config/hosts/fwminex/configuration.nix

220 lines
5.2 KiB
Nix
Raw Normal View History

2023-09-13 12:17:43 +03:00
{
pkgs,
2023-09-13 12:17:43 +03:00
config,
myData,
...
2023-09-17 07:06:19 +03:00
}: let
randr = import ./randr.nix;
in {
2023-11-28 22:57:58 +02:00
boot = {
2024-03-01 10:31:42 +02:00
initrd.availableKernelModules = ["usb_storage" "sd_mod" "xhci_pci" "thunderbolt" "nvme" "usbhid"];
kernelPackages = pkgs.zfs.latestCompatibleLinuxPackages;
2023-11-28 22:57:58 +02:00
loader.systemd-boot.enable = true;
supportedFilesystems = ["zfs"];
zfs = {
forceImportRoot = false;
devNodes = "/dev/disk/by-id/";
};
};
fileSystems = {
"/" = {
device = "rpool/nixos/root";
fsType = "zfs";
};
"/boot" = {
device = "/dev/disk/by-id/nvme-Samsung_SSD_970_EVO_Plus_2TB_S6P1NS0TA01331A_1-part2";
fsType = "vfat";
};
"/home" = {
device = "rpool/nixos/home";
fsType = "zfs";
};
"/nix" = {
device = "rpool/nixos/nix";
fsType = "zfs";
};
"/var/lib" = {
device = "rpool/nixos/var/lib";
fsType = "zfs";
};
"/var/log" = {
device = "rpool/nixos/var/log";
fsType = "zfs";
2023-09-13 12:17:43 +03:00
};
};
2023-09-14 12:40:16 +03:00
hardware.cpu.intel.updateMicrocode = true;
nixpkgs.hostPlatform = "x86_64-linux";
2023-09-13 12:17:43 +03:00
boot.binfmt.emulatedSystems = ["aarch64-linux"];
2023-09-14 15:26:16 +03:00
systemd.services.zfs-mount.enable = false;
2023-09-13 12:17:43 +03:00
mj = {
stateVersion = "23.05";
timeZone = "Europe/Vilnius";
username = "motiejus";
2023-09-13 12:17:43 +03:00
base = {
zfs.enable = true;
users = {
2024-02-04 16:18:47 +02:00
enable = true;
2024-02-04 22:05:44 +02:00
devTools = true;
root.hashedPasswordFile = config.age.secrets.root-passwd-hash.path;
user.hashedPasswordFile = config.age.secrets.motiejus-passwd-hash.path;
2023-09-13 12:17:43 +03:00
};
snapshot = {
enable = true;
mountpoints = ["/home" "/var/lib" "/var/log"];
};
unitstatus = {
enable = true;
email = "motiejus+alerts@jakstys.lt";
};
};
services = {
sshguard.enable = false;
2023-11-15 00:29:22 +02:00
tailscale = {
enable = true;
verboseLogs = true;
};
2023-09-18 19:29:27 +03:00
node_exporter = {
enable = true;
extraSubnets = [myData.subnets.vno1.cidr];
};
2023-09-13 12:17:43 +03:00
deployerbot = {
follower = {
inherit (myData.hosts."vno1-oh2.servers.jakst") publicKey;
2023-10-01 23:14:05 +03:00
2023-09-13 12:17:43 +03:00
enable = true;
uidgid = myData.uidgid.updaterbot-deployee;
sshAllowSubnets = with myData.subnets; [tailscale.sshPattern];
2023-09-13 12:17:43 +03:00
};
};
2023-09-15 13:23:52 +03:00
postfix = {
enable = true;
saslPasswdPath = config.age.secrets.sasl-passwd.path;
};
2023-09-13 12:17:43 +03:00
syncthing = {
2023-09-18 11:55:09 +03:00
enable = true;
2023-09-13 12:17:43 +03:00
dataDir = "/home/motiejus/";
user = "motiejus";
group = "users";
};
2024-02-27 22:56:09 +02:00
remote-builder.client = let
host = myData.hosts."fra1-a.servers.jakst";
in {
enable = true;
inherit (host) system supportedFeatures;
hostName = host.jakstIP;
sshKey = "/etc/ssh/ssh_host_ed25519_key";
};
2023-09-13 12:17:43 +03:00
};
};
2024-04-09 09:04:49 +03:00
services = {
throttled.enable = true;
tlp = {
2024-04-10 17:01:28 +03:00
enable = false;
2024-04-09 09:04:49 +03:00
settings = {
CPU_BOOST_ON_BAT = 0;
CPU_HWP_DYN_BOOST_ON_BAT = 0;
CPU_SCALING_GOVERNOR_ON_AC = "performance";
CPU_SCALING_GOVERNOR_ON_BAT = "powersave";
CPU_ENERGY_PERF_POLICY_ON_AC = "performance";
CPU_ENERGY_PERF_POLICY_ON_BAT = "power";
PLATFORM_PROFILE_ON_BAT = "low-power";
2024-04-09 15:19:39 +03:00
PLATFORM_PROFILE_ON_AC = "performance";
2024-04-09 09:04:49 +03:00
START_CHARGE_THRESH_BAT1 = 90;
STOP_CHARGE_THRESH_BAT1 = 97;
RUNTIME_PM_ON_BAT = "auto";
};
};
autorandr = {
profiles = {
default = {
fingerprint = {inherit (randr) eDP-1;};
config = {
DP-1.enable = false;
DP-2.enable = false;
DP-3.enable = false;
DP-4.enable = false;
eDP-1 = {
enable = true;
primary = true;
mode = "1920x1200";
crtc = 0;
position = "0x0";
rate = "59.88";
};
2023-09-17 22:02:30 +03:00
};
};
2024-04-09 09:04:49 +03:00
home1 = {
fingerprint = {inherit (randr) eDP-1 DP-4;};
config = {
eDP-1.enable = false;
DP-1.enable = false;
DP-2.enable = false;
DP-4 = {
enable = true;
mode = "2560x1440";
position = "0x0";
primary = true;
crtc = 0;
rate = "59.95";
};
2024-02-28 15:03:49 +02:00
};
};
2024-04-09 09:04:49 +03:00
dualhome = {
fingerprint = {inherit (randr) eDP-1 DP-3 DP-4;};
config = {
eDP-1.enable = false;
DP-1.enable = false;
DP-2.enable = false;
DP-3 = {
enable = true;
mode = "2560x1440";
position = "0x0";
crtc = 1;
rate = "59.95";
};
DP-4 = {
enable = true;
mode = "2560x1440";
position = "2560x0";
primary = true;
crtc = 0;
rate = "59.95";
};
2023-09-17 07:06:19 +03:00
};
};
};
};
};
2024-02-16 18:09:59 +02:00
virtualisation.virtualbox.host.enable = true;
users.extraGroups.vboxusers.members = ["motiejus"];
2024-04-10 01:49:31 +03:00
environment.systemPackages = with pkgs; [
tesseract
];
2023-09-13 12:17:43 +03:00
networking = {
2023-09-13 14:46:58 +03:00
hostId = "3a54afcd";
2023-09-13 12:17:43 +03:00
hostName = "fwminex";
domain = "motiejus.jakst";
2023-09-22 09:58:09 +03:00
firewall.rejectPackets = true;
2023-09-13 12:17:43 +03:00
};
}