Format the entire project.
This commit is contained in:
parent
1dc50ae17d
commit
6f9db5e3a4
GPG key ID:
C0F1D326C7626543
115 changed files with 3451 additions and 2901 deletions
|
|
@ -1,6 +1,8 @@
|
|||
{ pkgs, lib, ... }:
|
||||
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
services.cron.enable = false;
|
||||
|
||||
networking.dhcpcd.extraConfig = "noarp";
|
||||
|
|
@ -8,10 +10,30 @@
|
|||
|
||||
# low latency audio stuff
|
||||
security.pam.loginLimits = [
|
||||
{ domain = "@audio"; item = "memlock"; type = "-"; value = "unlimited"; }
|
||||
{ domain = "@audio"; item = "rtprio"; type = "-"; value = "99"; }
|
||||
{ domain = "@audio"; item = "nofile"; type = "soft"; value = "99999"; }
|
||||
{ domain = "@audio"; item = "nofile"; type = "hard"; value = "99999"; }
|
||||
{
|
||||
domain = "@audio";
|
||||
item = "memlock";
|
||||
type = "-";
|
||||
value = "unlimited";
|
||||
}
|
||||
{
|
||||
domain = "@audio";
|
||||
item = "rtprio";
|
||||
type = "-";
|
||||
value = "99";
|
||||
}
|
||||
{
|
||||
domain = "@audio";
|
||||
item = "nofile";
|
||||
type = "soft";
|
||||
value = "99999";
|
||||
}
|
||||
{
|
||||
domain = "@audio";
|
||||
item = "nofile";
|
||||
type = "hard";
|
||||
value = "99999";
|
||||
}
|
||||
];
|
||||
environment = {
|
||||
etc = {
|
||||
|
|
@ -20,11 +42,11 @@
|
|||
'';
|
||||
};
|
||||
variables = {
|
||||
DSSI_PATH = "$HOME/.dssi:$HOME/.nix-profile/lib/dssi:/run/current-system/sw/lib/dssi";
|
||||
DSSI_PATH = "$HOME/.dssi:$HOME/.nix-profile/lib/dssi:/run/current-system/sw/lib/dssi";
|
||||
LADSPA_PATH = "$HOME/.ladspa:$HOME/.nix-profile/lib/ladspa:/run/current-system/sw/lib/ladspa";
|
||||
LV2_PATH = "$HOME/.lv2:$HOME/.nix-profile/lib/lv2:/run/current-system/sw/lib/lv2";
|
||||
LXVST_PATH = "$HOME/.lxvst:$HOME/.nix-profile/lib/lxvst:/run/current-system/sw/lib/lxvst";
|
||||
VST_PATH = "$HOME/.vst:$HOME/.nix-profile/lib/vst:/run/current-system/sw/lib/vst";
|
||||
LV2_PATH = "$HOME/.lv2:$HOME/.nix-profile/lib/lv2:/run/current-system/sw/lib/lv2";
|
||||
LXVST_PATH = "$HOME/.lxvst:$HOME/.nix-profile/lib/lxvst:/run/current-system/sw/lib/lxvst";
|
||||
VST_PATH = "$HOME/.vst:$HOME/.nix-profile/lib/vst:/run/current-system/sw/lib/vst";
|
||||
};
|
||||
};
|
||||
services = {
|
||||
|
|
@ -38,8 +60,8 @@
|
|||
};
|
||||
};
|
||||
boot = {
|
||||
kernelModules = [ "snd-usb-audio" "snd-aloop" "snd-seq" "snd-rawmidi" ];
|
||||
kernelParams = [ "threadirq" ];
|
||||
kernelModules = ["snd-usb-audio" "snd-aloop" "snd-seq" "snd-rawmidi"];
|
||||
kernelParams = ["threadirq"];
|
||||
extraModprobeConfig = ''
|
||||
options snd-usb-audio nrpacks=1
|
||||
'';
|
||||
|
|
|
|||
|
|
@ -1,32 +1,35 @@
|
|||
{ nixpkgs, config, pkgs, ... }:
|
||||
|
||||
let
|
||||
{
|
||||
nixpkgs,
|
||||
config,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
cfg = config.machine;
|
||||
in {
|
||||
imports = [ "${nixpkgs}/nixos/modules/installer/scan/not-detected.nix" ];
|
||||
imports = ["${nixpkgs}/nixos/modules/installer/scan/not-detected.nix"];
|
||||
|
||||
boot = {
|
||||
loader.systemd-boot = {
|
||||
enable = true;
|
||||
# signed = true;
|
||||
# signing-key = "${cfg.secretPath}/secureboot/db.key";
|
||||
# signing-certificate = "${cfg.secretPath}/secureboot/db.crt";
|
||||
# signed = true;
|
||||
# signing-key = "${cfg.secretPath}/secureboot/db.key";
|
||||
# signing-certificate = "${cfg.secretPath}/secureboot/db.crt";
|
||||
};
|
||||
loader.efi.canTouchEfiVariables = true;
|
||||
tmp = {
|
||||
useTmpfs = true;
|
||||
cleanOnBoot= true;
|
||||
cleanOnBoot = true;
|
||||
};
|
||||
|
||||
kernelPackages = pkgs.linuxPackages_latest;
|
||||
initrd.availableKernelModules = [ "xhci_pci" "ahci" "sd_mod" "rtsx_pci_sdmmc" ];
|
||||
kernelModules = [ "acpi_call" "i915" "kvm-intel" "uinput" ];
|
||||
initrd.availableKernelModules = ["xhci_pci" "ahci" "sd_mod" "rtsx_pci_sdmmc"];
