli-apps = { + bash.enable = true; + fish.enable = true; + neovim.enable = true; + bat.enable = true; + starship.enable = true; + home-manager.enable = true; + }; + tools = { + git.enable = true; + }; + }; + + fonts.fontconfig.enable = true; + + dconf.settings = { + # ... + "org/gnome/shell" = { + disable-user-extensions = false; + + # `gnome-extensions list` for a list + enabled-extensions = [ + "Vitals@CoreCoding.com" + "appindicatorsupport@rgcjonas.gmail.com" + "dash-to-panel@jderose9.github.com" + "hibernate-status@dromi" + "autohide-battery@sitnik.ru" + ]; + + favorite-apps = [ + "org.gnome.Console.desktop" + "jetbrains-toolbox.desktop" + "org.mozilla.firefox.desktop" + "firefox.desktop" + "thunderbird.desktop" + "org.mozilla.Thunderbird.desktop" + "slack.desktop" + "keybase.desktop" + "spotify.desktop" + "org.gnome.Nautilus.desktop" + "virt-manager.desktop" + ]; + }; + "org/virt-manager/virt-manager/connections" = { + autoconnect = [ "qemu:///system" ]; + uris = [ "qemu:///system" ]; + }; + }; + + xdg.enable = true; + xdg.mime.enable = true; +} diff --git a/modules/nixos/services/base/default.nix b/modules/nixos/services/base/default.nix index 4dbbfa9..4630eb3 100644 --- a/modules/nixos/services/base/default.nix +++ b/modules/nixos/services/base/default.nix @@ -38,39 +38,46 @@ in sessionVariables = { PATH = "$HOME/bin"; }; - systemPackages = with pkgs; [ - age - bash - cifs-utils - clevis - delta - efibootmgr - git - git-crypt - git-delete-merged-branches - home-manager - htop - mosh - nixpkgs-fmt - openssl - restic - rrsync - sbctl - sops - strace - tmux - tpm2-pkcs11 - tpm2-pkcs11.out - tpm2-tools - vim - virt-manager - wget - (pkgs.writeShellScriptBin "qemu-system-x86_64-uefi" '' - qemu-system-x86_64 \ - -bios ${pkgs.OVMF.fd}/FV/OVMF.fd \ - "$@" - '') - ]; + systemPackages = + with pkgs; + [ + age + bash + cifs-utils + clevis + delta + efibootmgr + git + git-crypt + git-delete-merged-branches + home-manager + htop + mosh + nixpkgs-fmt + openssl + restic + rrsync + sbctl + sops + strace + tmux + vim + virt-manager + wget + (pkgs.writeShellScriptBin "qemu-system-x86_64-uefi" '' + qemu-system-x86_64 \ + -bios ${pkgs.OVMF.fd}/FV/OVMF.fd \ + "$@" + '') + ] + ++ lib.optionals pkgs.stdenv.targetPlatform.isx86_64 ( + with pkgs; + [ + tpm2-pkcs11 + tpm2-pkcs11.out + tpm2-tools + ] + ); shells = [ pkgs.fish pkgs.bash @@ -78,10 +85,12 @@ in }; hardware = { + cpu = { - amd.updateMicrocode = lib.mkDefault true; - intel.updateMicrocode = lib.mkDefault true; + amd.updateMicrocode = pkgs.stdenv.targetPlatform.isx86_64; + intel.updateMicrocode = pkgs.stdenv.targetPlatform.isx86_64; }; + enableRedistributableFirmware = lib.mkDefault true; enableAllFirmware = true; }; diff --git a/modules/nixos/services/gui/default.nix b/modules/nixos/services/gui/default.nix index b939f04..1e551c0 100644 --- a/modules/nixos/services/gui/default.nix +++ b/modules/nixos/services/gui/default.nix @@ -65,26 +65,36 @@ in hardware.graphics = { enable = true; - extraPackages = with pkgs; [ - vpl-gpu-rt - intel-compute-runtime - intel-media-driver # LIBVA_DRIVER_NAME=iHD - #intel-vaapi-driver # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium) - libvdpau-va-gl - rocmPackages.clr.icd - amdvlk - ]; + extraPackages = + [ ] + ++ lib.optionals pkgs.stdenv.targetPlatform.isx86_64 ( + with pkgs; + [ + vpl-gpu-rt + intel-compute-runtime + intel-media-driver # LIBVA_DRIVER_NAME=iHD + #intel-vaapi-driver # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium) + libvdpau-va-gl + rocmPackages.clr.icd + amdvlk + ] + ); }; systemd.tmpfiles.rules = let rocmEnv = pkgs.symlinkJoin { name = "rocm-combined"; - paths = with pkgs.rocmPackages; [ - rocblas - hipblas - clr - ]; + paths = + [ ] + ++ lib.optionals pkgs.stdenv.targetPlatform.isx86_64 ( + with pkgs.rocmPackages; + [ + rocblas + hipblas + clr + ] + ); }; in [ "L+ /opt/rocm - - - - ${rocmEnv}" ]; @@ -104,54 +114,61 @@ in enableBrowserSocket = true; }; - environment.systemPackages = with pkgs; [ - #pcsctools - bat - cardpeek - ccache - chromium - clang - dive - file - firefox - gh - gimp - git - gnome-browser-connector - cheese - gnome-software - gnomeExtensions.appindicator - gnomeExtensions.autohide-battery - gnomeExtensions.dash-to-panel - gnomeExtensions.hibernate-status-button - gnomeExtensions.vitals - gnupg - go - jetbrains-toolbox - jq - kbfs - libu2f-host - mosh - mosh - nixpkgs-fmt - opensc - pasystray - pinentry-gnome3 - pkg-config - pstree - ripgrep - rustup - slack - spotify - statix - thunderbird - tmux - vim - wl-clipboard - yubikey-manager-qt - yubikey-personalization - zellij - ]; + environment.systemPackages = + with pkgs; + [ + #pcsctools + bat + cardpeek + ccache + chromium + clang + dive + file + firefox + gh + gimp + git + gnome-browser-connector + cheese + gnome-software + gnomeExtensions.appindicator + gnomeExtensions.autohide-battery + gnomeExtensions.dash-to-panel + gnomeExtensions.hibernate-status-button + gnomeExtensions.vitals + gnupg + go + jq + kbfs + libu2f-host + mosh + mosh + nixpkgs-fmt + opensc + pasystray + pinentry-gnome3 + pkg-config + pstree + ripgrep + rustup + statix + thunderbird + tmux + vim + wl-clipboard + yubikey-manager-qt + yubikey-personalization + zellij + ] + ++ lib.optionals pkgs.stdenv.targetPlatform.isx86_64 ( + with pkgs; + [ + slack + spotify + jetbrains-toolbox + ] + ); #----=[ Fonts ]=----# fonts = { diff --git a/systems/aarch64-linux/m4nix/default.nix b/systems/aarch64-linux/m4nix/default.nix new file mode 100644 index 0000000..c557f5d --- /dev/null +++ b/systems/aarch64-linux/m4nix/default.nix @@ -0,0 +1,76 @@ +{ pkgs, lib, ... }: +with lib; +with lib.metacfg; +{ + imports = [ + ./hardware-configuration.nix + ]; + + metacfg = { + base.enable = true; + gui.enable = true; + nix-ld.enable = true; + nix.enable = true; + podman.enable = true; + secureboot.enable = false; + tools = { + direnv.enable = true; + #git.enable = true; + }; + user.extraGroups = [ + "docker" + "dialout" + ]; + }; + + environment.systemPackages = with pkgs; [ + azure-cli + cloudflare-warp + desktop-file-utils + kubectl + kubectx + k9s + attic-client + piper + ]; + + services.ratbagd.enable = true; + + services.resolved.enable = true; + services.resolved.dnssec = "allow-downgrade"; + services.resolved.extraConfig = '' + ResolveUnicastSingleLabel=yes + ''; + + systemd.packages = [ pkgs.cloudflare-warp ]; # for warp-cli + + virtualisation = { + docker.enable = true; + podman.dockerCompat = false; + }; + + system.autoUpgrade = { + enable = true; + operation = "boot"; + allowReboot = false; + }; + + systemd.user.extraConfig = "DefaultLimitNOFILE=32768"; + + security.pam.loginLimits = [ + { + domain = "*"; + item = "nofile"; + type = "-"; + value = "32768"; + } + { + domain = "*"; + item = "memlock"; + type = "-"; + value = "32768"; + } + ]; + + system.stateVersion = "23.11"; +} diff --git a/systems/aarch64-linux/m4nix/hardware-configuration.nix b/systems/aarch64-linux/m4nix/hardware-configuration.nix new file mode 100644 index 0000000..7243378 --- /dev/null +++ b/systems/aarch64-linux/m4nix/hardware-configuration.nix @@ -0,0 +1,46 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: + +{ + imports = [ ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/b340000f-2927-414d-9382-edd3120b8e80"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/16C0-5FB0"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; + + swapDevices = [ + { device = "/dev/disk/by-uuid/76cc3afa-b57e-4f25-95f4-7b15bf1fb796"; } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp0s1.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux"; +}