diff --git a/backup/thinkpad.nix b/backup/thinkpad.nix deleted file mode 100755 index 578fca1..0000000 --- a/backup/thinkpad.nix +++ /dev/null @@ -1,223 +0,0 @@ -{ config, pkgs, lib, ... }: -let - nvidia-offload = pkgs.writeShellScriptBin "nvidia-offload" '' - export __NV_PRIME_RENDER_OFFLOAD=1 - export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0 - export __GLX_VENDOR_LIBRARY_NAME=nvidia - export __VK_LAYER_NV_optimus=NVIDIA_only - exec -a "$0" "$@" - ''; - secrets-thinkpad = import ../configs/secrets-thinkpad.nix; - be = import ../configs/borg-exclude.nix; -in -{ - imports = - [ - - /etc/nixos/hardware-configuration.nix - ../configs/docker.nix - ../configs/libvirt.nix - ../configs/common.nix - ../configs/user.nix - ../configs/user-gui.nix - ../configs/user-gui-applications.nix - ../configs/bspwm.nix - # ../configs/pantheon.nix - - ]; - - boot = { - loader = { - grub = { - enable = true; - device = "nodev"; - version = 2; - efiSupport = true; - enableCryptodisk = true; - gfxmodeEfi = "1024x768"; - }; - efi = { - canTouchEfiVariables = true; - efiSysMountPoint = "/boot/efi"; - }; - }; - kernelPackages = pkgs.linuxPackages_lqx; - plymouth.enable = true; - initrd = { - luks.devices."root" = { - device = "/dev/disk/by-uuid/9e93feb7-8134-4b62-a05b-1aeade759880"; - keyFile = "/keyfile0.bin"; - allowDiscards = true; - }; - secrets = { - "keyfile0.bin" = "/etc/secrets/initrd/keyfile0.bin"; - "keyfile1.bin" = "/etc/secrets/initrd/keyfile1.bin"; - }; - }; - }; - - # Data mount - fileSystems."/data" = { - device = "/dev/disk/by-uuid/33693f43-076d-41fc-a612-f49ab6870ccb"; # UUID for /dev/mapper/crypted-data - encrypted = { - enable = true; - label = "crypted-data"; - blkDev = "/dev/disk/by-uuid/9bf1d00e-1edc-4de3-9d5e-71a6722ef193"; # UUID for /dev/sda1 - keyFile = "/keyfile1.bin"; - }; - }; - - networking.hostName = "thinkpad"; # Define your hostname. - time.timeZone = "Europe/Berlin"; - - # The global useDHCP flag is deprecated, therefore explicitly set to false here. - # Per-interface useDHCP will be mandatory in the future, so this generated config - # replicates the default behaviour. - networking.useDHCP = false; - - # Select internationalisation properties. - # i18n.defaultLocale = "en_US.UTF-8"; - console = { - font = "latarcyrheb-sun32"; - keyMap = "us"; - }; - - hardware.nvidia.prime = { - offload.enable = true; - - # Bus ID of the Intel GPU. You can find it using lspci, either under 3D or VGA - intelBusId = "PCI:0:2:0"; - - # Bus ID of the NVIDIA GPU. You can find it using lspci, either under 3D or VGA - nvidiaBusId = "PCI:1:0:0"; - }; - - # hardware.bumblebee = { - # enable = true; - # connectDisplay = true; - # }; - - hardware.opengl = { - enable = true; - driSupport32Bit = true; - extraPackages = with pkgs; [ - intel-media-driver # LIBVA_DRIVER_NAME=iHD - vaapiIntel # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium) - vaapiVdpau - libvdpau-va-gl - ]; - }; - - nixpkgs.config.packageOverrides = pkgs: rec { - # bumblebee = pkgs.bumblebee.override { - # extraNvidiaDeviceOptions = '' - # Option "ProbeAllGpus" "false" - # Option "AllowEmptyInitialConfiguration" - # EndSection# - - # Section "ServerLayout" - # Identifier "Layout0" - # Option "AutoAddDevices" "true" # Bumblebee defaults to false - # Option "AutoAddGPU" "false" - # EndSection - - # Section "Screen" # Add this section - # Identifier "Screen0" - # Device "DiscreteNvidia" - # ''; - # }; - vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; }; - }; - - # Enable