feat: add m4nix VM

Signed-off-by: Harald Hoyer <harald@hoyer.xyz>

homes/aarch64-linux/harald@m4nix/default.nix

@@ -0,0 +1,61 @@
+{ lib, config, ... }:
+{
+  home.sessionPath = [ "$HOME/bin" ];
+
+  metacfg = {
+    user = {
+      enable = true;
+      name = config.snowfallorg.user.name;
+    };
+    cli-apps = {
+      bash.enable = true;
+      fish.enable = true;
+      neovim.enable = true;
+      bat.enable = true;
+      starship.enable = true;
+      home-manager.enable = true;
+    };
+    tools = {
+      git.enable = true;
+    };
+  };
+
+  fonts.fontconfig.enable = true;
+
+  dconf.settings = {
+    # ...
+    "org/gnome/shell" = {
+      disable-user-extensions = false;
+
+      # `gnome-extensions list` for a list
+      enabled-extensions = [
+        "Vitals@CoreCoding.com"
+        "appindicatorsupport@rgcjonas.gmail.com"
+        "dash-to-panel@jderose9.github.com"
+        "hibernate-status@dromi"
+        "autohide-battery@sitnik.ru"
+      ];
+
+      favorite-apps = [
+        "org.gnome.Console.desktop"
+        "jetbrains-toolbox.desktop"
+        "org.mozilla.firefox.desktop"
+        "firefox.desktop"
+        "thunderbird.desktop"
+        "org.mozilla.Thunderbird.desktop"
+        "slack.desktop"
+        "keybase.desktop"
+        "spotify.desktop"
+        "org.gnome.Nautilus.desktop"
+        "virt-manager.desktop"
+      ];
+    };
+    "org/virt-manager/virt-manager/connections" = {
+      autoconnect = [ "qemu:///system" ];
+      uris = [ "qemu:///system" ];
+    };
+  };
+
+  xdg.enable = true;
+  xdg.mime.enable = true;
+}

modules/nixos/services/base/default.nix

@@ -59,10 +59,7 @@ in
         sops
         strace
         tmux
-        tpm2-pkcs11
+       vim
-        tpm2-pkcs11.out
-        tpm2-tools
-        vim
         virt-manager
         wget
         (pkgs.writeShellScriptBin "qemu-system-x86_64-uefi" ''
@@ -70,7 +67,11 @@ in
             -bios ${pkgs.OVMF.fd}/FV/OVMF.fd \
             "$@"
         '')
-      ];
+      ] ++ lib.optionals pkgs.stdenv.targetPlatform.isx86_64 ( with pkgs; [
+        tpm2-pkcs11
+        tpm2-pkcs11.out
+        tpm2-tools
+      ]);
       shells = [
         pkgs.fish
         pkgs.bash
@@ -78,10 +79,12 @@ in
     };
 
     hardware = {
+
       cpu = {
-        amd.updateMicrocode = lib.mkDefault true;
+        amd.updateMicrocode = pkgs.stdenv.targetPlatform.isx86_64;
-        intel.updateMicrocode = lib.mkDefault true;
+        intel.updateMicrocode = pkgs.stdenv.targetPlatform.isx86_64;
       };
+
       enableRedistributableFirmware = lib.mkDefault true;
       enableAllFirmware = true;
     };

modules/nixos/services/gui/default.nix

@@ -65,26 +65,36 @@ in
     hardware.graphics = {
       enable = true;
 
-      extraPackages = with pkgs; [
+      extraPackages =
-        vpl-gpu-rt
+        [ ]
-        intel-compute-runtime
+        ++ lib.optionals pkgs.stdenv.targetPlatform.isx86_64 (
-        intel-media-driver # LIBVA_DRIVER_NAME=iHD
+          with pkgs;
-        #intel-vaapi-driver # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium)
+          [
-        libvdpau-va-gl
+            vpl-gpu-rt
-        rocmPackages.clr.icd
+            intel-compute-runtime
-        amdvlk
+            intel-media-driver # LIBVA_DRIVER_NAME=iHD
-      ];
+            #intel-vaapi-driver # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium)
+            libvdpau-va-gl
+            rocmPackages.clr.icd
+            amdvlk
+          ]
+        );
     };
 
     systemd.tmpfiles.rules =
       let
         rocmEnv = pkgs.symlinkJoin {
           name = "rocm-combined";
-          paths = with pkgs.rocmPackages; [
+          paths =
-            rocblas
+            [ ]
-            hipblas
+            ++ lib.optionals pkgs.stdenv.targetPlatform.isx86_64 (
-            clr
+              with pkgs.rocmPackages;
-          ];
+              [
+                rocblas
+                hipblas
+                clr
+              ]
+            );
         };
       in
       [ "L+    /opt/rocm   -    -    -     -    ${rocmEnv}" ];
@@ -104,54 +114,61 @@ in
       enableBrowserSocket = true;
     };
 
