luj/snowfield
1
0
Fork 0
mirror of https://github.com/JulienMalka/snowfield.git synced 2025-06-08 02:09:04 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
snowfield/machines/fischer/default.nix

299 lines
9.3 KiB
Nix
Raw Blame History

{
config,
pkgs,
lib,
inputs,
...
}:
let
stumpwmContrib = pkgs.fetchFromGitHub {
owner = "stumpwm";
repo = "stumpwm-contrib";
rev = "1e3fa7abae30e5d5498e69ba56da6a7e265144cc";
hash = "sha256-ewPeamcEWcvAHY1pmnbsVmej8gSt2qIo+lSMjpKwF6k=";
};
sbcl_stump = pkgs.sbcl_2_4_6;
stumpwmWithDeps = sbcl_stump.pkgs.stumpwm.overrideLispAttrs (x: {
lispLibs =
x.lispLibs
++ (with sbcl_stump.pkgs; [
clx-truetype
slynk
]);
});
stumpwmWithDepsRunnable = pkgs.runCommand "stuumpwm-with-deps-runnable" { } ''
mkdir -p "$out/bin" "$out/lib"
cp -r "${stumpwmContrib}" "contrib"
chmod u+rwX -R contrib
export HOME="$PWD"
FIRA_CODE_PATH="${pkgs.fira-code}/share/fonts/truetype"
POWERLINE_PATH="${pkgs.powerline-fonts}/share/fonts/truetype"
ln -s "${stumpwmWithDeps}" "$out/lib/stumpwm"
${(sbcl_stump.withPackages (_: [ stumpwmWithDeps ]))}/bin/sbcl \
--eval '(require :asdf)' --eval '(asdf:disable-output-translations)' \
--eval '(require :stumpwm)' \
--eval '(in-package :stumpwm)' \
--eval '(setf *default-package* :stumpwm)' \
--eval '(set-module-dir "contrib")' \
--eval '(defvar stumpwm::*local-module-dir* "contrib")' \
--eval '(load-module "mem")' \
--eval '(load-module "cpu")' \
--eval '(load-module "battery-portable")' \
--eval '(load-module "net")' \
--eval '(load-module "urgentwindows")' \
--eval '(load-module "ttf-fonts")' \
--eval '(require :slynk)' \
--eval '(require :clx-truetype)' \
--eval '(defvar *wallpaper* nil)' \
--eval '(setf *wallpaper* "${./wallpaper.jpeg}")' \
--eval "(setf clx-truetype:*font-dirs* (list \"$FIRA_CODE_PATH\" \"$POWERLINE_PATH\"))" \
--eval "(sb-ext:save-lisp-and-die \"$out/bin/stumpwm\" :executable t :toplevel #'stumpwm:stumpwm)"
test -x "$out/bin/stumpwm"
'';
in
{
imports = [
./hardware.nix
./home-julien.nix
./syncthing.nix
];
machine.meta = {
arch = "x86_64-linux";
nixpkgs_version = inputs.unstable;
hm_version = inputs.home-manager-unstable;
# TODO: Fix colmena deployment
ips.public.ipv4 = "127.0.0.1";
ips.vpn.ipv4 = "100.100.45.11";
};
# Boot stuff
boot.loader.systemd-boot.enable = lib.mkForce false;
boot.lanzaboote = {
enable = true;
pkiBundle = "/etc/secureboot";
};
boot.initrd.systemd.enable = true;
boot.initrd.clevis = {
enable = true;
devices."cryptroot".secretFile = ./root.jwe;
};
boot.initrd.systemd.tpm2.enable = true;
services.xserver = {
enable = true;
displayManager.lightdm.enable = true;
windowManager.stumpwm.enable = true;
windowManager.stumpwm.package = stumpwmWithDepsRunnable;
};
services.picom = {
enable = true;
backend = "xr_glx_hybrid";
vSync = true;
};
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# If you want to use JACK applications, uncomment this
#jack.enable = true;
# use the example session manager (no others are packaged yet so this is enabled by default,
# no need to redefine it in your config for now)
#media-session.enable = true;
wireplumber.enable = true;
};
networking.hostName = "fischer";
services.blueman.enable = true;
hardware.bluetooth.enable = true;
environment.sessionVariables = {
LIBSEAT_BACKEND = "logind";
};
services.tailscale.enable = true;
networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
networking.networkmanager.dns = "systemd-resolved";
services.resolved.enable = true;
services.autorandr = {
enable = true;
profiles = {
default = {
fingerprint = {
eDP-1-1 = "00ffffffffffff0006af9af900000000141f0104a51e13780363f5a854489d240e505400000001010101010101010101010101010101fa3c80b870b0244010103e002dbc1000001ac83080b870b0244010103e002dbc1000001a000000fe004a38335646804231343055414e0000000000024101b2001100000a410a20200068";
};
config = {
eDP-1-1.enable = true;
};
};
dock-julien = {
fingerprint = {
eDP-1-1 = "00ffffffffffff0006af9af900000000141f0104a51e13780363f5a854489d240e505400000001010101010101010101010101010101fa3c80b870b0244010103e002dbc1000001ac83080b870b0244010103e002dbc1000001a000000fe004a38335646804231343055414e0000000000024101b2001100000a410a20200068";
DP-1-5-3 = "00ffffffffffff0010ac42d1425439312021010380351e78eaa3d5ab524f9d240f5054a54b008100b300d100714fa9408180d1c00101565e00a0a0a02950302035000f282100001a000000ff004446354c5459330a2020202020000000fc0044454c4c205032343233440a20000000fd00314b1d711c000a2020202020200107020318b14d010203071112161304141f051065030c001000023a801871382d40582c45000f282100001e011d8018711c1620582c25000f282100009e011d007251d01e206e2855000f282100001e7e3900a080381f4030203a000f282100001a00000000000000000000000000000000000000000000000000000000000000c1";
DP-1-5-1 = "00ffffffffffff0026cd6b610f01010117210104a5351e783be725a8554ea0260d5054bfef80d140d100d1c0b30095009040818081c0565e00a0a0a02950302035000f282100001a000000ff0031323134383332333030313335000000fd00314b0f5a19000a202020202020000000fc00504c32343933510a202020202001c5020320f153101f051404131e1d121116150f0e030207060123097f0783010000394e00a0a0a02250302035000f282100001a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000079";
};
config = {
eDP-1-1.enable = false;
DP-1-5-1 = {
enable = true;
primary = true;
position = "0x0";
mode = "2560x1440";
};
DP-1-5-3 = {
enable = true;
position = "2560x0";
mode = "2560x1440";
};
};
};
};
};
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
console = {
useXkbConfig = true; # use xkbOptions in tty.
