diff --git a/flake.nix b/flake.nix index 60ecc29..9126c7d 100644 --- a/flake.nix +++ b/flake.nix @@ -116,6 +116,11 @@ system = "x86_64-linux"; useHomeManager = true; }; + # dell-laptop + vega = { + system = "x86_64-linux"; + useHomeManager = true; + }; # home-hypervisor orion = { system = "x86_64-linux"; @@ -219,6 +224,9 @@ orion = { hostname = "10.10.10.10"; }; + vega = { + hostname = "10.10.10.101"; + }; redshift = { hostname = "104.164.54.197"; fastConnection = false; diff --git a/hosts/vega/boot.nix b/hosts/vega/boot.nix new file mode 100644 index 0000000..3503a80 --- /dev/null +++ b/hosts/vega/boot.nix @@ -0,0 +1,50 @@ +{ lib, pkgs, ... }: +{ + fileSystems."/" = lib.mkForce { + device = "none"; + options = [ + "defaults" + "size=4G" + "mode=755" + ]; + fsType = "tmpfs"; + }; + + services.scx.enable = true; + services.scx.scheduler = "scx_rustland"; + + networking.hostId = "b06ca84a"; + + boot = { + kernelPackages = pkgs.linuxPackages_cachyos; + zfs.package = pkgs.zfs_cachyos; + zfs.devNodes = "/dev/disk/by-id"; + + blacklistedKernelModules = [ "psmouse" ]; + kernelParams = [ "mem_sleep_default=deep" ]; + + loader = { + grub = { + enable = true; + device = "nodev"; + copyKernels = true; + efiSupport = true; + enableCryptodisk = true; + useOSProber = false; + zfsSupport = true; + gfxmodeEfi = "1920x1080"; + }; + efi.efiSysMountPoint = "/efi"; + efi.canTouchEfiVariables = true; + }; + + tmp.useTmpfs = true; + tmp.tmpfsSize = "100%"; + tmp.tmpfsHugeMemoryPages = "within_size"; + + supportedFilesystems = [ + "ntfs" + "zfs" + ]; + }; +} diff --git a/hosts/vega/default.nix b/hosts/vega/default.nix new file mode 100644 index 0000000..08f0169 --- /dev/null +++ b/hosts/vega/default.nix @@ -0,0 +1,124 @@ +{ + config, + pkgs, + inputs, + ... +}: +let + defaultUser = config.ataraxia.defaults.users.defaultUser; +in +{ + imports = [ + ./disk-config.nix + # ./hardware-configuration.nix + ./boot.nix + + inputs.catppuccin.nixosModules.catppuccin + ]; + catppuccin.enable = true; + catppuccin.accent = "mauve"; + catppuccin.flavor = "mocha"; + + ataraxia.defaults.role = "desktop"; + ataraxia.defaults.hardware.cpuVendor = "intel"; + ataraxia.defaults.hardware.gpuVendor = "intel"; + ataraxia.defaults.bluetooth.enable = true; + # Impermanence + ataraxia.filesystems.zfs.enable = true; + ataraxia.filesystems.zfs.eraseOnBoot.enable = true; + ataraxia.filesystems.zfs.eraseOnBoot.snapshots = [ + "rpool/nixos/root@empty" + "rpool/user/home@empty" + ]; + ataraxia.filesystems.zfs.mountpoints = [ + "/etc/secrets" + "/media/libvirt" + "/nix" + "/persist" + "/srv" + "/var/lib/containers" + "/var/lib/docker" + "/var/lib/libvirt" + "/var/lib/postgresql" + "/var/log" + ]; + + ataraxia.networkd = { + enable = true; + ifname = "enp0s31f6"; + mac = "6c:2b:59:72:f4:4c"; + bridge.enable = true; + ipv4 = [ + { + address = "10.10.10.101/24"; + gateway = "10.10.10.1"; + dns = [ + "10.10.10.1" + "9.9.9.9" + ]; + } + ]; + }; + + # Home-manager + home-manager.users.