-    environment.systemPackages = with pkgs; [
+    environment.systemPackages =
-      #pcsctools
+      with pkgs;
-      bat
+      [
-      cardpeek
+        #pcsctools
-      ccache
+        bat
-      chromium
+        cardpeek
-      clang
+        ccache
-      dive
+        chromium
-      file
+        clang
-      firefox
+        dive
-      gh
+        file
-      gimp
+        firefox
-      git
+        gh
-      gnome-browser-connector
+        gimp
-      cheese
+        git
-      gnome-software
+        gnome-browser-connector
-      gnomeExtensions.appindicator
+        cheese
-      gnomeExtensions.autohide-battery
+        gnome-software
-      gnomeExtensions.dash-to-panel
+        gnomeExtensions.appindicator
-      gnomeExtensions.hibernate-status-button
+        gnomeExtensions.autohide-battery
-      gnomeExtensions.vitals
+        gnomeExtensions.dash-to-panel
-      gnupg
+        gnomeExtensions.hibernate-status-button
-      go
+        gnomeExtensions.vitals
-      jetbrains-toolbox
+        gnupg
-      jq
+        go
-      kbfs
+        jq
-      libu2f-host
+        kbfs
-      mosh
+        libu2f-host
-      mosh
+        mosh
-      nixpkgs-fmt
+        mosh
-      opensc
+        nixpkgs-fmt
-      pasystray
+        opensc
-      pinentry-gnome3
+        pasystray
-      pkg-config
+        pinentry-gnome3
-      pstree
+        pkg-config
-      ripgrep
+        pstree
-      rustup
+        ripgrep
-      slack
+        rustup
-      spotify
+        statix
-      statix
+        thunderbird
-      thunderbird
+        tmux
-      tmux
+        vim
-      vim
+        wl-clipboard
-      wl-clipboard
+        yubikey-manager-qt
-      yubikey-manager-qt
+        yubikey-personalization
-      yubikey-personalization
+        zellij
-      zellij
+      ]
-    ];
+      ++ lib.optionals pkgs.stdenv.targetPlatform.isx86_64 (
+        with pkgs;
+        [
+          slack
+          spotify
+          jetbrains-toolbox
+        ]
+      );
 
     #----=[ Fonts ]=----#
     fonts = {

systems/aarch64-linux/m4nix/default.nix

@@ -13,7 +13,6 @@ with lib.metacfg;
     nix.enable = true;
     podman.enable = true;
     secureboot.enable = false;
-    homeprinter.enable = true;
     tools = {
       direnv.enable = true;
       #git.enable = true;

systems/aarch64-linux/m4nix/hardware-configuration.nix

@@ -1,7 +1,13 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
+{
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}:
 
 {
   imports = [ ];
@@ -11,20 +17,23 @@
   boot.kernelModules = [ ];
   boot.extraModulePackages = [ ];
 
-  fileSystems."/" =
+  fileSystems."/" = {
-    { device = "/dev/disk/by-uuid/b340000f-2927-414d-9382-edd3120b8e80";
+    device = "/dev/disk/by-uuid/b340000f-2927-414d-9382-edd3120b8e80";
-      fsType = "ext4";
+    fsType = "ext4";
-    };
+  };
 
-  fileSystems."/boot" =
+  fileSystems."/boot" = {
-    { device = "/dev/disk/by-uuid/16C0-5FB0";
+    device = "/dev/disk/by-uuid/16C0-5FB0";
-      fsType = "vfat";
+    fsType = "vfat";
-      options = [ "fmask=0077" "dmask=0077" ];
+    options = [
-    };
+      "fmask=0077"
-
+      "dmask=0077"
-  swapDevices =
-    [ { device = "/dev/disk/by-uuid/76cc3afa-b57e-4f25-95f4-7b15bf1fb796"; }
     ];
+  };
+
+  swapDevices = [
+    { device = "/dev/disk/by-uuid/76cc3afa-b57e-4f25-95f4-7b15bf1fb796"; }
+  ];
 
   # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
   # (the default) this is the recommended approach. When using systemd-networkd it's