};
# Enable OpenGL
hardware.graphics.enable = true;
# Load nvidia driver for Xorg and Wayland
services.xserver.videoDrivers = [ "nvidia" ];
services.libinput.touchpad.tapping = false;
hardware.nvidia.prime = {
sync.enable = true;
intelBusId = "PCI:0:2:0";
nvidiaBusId = "PCI:1:0:0";
};
hardware.nvidia = {
modesetting.enable = true;
powerManagement.enable = true;
#powerManagement.finegrained = true;
open = true;
nvidiaSettings = true;
dynamicBoost.enable = true;
package = config.boot.kernelPackages.nvidiaPackages.beta;
};
environment.variables = {
# Required to run the correct GBM backend for nvidia GPUs on wayland
GBM_BACKEND = "nvidia-drm";
# Apparently, without this nouveau may attempt to be used instead
# (despite it being blacklisted)
__GLX_VENDOR_LIBRARY_NAME = "nvidia";
# Hardware cursors are currently broken on wlroots
WLR_NO_HARDWARE_CURSORS = "1";
};
boot.extraModprobeConfig =
"options nvidia "
+ lib.concatStringsSep " " [
# nvidia assume that by default your CPU does not support PAT,
# but this is effectively never the case in 2023
"NVreg_UsePageAttributeTable=1"
# This is sometimes needed for ddc/ci support, see
# https://www.ddcutil.com/nvidia/
#
# Current monitor does not support it, but this is useful for
# the future
"NVreg_RegistryDwords=RMUseSwI2c=0x01;RMI2cSpeed=100"
];
boot.initrd.kernelModules = [ "nvidia" ];
programs.dconf.enable = true;
security.polkit.enable = true;
security.tpm2.enable = true;
security.tpm2.pkcs11.enable = true; # expose /run/current-system/sw/lib/libtpm2_pkcs11.so
security.tpm2.tctiEnvironment.enable = true; # TPM2TOOLS_TCTI and TPM2_PKCS11_TCTI env variables
users.users.julien.extraGroups = [ "tss" ]; # tss group has access to TPM devices
services.postgresql.enable = true;
environment.systemPackages = with pkgs; [
tailscale
brightnessctl
sbctl
wl-mirror
texlive.combined.scheme-full
mu
stumpwmWithDepsRunnable
];
networking.hosts = {
"172.25.90.82" = [ "ducati-diavel" ];
};
services.printing = {
enable = true;
extraConf = ''
JobPrivateAccess all
JobPrivateValues none
'';
clientConf = ''
ServerName localhost
Encryption Required
User jmalka
'';
};
environment.variables = {
CUPS_USER = "jmalka";
};
security.pam.services.swaylock = { };
programs.ssh.startAgent = true;
services.gnome.gnome-keyring.enable = true;
services.openssh.extraConfig = ''
HostCertificate /etc/ssh/ssh_host_ed25519_key-cert.pub
HostKey /etc/ssh/ssh_host_ed25519_key
TrustedUserCAKeys /etc/ssh/ssh_user_key.pub
MaxAuthTries 20
'';
virtualisation.docker.enable = true;
services.pcscd.enable = true;
services.udev.packages = [ pkgs.yubikey-personalization ];
services.zerotierone = {
enable = true;
joinNetworks = [
"ebe7fbd4451442b0"
];
};
# Desktop environment
programs.xwayland.enable = true;
programs.hyprland = {
enable = true;
package = pkgs.hyprland;
portalPackage = pkgs.xdg-desktop-portal-hyprland;
};
xdg.portal = {
enable = true;
wlr.enable = true;
extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
};
system.stateVersion = "23.05";
}
Reference in a new issue View git blame Copy permalink