telecom/default: update

machines/telecom/default.nix

@@ -1,25 +1,27 @@
 { config, pkgs, lib, inputs, ... }:
-
 {
-  imports =
-    [
-      ./hardware.nix
-      ./home-julien.nix
-      ../../users/julien.nix
-      ../../users/default.nix
-    ];
-
-
+  imports = [
+    ./hardware.nix
+    ./home-julien.nix
+    ../../users/julien.nix
+    ../../users/default.nix
+  ];
 
+  # Boot stuff
   boot.loader.systemd-boot.enable = lib.mkForce false;
   boot.lanzaboote = {
     enable = true;
     pkiBundle = "/etc/secureboot";
   };
-
   boot.initrd.systemd.enable = true;
+  boot.initrd.clevis = {
+    enable = true;
+    devices."cryptroot".secretFile = ./root.jwe;
+  };
+  boot.initrd.systemd.enableTpm2 = true;
+
+  # Sound stuff
   sound.enable = true;
-  #hardware.pulseaudio.enable = true;
   services.pipewire = {
     enable = true;
     alsa.enable = true;
@@ -35,44 +37,32 @@
 
   };
 
-  services.postgresql.enable = true;
-
   networking.hostName = "telecom";
 
   networking.wireless.enable = false;
 
-  environment.sessionVariables = {
-    LIBSEAT_BACKEND = "logind";
-  };
+  environment.sessionVariables = { LIBSEAT_BACKEND = "logind"; };
 
   services.xserver = {
     enable = true;
     layout = "fr";
     displayManager.gdm.enable = true;
-    displayManager.gdm.wayland = true;
   };
 
-  programs.sway.enable = true;
+  programs.sway = {
+    enable = true;
+    extraOptions = [ "--unsupported-gpu" ];
+  };
 
-  nixpkgs.config.permittedInsecurePackages = [
-    "zotero-6.0.27"
-  ];
+  nixpkgs.config.permittedInsecurePackages = [ "zotero-6.0.27" ];
 
   services.tailscale.enable = true;
-  networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
+  networking.networkmanager.enable =
+    true; # Easiest to use and most distros use this by default.
 
   networking.networkmanager.dns = "systemd-resolved";
   services.resolved.enable = true;
 
-  boot.initrd.clevis = {
-    enable = true;
-    devices."cryptroot".secretFile = ./root.jwe;
-  };
-
-  boot.initrd.systemd.enableTpm2 = true;
-
-
-
   time.timeZone = "Europe/Paris";
 
   # Select internationalisation properties.
@@ -81,8 +71,46 @@
     useXkbConfig = true; # use xkbOptions in tty.
   };
 
-  hardware.opengl.enable = true;
-  hardware.opengl.driSupport = true;
+  # Enable OpenGL
+  hardware.opengl = {
+    enable = true;
+    driSupport = true;
+    #    driSupport32Bit = true;
+  };
+
+  # Load nvidia driver for Xorg and Wayland
+  services.xserver.videoDrivers = [ "nvidia" ];
+
+  hardware.nvidia = {
+
+    # Modesetting is required.
+    modesetting.enable = true;
+
+    # Nvidia power management. Experimental, and can cause sleep/suspend to fail.
+    powerManagement.enable = false;
+    # Fine-grained power management. Turns off GPU when not in use.
+    # Experimental and only works on modern Nvidia GPUs (Turing or newer).
+    powerManagement.finegrained = false;
+
+    # Use the NVidia open source kernel module (not to be confused with the
+    # independent third-party "nouveau" open source driver).
+    # Support is limited to the Turing and later architectures. Full list of 
+    # supported GPUs is at: 
+    # https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus 
+    # Only available from driver 515.43.04+
+    # Do not disable this unless your GPU is unsupported or if you have a good reason to.
+    open = true;
+
+    # Enable the Nvidia settings menu,
+    # accessible via `nvidia-settings`.
+    nvidiaSettings = true;
+
+    # Optionally, you may need to select the appropriate driver version for your specific GPU.
+    package = config.boot.kernelPackages.nvidiaPackages.beta;
+  };
+
+  boot.initrd.kernelModules = [ "nvidia" ];
+  boot.extraModulePackages = [ config.boot.kernelPackages.nvidia_x11 ];
 
   programs.dconf.enable = true;
 
@@ -91,17 +119,22 @@
   services.tlp.enable = true;
 
   security.tpm2.enable = true;
-  security.tpm2.pkcs11.enable = true; # expose /run/current-system/sw/lib/libtpm2_pkcs11.so
-  security.tpm2.tctiEnvironment.enable = true; # TPM2TOOLS_TCTI and TPM2_PKCS11_TCTI env variables
-  users.users.julien.extraGroups = [ "tss" ]; # tss group has access to TPM devices
+  security.tpm2.pkcs11.enable =
+    true; # expose /run/current-system/sw/lib/libtpm2_pkcs11.so
+  security.tpm2.tctiEnvironment.enable =
+    true; # TPM2TOOLS_TCTI and TPM2_PKCS11_TCTI env variables
+  users.users.julien.extraGroups =
+    [ "tss" ]; # tss group has access to TPM devices
 
   hardware.bluetooth.enable = true;
 
   environment.systemPackages = with pkgs; [
     tailscale
     brightnessctl
+    unstable.diffoscope
     sbctl
     wl-mirror
+    texlive.combined.scheme-full
   ];
 
   services.printing.enable = true;
@@ -110,15 +143,15 @@
   # for a WiFi printer
   services.avahi.openFirewall = true;
 
-
   security.pam.services.swaylock = { };
 
   programs.ssh.startAgent = true;
 
-  programs.adb.enable = true;
-  services.udev.packages = [
-    pkgs.android-udev-rules
-  ];
+  services.emacs = {
+    enable = true;
+    package = pkgs.emacs29-pgtk;
+  };
+
   services.gnome.gnome-keyring.enable = true;
 
   services.openssh.extraConfig = ''
@@ -128,11 +161,6 @@
     MaxAuthTries 20
   '';
 
-
-
   system.stateVersion = "23.05";
 
 }
-
-
-