sound. - sound.enable = true; - hardware.pulseaudio = { - enable = true; - support32Bit = true; - daemon = { - config = { - avoid-resampling = "yes"; - }; - }; - configFile = pkgs.runCommand "default.pa" { } '' - sed 's/module-udev-detect$/module-udev-detect tsched=0/' \ - ${pkgs.pulseaudio}/etc/pulse/default.pa > $out - ''; - }; - hardware.sane.enable = true; - - services = { - thinkfan = { - enable = true; - levels = [ - [ 0 0 67 ] - [ 1 65 75 ] - [ 2 73 80 ] - [ 3 78 85 ] - [ 4 83 90 ] - [ 6 88 95 ] - [ 7 93 32767 ] - ]; - }; - xserver = { - videoDrivers = [ "nvidia" ]; - # deviceSection = ''BusID "PCI:0:2:0"''; - # deviceSection = '' - # Option "TearFree" "true" - # ''; - }; - power-profiles-daemon.enable = false; - auto-cpufreq.enable = true; - tlp.enable = false; - # tlp = { - # enable = true; - # settings = { - # START_CHARGE_THRESH_BAT0 = 80; - # STOP_CHARGE_THRESH_BAT0 = 90; - # }; - # }; - borgbackup.jobs.home = rec { - compression = "auto,zstd"; - encryption = { - mode = "repokey-blake2"; - passphrase = secrets-thinkpad.borg-key; - }; - extraCreateArgs = "--list --stats --verbose --checkpoint-interval 600 --exclude-caches"; - environment.BORG_RSH = "ssh -i ~/.ssh/id_borg_rsa"; - paths = "/home/alex"; - repo = secrets-thinkpad.borg-repo; - startAt = "daily"; - user = "alex"; - prune.keep = { - daily = 7; - weekly = 4; - monthly = 6; - }; - extraPruneArgs = "--save-space --list --stats"; - exclude = map (x: paths + "/" + x) be.borg-exclude; - }; - }; - - # home-manager.users.alex.services.barrier.client = { - # enable = true; - # enableCrypto = false; - # name = "thinkpad"; - # server = "192.168.0.150:24800"; - # }; - - systemd.extraConfig = '' - DefaultTimeoutStopSec=10s - ''; - - environment.systemPackages = with pkgs; [ - nvidia-offload - # xorg.xf86videointel - intel-gpu-tools - ]; - - networking.firewall.enable = false; - - powerManagement.powertop.enable = true; - - system.stateVersion = "21.05"; -} diff --git a/configs/plasma.nix b/configs/plasma.nix index 0082394..75f5e11 100755 --- a/configs/plasma.nix +++ b/configs/plasma.nix @@ -5,7 +5,7 @@ }; environment.plasma6.excludePackages = with pkgs.kdePackages; [ - # plasma-browser-integration + plasma-browser-integration konsole oxygen kate @@ -17,7 +17,10 @@ desktopManager.plasma6.enable = true; displayManager = { defaultSession = "plasmax11"; - sddm = { enable = true; }; + sddm = { + enable = true; + # wayland.enable = true; + }; }; xserver = { diff --git a/machine/desktop.nix b/machine/desktop.nix index 00b3e66..d18c17e 100755 --- a/machine/desktop.nix +++ b/machine/desktop.nix @@ -2,6 +2,7 @@ let secrets = import ../configs/secrets.nix; + be = import ../configs/borg-exclude.nix; wireguard = import ../configs/wireguard.nix; unstable = import { config.allowUnfree = true; }; in @@ -35,13 +36,14 @@ in efi = { canTouchEfiVariables = true; }; }; - initrd.kernelModules = [ "amdgpu" ]; + # initrd.kernelModules = [ "amdgpu" ]; plymouth.enable = true; extraModulePackages = with pkgs.linuxPackages; [ it87 zenpower ]; - kernelModules = [ "it87" ]; + kernelModules = [ "it87" "zenpower" ]; kernelParams = [ "amdgpu.ppfeaturemask=0xffffffff" ]; supportedFilesystems = [ "ntfs" ]; + blacklistedKernelModules = [ "k10temp" ]; }; systemd.services = { @@ -56,19 +58,19 @@ in networking = { hostName = "desktop"; useDHCP = false; - wireguard.interfaces = { - wg0 = { - ips = [ "10.100.0.2/24" ]; - privateKey = secrets.wireguard-desktop-private; - peers = [{ - publicKey = wireguard.wireguard-vps-public; - presharedKey = secrets.wireguard-preshared; - allowedIPs = [ "10.100.0.0/24" ]; - endpoint = "old.szczepan.ski:51820"; - persistentKeepalive = 25; - }]; - }; - }; + # wireguard.interfaces = { + # wg0 = { + # ips = [ "10.100.0.2/24" ]; + # privateKey = secrets.wireguard-desktop-private; + # peers = [{ + # publicKey = wireguard.wireguard-vps-public; + # presharedKey = secrets.wireguard-preshared; + # allowedIPs = [ "10.100.0.0/24" ]; + # endpoint = "old.szczepan.ski:51820"; + # persistentKeepalive = 25; + # }]; + # }; + # }; }; time.timeZone = "Europe/Berlin"; @@ -83,6 +85,8 @@ in unigine-superposition lact amdgpu_top + python3 + python311Packages.tkinter ]; hardware = { @@ -109,16 +113,16 @@ in enable = true; config = '' INTERVAL=10 - DEVPATH=hwmon3=devices/platform/it87.656 - DEVNAME=hwmon3=it8665 - FCTEMPS=hwmon3/pwm3=hwmon3/temp1_input hwmon3/pwm2=hwmon3/temp1_input hwmon3/pwm1=hwmon3/temp1_input - FCFANS=hwmon3/pwm3=hwmon3/fan2_input hwmon3/pwm2=hwmon3/fan1_input hwmon3/pwm1= - MINTEMP=hwmon3/pwm3=60 hwmon3/pwm2=60 hwmon3/pwm1=60 - MAXTEMP=hwmon3/pwm3=75 hwmon3/pwm2=75 hwmon3/pwm1=75 - MINSTART=hwmon3/pwm3=51 hwmon3/pwm2=51 hwmon3/pwm1=51 - MINSTOP=hwmon3/pwm3=51 hwmon3/pwm2=51 hwmon3/pwm1=51 - MINPWM=hwmon3/pwm1=51 hwmon3/pwm2=51 hwmon3/pwm3=51 - MAXPWM=hwmon3/pwm3=127 hwmon3/pwm2=204 + DEVPATH=hwmon2=devices/platform/it87.656 + DEVNAME=hwmon2=it8665 + FCTEMPS=hwmon2/pwm3=hwmon2/temp1_input hwmon2/pwm2=hwmon2/temp1_input hwmon2/pwm1=hwmon2/temp1_input + FCFANS=hwmon2/pwm3=hwmon2/fan2_input hwmon2/pwm2=hwmon2/fan1_input hwmon2/pwm1= + MINTEMP=hwmon2/pwm3=60 hwmon2/pwm2=60 hwmon2/pwm1=60 + MAXTEMP=hwmon2/pwm3=75 hwmon2/pwm2=75 hwmon2/pwm1=75 + MINSTART=hwmon2/pwm3=51 hwmon2/pwm2=51 hwmon2/pwm1=51 + MINSTOP=hwmon2/pwm3=51 hwmon2/pwm2=51 hwmon2/pwm1=51 + MINPWM=hwmon2/pwm1=51 hwmon2/pwm2=51 hwmon2/pwm3=51 + MAXPWM=hwmon2/pwm3=127 hwmon2/pwm2=204 ''; }; @@ -128,9 +132,10 @@ in sound.enable = true; services = { + power-profiles-daemon.enable = true; netdata.enable = true; printing.enable = true; - xserver.videoDrivers = [ "amdgpu" ]; + # xserver.videoDrivers = [ "amdgpu" ]; displayManager.autoLogin = { enable = true; @@ -144,26 +149,28 @@ in pulse.enable = true; }; - # borgbackup.jobs.home = rec { - # compression = "auto,zstd"; - # encryption = { - # mode = "repokey-blake2"; - # passphrase = secrets.borg-key; - # }; - # extraCreateArgs = "--checkpoint-interval 600 --exclude-caches"; - # environment.BORG_RSH = "ssh -i ~/.ssh/id_borg_rsa"; - # paths = "/home/alex"; - # repo = secrets.borg-repo; - # startAt = "daily"; - # user = "alex"; - # prune.keep = { - # daily = 7; - # weekly = 4; - # monthly = 6; - # }; - # extraPruneArgs = "--save-space --list --stats"; - # exclude = map (x: paths + "/" + x) be.borg-exclude; - # }; + tailscale.enable = true; + + borgbackup.jobs.home = rec { + compression = "auto,zstd"; + encryption = { + mode = "repokey-blake2"; + passphrase = secrets.borg-key; + }; + extraCreateArgs = "--checkpoint-interval 600 --exclude-caches"; + environment.BORG_RSH = "ssh -i ~/.ssh/id_borg_ed25519"; + paths = "/home/alex"; + repo = secrets.borg-repo; + startAt = "daily"; + user = "alex"; + prune.keep = { + daily = 7; + weekly = 4; + monthly = 6; + }; + extraPruneArgs = "--save-space --list --stats"; + exclude = map (x: paths + "/" + x) be.borg-exclude; + }; }; home-manager.users.alex.services.barrier.client = {