v
/
infrastructure
1
0
Fork 0
Code Issues 13 Pull Requests 1 Actions Packages Projects Releases Activity
infrastructure/nixos/hosts/thalassa/null/configuration.nix

162 lines
4.6 KiB
Nix
Raw Blame History

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, lib, ... }:
let
nvidia-offload = pkgs.writeShellScriptBin "nvidia-offload" ''
export __NV_PRIME_RENDER_OFFLOAD=1
export __NV_PRIME_RENDER_OFFLOAD_PROVIDER=NVIDIA-G0
export __GLX_VENDOR_LIBRARY_NAME=nvidia
export __VK_LAYER_NV_optimus=NVIDIA_only
exec "$@"
'';
in
{
imports =
[
# Include the results of the hardware scan.
./hardware-configuration.nix
];
# home-manager
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.victor = import ./home.nix;
# Bootloader.
boot.loader.systemd-boot.enable = true;
boot.loader.systemd-boot.configurationLimit = 6;
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.efi.efiSysMountPoint = "/boot/efi";
boot.kernelPackages = pkgs.linuxPackages_latest;
# Enable networking
networking.networkmanager.enable = true;
networking.interfaces.wlp0s20f3.useDHCP = true;
fileSystems."/".options = [ "compress=zstd" ];
# Filesystem dedup
services.beesd.filesystems = {
root = {
spec = "LABEL=nixos";
hashTableSizeMB = 256;
verbosity = "crit";
extraOptions = [ "--loadavg-target" "2.0" ];
};
};
# Select internationalisation properties.
i18n.defaultLocale = "en_GB.utf8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "en_DK.utf8";
LC_IDENTIFICATION = "en_DK.utf8";
LC_MEASUREMENT = "en_DK.utf8";
LC_MONETARY = "en_DK.utf8";
LC_NAME = "en_DK.utf8";
LC_NUMERIC = "en_DK.utf8";
LC_PAPER = "en_DK.utf8";
LC_TELEPHONE = "en_DK.utf8";
LC_TIME = "en_DK.utf8";
};
# Enable the X11 windowing system.
services.xserver.enable = true;
# Enable the GNOME Desktop Environment.
services.xserver.displayManager.gdm.enable = true;
services.xserver.desktopManager.gnome.enable = true;
services.udev.packages = with pkgs; [ gnome.gnome-settings-daemon ];
services.xserver = {
layout = "us";
xkbVariant = "altgr-intl";
xkbOptions = "caps:swapescape";
videoDrivers = [ "nvidia" ];
};
# hardware.nvidia.modesetting.enable = true;
hardware.nvidia.prime = {
offload.enable = true;
intelBusId = "PCI:0:2:0";
nvidiaBusId = "PCI:1:0:0";
};
hardware.opengl.extraPackages = with pkgs; [
vaapiVdpau
];
virtualisation.podman.enable = true;
# Enable CUPS to print documents.
services.printing.enable = true;
# Enable sound with pipewire.
sound.enable = true;
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# If you want to use JACK applications, uncomment this
#jack.enable = true;
# use the example session manager (no others are packaged yet so this is enabled by default,
# no need to redefine it in your config for now)
#media-session.enable = true;
};
environment.systemPackages = with pkgs; [
pciutils
nvidia-offload
vim
wireguard-tools
gnome.gnome-tweaks
gnome.dconf-editor
gnomeExtensions.appindicator
gnomeExtensions.wireguard-indicator
];
programs.steam = {
enable = true;
remotePlay.openFirewall = true;
dedicatedServer.openFirewall = true;
};
services.fstrim.enable = true;
# Allow reverse path for wireguard
networking.firewall = {
# if packets are still dropped, they will show up in dmesg
logReversePathDrops = true;
# wireguard trips rpfilter up
extraCommands = ''
ip46tables -t raw -I nixos-fw-rpfilter -p udp -m udp --sport 51820 -j RETURN
ip46tables -t raw -I nixos-fw-rpfilter -p udp -m udp --dport 51820 -j RETURN
'';
extraStopCommands = ''
ip46tables -t raw -D nixos-fw-rpfilter -p udp -m udp --sport 51820 -j RETURN || true
ip46tables -t raw -D nixos-fw-rpfilter -p udp -m udp --dport 51820 -j RETURN || true
'';
};
nix.extraOptions = ''
keep-outputs = true
keep-derivations = true
'';
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.05"; # Did you read the comment?
}
Reference in New Issue View Git Blame Copy Permalink