natto1784/dotfiles
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

hosts/okina: init

Browse Source 
Signed-off-by: Amneesh Singh <natto@weirdnatto.in>
This commit is contained in:
Amneesh Singh
2024-05-27 19:57:56 +05:30
parent ded1e9c202
commit 15f03999d3
8 changed files with 237 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
hosts/README.org
View File

@@ -1,4 +1,5 @@
+ satori is my home laptop + okina is my home desktop
+ satori is my almost trashed laptop
+ marisa is my Raspberry Pi 4 (B) + marisa is my Raspberry Pi 4 (B)
+ remilia is my cloud VM + remilia is my cloud VM
+ hina is another cloud VM I use for ZNC + hina is another cloud VM I use for ZNC

10
hosts/default.nix
View File

@@ -17,6 +17,16 @@ let
in in
{ {
flake.nixosConfigurations = { flake.nixosConfigurations = {
# Desktop
okina = nixpkgs.lib.nixosSystem rec {
system = "x86_64-linux";
modules = [
./okina
]
++ desktopModules
++ commonModules;
};
#Home laptop #Home laptop
satori = nixpkgs.lib.nixosSystem rec { satori = nixpkgs.lib.nixosSystem rec {
system = "x86_64-linux"; system = "x86_64-linux";

33
hosts/okina/boot.nix Normal file
View File

@@ -0,0 +1,33 @@
{ lib, config, pkgs, ... }:
{
boot = {
kernelPackages = pkgs.linuxPackages;
initrd = {
availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
kernelModules = [ ];
};
kernelParams = [ "i915.force_probe=56a1" "resume_offset=11287312" ];
# kernelModules = [ "kvm-intel" "i2c-dev" "ddcci_backlight" ];
kernelModules = [ "kvm-intel" "i2c-dev" ];
# extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback r8125 ddcci-driver ];
extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback r8125 ];
blacklistedKernelModules = [ "r8169" ];
resumeDevice = "/dev/disk/by-uuid/5679b901-3a70-4422-81f5-af91f287500b";
loader = {
efi = {
canTouchEfiVariables = true;
efiSysMountPoint = "/boot/efi";
};
grub = {
enable = true;
efiSupport = true;
device = "nodev";
splashMode = "stretch";
};
};
};
}

12
hosts/okina/default.nix Normal file
View File

@@ -0,0 +1,12 @@
{ lib, config, ... }:
{
imports =
[
./hardware.nix
./stuff.nix
./networking.nix
./boot.nix
./services.nix
];
system.stateVersion = "23.05";
}

67
hosts/okina/hardware.nix Normal file
View File

@@ -0,0 +1,67 @@
{ config, lib, modulesPath, pkgs, ... }:
{
imports =
[
(modulesPath + "/installer/scan/not-detected.nix")
];
fileSystems."/" =
{
device = "/dev/disk/by-uuid/5679b901-3a70-4422-81f5-af91f287500b";
fsType = "btrfs";
options = [ "compress-force=zstd:3" ];
};
fileSystems."/boot/efi" =
{
device = "/dev/disk/by-uuid/A2E5-006F";
fsType = "vfat";
};
fileSystems."/media/omghi" =
{
device = "/dev/disk/by-uuid/0e862bdb-168a-42cc-8a28-0ae9e9a0753c";
fsType = "ext4";
};
fileSystems."/media/real" =
{
device = "/dev/disk/by-uuid/8086be20-c770-46be-bd8f-5bd2d7735c7d";
fsType = "btrfs";
options = [ "compress-force=zstd:3" ];
};
/* fileSystems."/media/ntfs" =
{
device = "/dev/disk/by-uuid/54034ca6-d3cd-11ee-9e0c-f020ff87c985";
fsType = "ntfs";
};*/
zramSwap = {
enable = true;
algorithm = "lz4";
memoryPercent = 20;
priority = -1;
};
swapDevices = [
{ device = "/var/swap"; size = 32768; }
];
powerManagement = {
enable = true;
cpuFreqGovernor = "powersave";
};
hardware = {
bluetooth.enable = true;
cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
opengl = {
driSupport32Bit = true;
enable = true;
package = pkgs.mesa.drivers;
package32 = pkgs.pkgsi686Linux.mesa.drivers;
};
};
}

30
hosts/okina/networking.nix Normal file
View File

@@ -0,0 +1,30 @@
{ config, pkgs, lib', lib, ... }:
{
networking = {
hostName = "okina";
hostId = "fa6f8f15";
networkmanager = {
enable = true;
};
firewall = {
allowedTCPPorts = [ 22 18172 6600 8001 7590 25565 9092 8096 ];
allowedUDPPorts = [ 22 17840 18172 ];
trustedInterfaces = [ "docker0" ];
};
interfaces = {
enp7s0 = {
ipv4.addresses = [{
prefixLength = 24;
address = "192.168.1.106";
}];
};
};
defaultGateway = "192.168.1.1";
nameservers = [ "1.1.1.1" "8.8.8.8" ];
};
}

34
hosts/okina/services.nix Normal file
View File

@@ -0,0 +1,34 @@
{ lib, config, pkgs, ... }:
{
services = {
openssh = {
enable = true;
settings.PermitRootLogin = "yes";
};
ratbagd.enable = true;
btrfs.autoScrub.enable = true;
gvfs.enable = true;
logind.extraConfig = "RuntimeDirectorySize=30%";
printing = {
enable = true;
drivers = [ pkgs.hplip ];
};
};
systemd.services = {
libvirtd.wantedBy = lib.mkForce [ ];
};
security.pki.certificateFiles = [ ../../cert.pem ];
virtualisation = {
docker = {
enable = true;
};
libvirtd = {
enable = true;
onBoot = "ignore";
onShutdown = "shutdown";
qemu.runAsRoot = true;
};
};
}

49
hosts/okina/stuff.nix Normal file
View File

@@ -0,0 +1,49 @@
{ lib, config, pkgs, ... }:
{
time.timeZone = "Asia/Kolkata";
environment.localBinInPath = true;
security = {
rtkit.enable = true;
polkit.enable = true;
sudo.enable = true;
doas = {
enable = true;
extraRules = [
{
users = [ "natto" ];
keepEnv = true;
persist = true;
setEnv = [ "SSH_AUTH_SOCK" "PATH" "SHELL" ];
}
];
};
};
console.useXkbConfig = true;
users.users.natto = {
isNormalUser = true;
shell = pkgs.zsh;
home = "/home/natto";
extraGroups = [ "wheel" "adbusers" "video" "libvirtd" "docker" "networkmanager" "dialout" ];
};
virtualisation = {
waydroid.enable = true;
podman = {
enable = true;
};
};
gtk.iconCache.enable = true;
security.wrappers = {
intel_gpu_top = {
owner = "root";
group = "root";
capabilities = "cap_perfmon=+ep";
source = "${pkgs.intel-gpu-tools}/bin/intel_gpu_top";
};
};
}