${defaultUser} = { + ataraxia.defaults.role = "desktop"; + ataraxia.services.modprobed-db.enable = true; + ataraxia.theme.catppuccin.enable = true; + + home.packages = with pkgs; [ modprobed-db ]; + + persist.state.directories = [ "projects" ]; + + home.stateVersion = "25.05"; + }; + + # Services + services.postgresql.settings = { + full_page_writes = "off"; + wal_init_zero = "off"; + wal_recycle = "off"; + }; + services.fwupd.enable = true; + services.tlp = { + enable = true; + settings = { + TLP_DEFAULT_MODE = "BAT"; + TLP_PERSISTENT_DEFAULT = 1; + CPU_SCALING_GOVERNOR_ON_AC = "powersave"; + CPU_SCALING_GOVERNOR_ON_BAT = "powersave"; + CPU_BOOST_ON_AC = 1; + CPU_BOOST_ON_BAT = 0; + }; + }; + + ataraxia.programs.waydroid.enable = true; + ataraxia.vpn.sing-box.enable = true; + ataraxia.vpn.sing-box.config = "dell-singbox"; + services.tailscale = { + enable = true; + useRoutingFeatures = "client"; + }; + + # Mesa from unstable channel + hardware.graphics.package = pkgs.mesaUnstable; + hardware.graphics.package32 = pkgs.mesaUnstablei686; + programs.hyprland.package = pkgs.hyprlandUnstable; + programs.hyprland.portalPackage = pkgs.hyprlandPortalUnstable; + + # Auto-mount lan nfs share + fileSystems = { + "/media/local-nfs" = { + device = "10.10.10.11:/"; + fsType = "nfs4"; + options = [ + "nfsvers=4.2" + "noauto" + "x-systemd.automount" + "x-systemd.idle-timeout=1800" + ]; + }; + }; + + system.stateVersion = "25.05"; +} diff --git a/hosts/vega/disk-config.nix b/hosts/vega/disk-config.nix new file mode 100644 index 0000000..6b00045 --- /dev/null +++ b/hosts/vega/disk-config.nix @@ -0,0 +1,239 @@ +{ inputs, ... }: +let + emptySnapshot = + name: "zfs list -t snapshot -H -o name | grep -E '^${name}@blank$' || zfs snapshot ${name}@blank"; +in +{ + imports = [ inputs.disko.nixosModules.disko ]; + + disko.devices = { + disk = { + main = { + device = "/dev/disk/by-id/nvme-Samsung_SSD_960_EVO_250GB_S3ESNX0K159868B"; + type = "disk"; + content = { + type = "gpt"; + partitions = { + esp = { + type = "EF00"; + name = "ESP"; + size = "512M"; + priority = 1; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/efi"; + mountOptions = [ "umask=0077" ]; + }; + }; + swap = { + name = "swap"; + size = "16G"; + priority = 2; + content = { + type = "swap"; + randomEncryption = true; + }; + }; + boot = { + name = "bpool"; + size = "2G"; + priority = 3; + content = { + type = "zfs"; + pool = "bpool"; + }; + }; + cryptroot = { + size = "100%"; + priority = 4; + content = { + type = "zfs"; + pool = "rpool"; + }; + }; + }; + }; + }; + }; + zpool = { + bpool = { + type = "zpool"; + options = { + ashift = "13"; + autotrim = "on"; + compatibility = "grub2"; + }; + rootFsOptions = { + acltype = "posixacl"; + atime = "on"; + canmount = "off"; + compression = "lz4"; + devices = "off"; + normalization = "formD"; + relatime = "on"; + xattr = "sa"; + dedup = "off"; + }; + mountpoint = "/boot"; + postCreateHook = emptySnapshot "bpool"; + + datasets = { + nixos = { + type = "zfs_fs"; + options.mountpoint = "none"; + options.canmount = "off"; + postCreateHook = emptySnapshot "bpool/nixos"; + }; + "nixos/boot" = { + type = "zfs_fs"; + mountpoint = "/boot"; + options.canmount = "on"; + postCreateHook = emptySnapshot "bpool/nixos/boot"; + }; + }; + }; + rpool = { + type = "zpool"; + options = { + ashift = "13"; + autotrim = "on"; + cachefile = "none"; + }; + rootFsOptions = { + acltype = "posixacl"; + atime = "on"; + canmount = "off"; + compression = "zstd"; + dedup = "off"; + dnodesize = "auto"; + normalization = "formD"; + relatime = "on"; + xattr = "sa"; + }; + mountpoint = "/"; + postCreateHook = emptySnapshot "rpool"; + + datasets = { + reserved = { + type = "zfs_fs"; + options.mountpoint = "none"; + options = { + canmount = "off"; + refreservation = "10G"; + }; + }; + nixos = { + type = "zfs_fs"; + options.mountpoint = "none"; + options.canmount = "off"; + postCreateHook = emptySnapshot "rpool/nixos"; + }; + user = { + type = "zfs_fs"; + options.mountpoint = "none"; + options.canmount = "off"; + postCreateHook = emptySnapshot "rpool/user"; + }; + persistent = { + type = "zfs_fs"; + options.mountpoint = "none"; + options.canmount = "off"; + postCreateHook = emptySnapshot "rpool/persistent"; + }; + "nixos/root" = { + type = "zfs_fs"; + mountpoint = "/"; + options.canmount = "noauto"; + postCreateHook = emptySnapshot "rpool/nixos/root"; + }; + "user/home" = { + type = "zfs_fs"; + mountpoint = "/home"; + options.canmount = "on"; + postCreateHook = emptySnapshot "rpool/user/home"; + }; + "persistent/impermanence" = { + type = "zfs_fs"; + mountpoint = "/persist"; + options.canmount = "on"; + postCreateHook = emptySnapshot "rpool/persistent/impermanence"; + }; + "persistent/servers" = { + type = "zfs_fs"; + mountpoint = "/srv"; + options.canmount = "on"; + postCreateHook = emptySnapshot "rpool/persistent/servers"; + }; + "persistent/nix" = { + type = "zfs_fs"; + mountpoint = "/nix"; + options.canmount = "on"; + postCreateHook = emptySnapshot "rpool/persistent/nix"; + }; + "persistent/secrets" = { + type = "zfs_fs"; + mountpoint = "/etc/secrets"; + options.canmount = "on"; + postCreateHook = emptySnapshot "rpool/persistent/secrets"; + }; + "persistent/log" = { + type = "zfs_fs"; + mountpoint = "/var/log"; + options.canmount = "on"; + postCreateHook = emptySnapshot "rpool/persistent/log"; + }; + "persistent/docker" = { + type = "zfs_fs"; + mountpoint = "/var/lib/docker"; + options.canmount = "on"; + postCreateHook = emptySnapshot "rpool/persistent/docker"; + }; + "persistent/nixos-containers" = { + type = "zfs_fs"; + mountpoint = "/var/lib/nixos-containers"; + options.canmount = "on"; + postCreateHook = emptySnapshot "rpool/persistent/nixos-containers"; + }; + "persistent/libvirt" = { + type = "zfs_fs"; + mountpoint = "/var/lib/libvirt"; + options.canmount = "on"; + postCreateHook = emptySnapshot "rpool/persistent/libvirt"; + }; + "persistent/libvirt-user" = { + type = "zfs_fs"; + mountpoint = "/media/libvirt"; + options.canmount = "on"; + postCreateHook = emptySnapshot "rpool/persistent/libvirt-user"; + }; + "persistent/libvirt-user/images" = { + type = "zfs_fs"; + mountpoint = "/media/libvirt/images"; + options.canmount = "on"; + options.atime = "off"; + options.recordsize = "16K"; + options.compression = "lz4"; + postCreateHook = emptySnapshot "rpool/persistent/libvirt-user/images"; + }; + "persistent/containers" = { + type = "zfs_fs"; + mountpoint = "/var/lib/containers"; + options.canmount = "on"; + options.atime = "off"; + postCreateHook = emptySnapshot "rpool/persistent/containers"; + }; + "persistent/postgresql" = { + type = "zfs_fs"; + mountpoint = "/var/lib/postgresql"; + options.canmount = "on"; + options.recordsize = "16K"; + options.atime = "off"; + options.logbias = "latency"; + postCreateHook = emptySnapshot "rpool/persistent/postgresql"; + }; + }; + }; + }; + }; +}