diff options
Diffstat (limited to 'hosts/prometheus')
| -rw-r--r-- | hosts/prometheus/default.nix | 133 | ||||
| -rw-r--r-- | hosts/prometheus/disks.nix | 101 | ||||
| -rw-r--r-- | hosts/prometheus/hardware-configuration.nix | 41 |
3 files changed, 275 insertions, 0 deletions
diff --git a/hosts/prometheus/default.nix b/hosts/prometheus/default.nix new file mode 100644 index 0000000..9ae39fa --- /dev/null +++ b/hosts/prometheus/default.nix @@ -0,0 +1,133 @@ +{ config, inputs, outputs, pkgs, ... }: { + boot = { + initrd.kernelModules = [ "zfs" ]; + kernel.sysctl = { + "kernel.hostname" = "prometheus.trentguthrie.net"; + #"kernel.split_lock_mitigate" = 0; # https://lwn.net/Articles/911219/ + #"net.ipv4.tcp_congestion_control" = "reno"; + }; + kernelPackages = pkgs.master.linuxPackages_7_0; + #kernelParams = [ + # "amdgpu.ppfeaturemask=0xfffd3fff" + # "split_lock_detect=off" + #]; + loader = { + efi = { + canTouchEfiVariables = true; + efiSysMountPoint = "/efiboot/efi1"; + }; + systemd-boot = { + enable = true; + memtest86.enable = true; + }; + timeout = 3; + }; + supportedFilesystems = [ "zfs" ]; + zfs = { + forceImportRoot = false; + package = pkgs.master.zfs_2_4; + }; + }; + + environment.systemPackages = [ + pkgs.linux-firmware + pkgs.master.linuxKernel.packages.linux_7_0.turbostat + pkgs.mailutils + ]; + + imports = [ + ./disks.nix + ./hardware-configuration.nix + ../common/core + #../common/optional/db.nix + #../common/optional/dev.nix + #../common/optional/ebooks.nix + #../common/optional/games.nix + #../common/optional/google-authenticator.nix + #../common/optional/gui.nix + #../common/optional/misc.nix + #../common/optional/multimedia.nix + #../common/optional/pipewire.nix + #../common/optional/printer.nix + #../common/optional/sdr.nix + #../common/optional/services/chrony.nix + ../common/optional/services/openssh.nix + #../common/optional/services/wayland.nix + #../common/optional/services/xorg.nix + #../common/optional/sound.nix + #../common/optional/wdt.nix + ../common/optional/zfs.nix + ../common/users/nipsy + ../common/users/root + ../common/users/trent + ]; + + networking = { + defaultGateway = { + address = "10.0.1.1"; + interface = "enp89s0"; + }; + hostId = "a227ce4d"; + hostName = "prometheus"; + interfaces = { + enp89s0 = { + ipv4.addresses = [ + { address = "10.0.1.17"; prefixLength = 24; } + ]; + }; + }; + nameservers = [ "10.0.1.1" ]; + nftables.enable = true; + search = [ + "trentguthrie.net" + ]; + useDHCP = false; + #wireless = { + # enable = true; + # networks = { + # "Crystal Palace" = { + # pskRaw = "ext:psk_crystal_palace"; + # }; + # }; + # secretsFile = "${config.sops.secrets."wpa_supplicant".path}"; + #}; + }; + + nixpkgs = { + config = { + allowUnfree = true; + }; + hostPlatform = "x86_64-linux"; + overlays = [ + inputs.nvidia-patch.overlays.default + outputs.overlays.additions + outputs.overlays.modifications + outputs.overlays.master-packages + #outputs.overlays.my-nixpkgs-packages + #outputs.overlays.pr495610-packages + outputs.overlays.stable-packages + #outputs.overlays.staging-packages + #outputs.overlays.wine9_22-packages + ]; + }; + + services.openssh.settings.X11Forwarding = true; + #services.xserver.videoDrivers = [ "amdgpu" ]; + + #sops = { + # age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; + # defaultSopsFile = ../secrets/caladan.yaml; + + # secrets = { + # "nftables/ssh" = {}; + # "nix-access-token-github" = {}; + # "ssh_config".path = "/root/.ssh/config"; + # #"wpa_supplicant" = { + # # group = config.users.users.wpa_supplicant.group; + # # owner = config.users.users.wpa_supplicant.name; + # #}; + # }; + #}; + + system.stateVersion = "26.05"; +} diff --git a/hosts/prometheus/disks.nix b/hosts/prometheus/disks.nix new file mode 100644 index 0000000..c58effa --- /dev/null +++ b/hosts/prometheus/disks.nix @@ -0,0 +1,101 @@ +{ + disko.devices = { + disk = { + nvme0n1 = { + type = "disk"; + device = "/dev/disk/by-id/nvme-SPCC_M.2_PCIe_SSD_WWDD241018006012188"; + content = { + type = "gpt"; + partitions = { + ESP = { + size = "1G"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/efiboot/efi1"; + mountOptions = [ "X-mount.mkdir" "umask=0077" ]; + extraArgs = [ "-nESP1" ]; + }; + }; + swap = { + size = "16G"; + type = "8200"; + content = { + type = "swap"; + extraArgs = [ "-L swap" ]; + }; + }; + zfs = { + size = "100%"; + content = { + type = "zfs"; + pool = "rpool"; + }; + }; + }; + }; + }; + }; + zpool = { + rpool = { + type = "zpool"; + rootFsOptions = { + acltype = "posixacl"; + canmount = "off"; + compression = "on"; + dnodesize = "auto"; + relatime = "on"; + xattr = "sa"; + }; + options = { + ashift = "12"; + autotrim = "on"; + }; + datasets = { + "local" = { + type = "zfs_fs"; + options.mountpoint = "none"; + }; + "local/root" = { + type = "zfs_fs"; + options.mountpoint = "legacy"; + mountpoint = "/"; + }; + "local/nix" = { + type = "zfs_fs"; + options = { + atime = "off"; + mountpoint = "legacy"; + }; + mountpoint = "/nix"; + }; + "user" = { + type = "zfs_fs"; + options.mountpoint = "none"; + }; + "user/home" = { + type = "zfs_fs"; + options.mountpoint = "legacy"; + mountpoint = "/home"; + }; + "user/home/root" = { + type = "zfs_fs"; + options.mountpoint = "legacy"; + mountpoint = "/root"; + }; + "user/home/nipsy" = { + type = "zfs_fs"; + options.mountpoint = "legacy"; + mountpoint = "/home/nipsy"; + }; + "user/home/trent" = { + type = "zfs_fs"; + options.mountpoint = "legacy"; + mountpoint = "/home/trent"; + }; + }; + }; + }; + }; +} diff --git a/hosts/prometheus/hardware-configuration.nix b/hosts/prometheus/hardware-configuration.nix new file mode 100644 index 0000000..c0e8417 --- /dev/null +++ b/hosts/prometheus/hardware-configuration.nix @@ -0,0 +1,41 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ #(modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot = { + extraModulePackages = [ ]; + initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usbhid" "usb_storage" "sd_mod" ]; + initrd.kernelModules = [ ]; + kernelModules = [ "kvm-intel" "ntsync" ]; + }; + + #nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + + hardware = { + bluetooth.enable = true; + cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + + graphics = { + enable = true; + enable32Bit = true; + extraPackages = [ pkgs.nvidia-vaapi-driver ]; + extraPackages32 = [ pkgs.pkgsi686Linux.nvidia-vaapi-driver ]; + }; + + nvidia = let + betaPkg = config.boot.kernelPackages.nvidiaPackages.beta; + pkgAfterFbc = if builtins.hasAttr betaPkg.version pkgs.nvidia-patch-list.fbc then pkgs.nvidia-patch.patch-fbc betaPkg else betaPkg; + finalPkg = if builtins.hasAttr betaPkg.version pkgs.nvidia-patch-list.nvenc then pkgs.nvidia-patch.patch-nvenc pkgAfterFbc else pkgAfterFbc; + in { + modesetting.enable = true; + open = true; + package = if finalPkg == betaPkg then betaPkg else finalPkg; + }; + }; +} |