|
||||
kernelModules = ["acpi_call" "i915" "kvm-intel" "uinput"];
|
||||
# 5_10 breaks my touchpad/mouse buttons
|
||||
# https://bbs.archlinux.org/viewtopic.php?id=254885
|
||||
# maybe modprobe hid_rmi or i2c_i801
|
||||
# blacklistedKernelModules = [ "i2c_i801" ];
|
||||
extraModulePackages = with config.boot.kernelPackages; [ acpi_call ]; #pkgs.gitpkgs.linuxPackages_latest.hid-nintendo ];
|
||||
kernelParams = [ "intel_iommu=on" ];
|
||||
extraModulePackages = with config.boot.kernelPackages; [acpi_call]; #pkgs.gitpkgs.linuxPackages_latest.hid-nintendo ];
|
||||
kernelParams = ["intel_iommu=on"];
|
||||
extraModprobeConfig = ''
|
||||
options i915 enable_fbc=1 enable_guc=3
|
||||
'';
|
||||
|
|
@ -37,26 +40,26 @@ in {
|
|||
};
|
||||
};
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/b37b48a8-5dcb-4f4d-ad71-1b26500b3e5f";
|
||||
fsType = "ext4";
|
||||
};
|
||||
fileSystems."/" = {
|
||||
device = "/dev/disk/by-uuid/b37b48a8-5dcb-4f4d-ad71-1b26500b3e5f";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/546A-A3D1";
|
||||
fsType = "vfat";
|
||||
};
|
||||
fileSystems."/boot" = {
|
||||
device = "/dev/disk/by-uuid/546A-A3D1";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
hardware = {
|
||||
firmware = with pkgs; [ firmwareLinuxNonfree ];
|
||||
firmware = with pkgs; [firmwareLinuxNonfree];
|
||||
cpu.intel.updateMicrocode = true;
|
||||
enableAllFirmware = false;
|
||||
ksm.enable = true;
|
||||
opengl = {
|
||||
driSupport = true;
|
||||
extraPackages = with pkgs; [ intel-media-driver libvdpau-va-gl libva (vaapiIntel.override {enableHybridCodec = true;}) vaapiVdpau intel-media-driver ];
|
||||
extraPackages = with pkgs; [intel-media-driver libvdpau-va-gl libva (vaapiIntel.override {enableHybridCodec = true;}) vaapiVdpau intel-media-driver];
|
||||
driSupport32Bit = true;
|
||||
extraPackages32 = with pkgs.pkgsi686Linux; [ libvdpau-va-gl libva (vaapiIntel.override {enableHybridCodec = true;}) vaapiVdpau ];
|
||||
extraPackages32 = with pkgs.pkgsi686Linux; [libvdpau-va-gl libva (vaapiIntel.override {enableHybridCodec = true;}) vaapiVdpau];
|
||||
};
|
||||
|
||||
pulseaudio = {
|
||||
|
|
@ -81,7 +84,7 @@ in {
|
|||
};
|
||||
services = {
|
||||
upower.enable = true;
|
||||
xserver.videoDrivers = [ "intel" ];
|
||||
xserver.videoDrivers = ["intel"];
|
||||
};
|
||||
|
||||
time.timeZone = "Europe/Berlin";
|
||||
|
|
|
|||
|
|
@ -1,8 +1,9 @@
|
|||
{ pkgs, lib, ... }:
|
||||
|
||||
with lib;
|
||||
|
||||
{
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
with lib; {
|
||||
imports = [
|
||||
../../options/copySysConf.nix
|
||||
];
|
||||
|
|
@ -13,7 +14,12 @@ with lib;
|
|||
enable = true;
|
||||
waitOnline = false;
|
||||
};
|
||||
administrators = [ { name = "derped"; id = 1337; } ];
|
||||
administrators = [
|
||||
{
|
||||
name = "derped";
|
||||
id = 1337;
|
||||
}
|
||||
];
|
||||
conffiles = [
|
||||
"etcfiles"
|
||||
"etcvars"
|
||||
|
|
@ -59,15 +65,26 @@ with lib;
|
|||
"cups"
|
||||
"mullvad"
|
||||
"mariaDB"
|
||||
"docker" "podman"
|
||||
"docker"
|
||||
"podman"
|
||||
];
|
||||
firewall = {
|
||||
enable = true;
|
||||
allowPing = true;
|
||||
allowedUDPPorts = [ 24642 ];
|
||||
allowedTCPPorts = [ 24642 ];
|
||||
allowedUDPPortRanges = [ { from = 1714; to = 1764; } ];
|
||||
allowedTCPPortRanges = [ { from = 1714; to = 1764; } ];
|
||||
allowedUDPPorts = [24642];
|
||||
allowedTCPPorts = [24642];
|
||||
allowedUDPPortRanges = [
|
||||
{
|
||||
from = 1714;
|
||||
to = 1764;
|
||||
}
|
||||
];
|
||||
allowedTCPPortRanges = [
|
||||
{
|
||||
from = 1714;
|
||||
to = 1764;
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,8 @@
|
|||
{ config, lib, ... }:
|
||||
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
sops = {
|
||||
defaultSopsFile = ./secrets.yaml;
|
||||
age = {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue