Refactor: Initial step

- Added library for common functions - Moved machines/ to hosts/ - Automise adding new hosts to the flake
2024-07-25 21:24:28 +02:00 · 2024-07-25 21:24:28 +02:00 · 1ea937f884
commit 1ea937f884
parent 95b9318585
7 changed files with 54 additions and 5 deletions
--- a/hosts/workstation/default.nix
+++ b/hosts/workstation/default.nix
@ -0,0 +1,86 @@
+{ config, pkgs, ... }:
+
+{
+  imports = [
+    ./hardware-configuration.nix
+    ./persist.nix
+    ../../packages/sets/basic.nix
+    ../../packages/wm/hyprland.nix
+    ../../users/hu/user.nix
+    ../../packages/sets/security.nix
+  ];
+
+  boot.loader.efi.canTouchEfiVariables = true;
+  boot.loader.grub = {
+    enable = true;
+    efiSupport = true;
+    device = "nodev";
+    gfxmodeEfi = "1920x1080";
+  };
+  boot.kernelPackages = pkgs.linuxPackages_xanmod_latest;
+  boot.supportedFilesystems = [ "btrfs" "xfs" ];
+
+  networking = {
+    hostName = "workstation";
+    enableIPv6 = false;
+    nameservers = [ "9.9.9.9" ];
+    defaultGateway = "192.168.2.1";
+    interfaces.enp34s0.ipv4.addresses = [{
+      address = "192.168.2.68";
+      prefixLength = 24;
+    }];
+  };
+
+  time.timeZone = "Europe/Berlin";
+
+  i18n.defaultLocale = "en_US.UTF-8";
+  console = {
+    font = "Lat2-Terminus16";
+    keyMap = "uk";
+    # useXkbConfig = true;
+  };
+
+  nixpkgs.config.allowUnfree = true;
+  services.xserver.videoDrivers = [ "nvidia" ];
+  hardware = {
+    graphics = {
+      enable = true;
+      enable32Bit = true;
+    };
+    nvidia = {
+      modesetting.enable = true;
+      package = config.boot.kernelPackages.nvidiaPackages.beta;
+    };
+  };
+
+  programs.mtr.enable = true;
+  programs.gnupg.agent = {
+    enable = true;
+    enableSSHSupport = true;
+  };
+
+  security.rtkit.enable = true;
+  services.pipewire = {
+    enable = true;
+    alsa = {
+      enable = true;
+      support32Bit = true;
+    };
+    pulse.enable = true;
+    jack.enable = true;
+  };
+
+  nix = {
+    extraOptions = ''
+      experimental-features = nix-command flakes
+    '';
+  };
+
+  networking.firewall = {
+    allowedTCPPorts = [ 25565 ];
+    allowedUDPPorts = [ 25565 ];
+  };
+
+  system.stateVersion = "23.11";
+}
+
--- a/hosts/workstation/hardware-configuration.nix
+++ b/hosts/workstation/hardware-configuration.nix
@ -0,0 +1,78 @@
+{ config, lib, modulesPath, ... }:
+
+{
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+  ];
+
+  fileSystems."/" = {
+    device = "/dev/disk/by-uuid/5cc0482e-ac92-41c7-b2fc-2d9b4a19eeec";
+    fsType = "btrfs";
+    options = [ "subvol=root" "compress=zstd" "noatime" ];
+  };
+
+  fileSystems."/nix" = {
+  device = "/dev/disk/by-uuid/5cc0482e-ac92-41c7-b2fc-2d9b4a19eeec";
+    fsType = "btrfs";
+    options = [ "subvol=nix" "compress=zstd" "noatime" ];
+    neededForBoot = true;
+  };
+
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-uuid/3012-B13E";
+    fsType = "vfat";
+  };
+
+  fileSystems."/home/hu/mounts/vault" = {
+    device = "/dev/disk/by-uuid/048d175b-0e3e-4ec7-955b-3d9a45f9f237";
+    fsType = "xfs";
+  };
+
+  fileSystems."/home/hu/mounts/attic" = {
+    device = "/dev/disk/by-uuid/ec32ce36-9f53-4f44-ac8f-2c9163f0b3d7";
+    fsType = "xfs";
+  };
+
+  boot.initrd.availableKernelModules = [ 
+    "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"
+  ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-amd" ];
+  boot.extraModulePackages = [ ];
+  boot.extraModprobeConfig = "options kvm_amd nested=1";
+  boot.kernelParams = [
+    "nvidia_drm.fbdev=1"
+    "nvidia.NVreg_PreserveVideoMemoryAllocations=1"
+  ];
+
+  boot.initrd.postDeviceCommands = lib.mkAfter ''
+    mkdir /btrfs_tmp
+    mount ${config.fileSystems."/".device} /btrfs_tmp
+    if [[ -e /btrfs_tmp/root ]]; then
+        mkdir -p /btrfs_tmp/old_roots
+        timestamp=$(date --date="@$(stat -c %Y /btrfs_tmp/root)" "+%Y-%m-%-d_%H:%M:%S")
+        mv /btrfs_tmp/root "/btrfs_tmp/old_roots/$timestamp"
+    fi
+
+    delete_subvolume_recursively() {
+        IFS=$'\n'
+        for i in $(btrfs subvolume list -o "$1" | cut -f 9- -d ' '); do
+            delete_subvolume_recursively "/btrfs_tmp/$i"
+        done
+        btrfs subvolume delete "$1"
+    }
+
+    for i in $(find /btrfs_tmp/old_roots/ -maxdepth 1 -mtime +30); do
+        delete_subvolume_recursively "$i"
+    done
+
+    btrfs subvolume create /btrfs_tmp/root
+    umount /btrfs_tmp
+  '';
+
+  networking.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}
+
--- a/hosts/workstation/persist.nix
+++ b/hosts/workstation/persist.nix
@ -0,0 +1,22 @@
+{ ... }:
+
+{
+  environment.persistence."/nix/persist" = {
+    hideMounts = true;
+    directories = [
+      "/var/log"
+      "/var/lib/nixos"
+      "/var/lib/systemd/coredump"
+      { 
+        directory = "/var/lib/colord";
+        user = "colord";
+        group = "colord";
+        mode = "u=rwx,g=rx,o=";
+      }
+    ];
+    files = [
+      "/etc/machine-id"
+    ];
+  };
+}
+