From 7ba6e1b2774d5e9efd92f7ba6f5d85f8193adfc3 Mon Sep 17 00:00:00 2001 From: Jonni Liljamo Date: Thu, 22 Jan 2026 23:24:51 +0200 Subject: [PATCH] w: init --- modules/hosts/ws/w/_nixos/default.nix | 18 ++ .../ws/w/_nixos/hardware-configuration.nix | 49 ++++ modules/hosts/ws/w/_nixos/lanzaboote.nix | 16 ++ .../w/_nixos/not-managed-by-modules-yet.nix | 27 ++ modules/hosts/ws/w/default.nix | 232 ++++++++++++++++++ 5 files changed, 342 insertions(+) create mode 100644 modules/hosts/ws/w/_nixos/default.nix create mode 100644 modules/hosts/ws/w/_nixos/hardware-configuration.nix create mode 100644 modules/hosts/ws/w/_nixos/lanzaboote.nix create mode 100644 modules/hosts/ws/w/_nixos/not-managed-by-modules-yet.nix create mode 100644 modules/hosts/ws/w/default.nix diff --git a/modules/hosts/ws/w/_nixos/default.nix b/modules/hosts/ws/w/_nixos/default.nix new file mode 100644 index 0000000..a641bd5 --- /dev/null +++ b/modules/hosts/ws/w/_nixos/default.nix @@ -0,0 +1,18 @@ +{...}: { + imports = [ + ./hardware-configuration.nix + ./lanzaboote.nix + ./not-managed-by-modules-yet.nix + ]; + + boot.loader.systemd-boot.enable = true; + boot.loader.systemd-boot.configurationLimit = 9; + boot.loader.efi.canTouchEfiVariables = true; + + networking.hostId = "9e77d80e"; + networking.networkmanager.enable = true; + + time.timeZone = "Europe/Helsinki"; + + system.stateVersion = "24.11"; +} diff --git a/modules/hosts/ws/w/_nixos/hardware-configuration.nix b/modules/hosts/ws/w/_nixos/hardware-configuration.nix new file mode 100644 index 0000000..3a4a794 --- /dev/null +++ b/modules/hosts/ws/w/_nixos/hardware-configuration.nix @@ -0,0 +1,49 @@ +{ + config, + lib, + modulesPath, + ... +}: { + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod"]; + boot.initrd.kernelModules = ["zfs"]; + boot.kernelModules = ["kvm-amd"]; + boot.supportedFilesystems = ["zfs"]; + boot.kernelParams = ["amd_pstate=active"]; + + fileSystems."/" = { + device = "zpool/root"; + fsType = "zfs"; + neededForBoot = true; + }; + + fileSystems."/home" = { + device = "zpool/home"; + fsType = "zfs"; + neededForBoot = true; + }; + + fileSystems."/nix" = { + device = "zpool/nix"; + fsType = "zfs"; + neededForBoot = true; + }; + + fileSystems."/persist" = { + device = "zpool/persist"; + fsType = "zfs"; + neededForBoot = true; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/F2FC-041D"; + fsType = "vfat"; + options = ["fmask=0022" "dmask=0022"]; + }; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/modules/hosts/ws/w/_nixos/lanzaboote.nix b/modules/hosts/ws/w/_nixos/lanzaboote.nix new file mode 100644 index 0000000..b470b94 --- /dev/null +++ b/modules/hosts/ws/w/_nixos/lanzaboote.nix @@ -0,0 +1,16 @@ +{ + lib, + pkgs, + ... +}: { + environment.systemPackages = with pkgs; [ + sbctl + ]; + + boot.loader.systemd-boot.enable = lib.mkForce false; + + boot.lanzaboote = { + enable = true; + pkiBundle = "/var/lib/sbctl"; + }; +} diff --git a/modules/hosts/ws/w/_nixos/not-managed-by-modules-yet.nix b/modules/hosts/ws/w/_nixos/not-managed-by-modules-yet.nix new file mode 100644 index 0000000..e294e76 --- /dev/null +++ b/modules/hosts/ws/w/_nixos/not-managed-by-modules-yet.nix @@ -0,0 +1,27 @@ +{pkgs, ...}: { + environment.systemPackages = with pkgs; [ + keepassxc + virt-viewer + + ansible + openssl + rsync + flatbuffers + ]; + + programs.firefox.enable = true; + + services.logind = { + settings.Login.HandlePowerKey = "suspend"; + settings.Login.HandleLidSwitch = "suspend"; + }; + + programs.wireshark = { + enable = true; + package = pkgs.wireshark; + }; + + virtualisation.docker.enable = true; + + services.fprintd.enable = true; +} diff --git a/modules/hosts/ws/w/default.nix b/modules/hosts/ws/w/default.nix new file mode 100644 index 0000000..df8995b --- /dev/null +++ b/modules/hosts/ws/w/default.nix @@ -0,0 +1,232 @@ +{inputs, ...}: let + channel = "unstable"; + system = "x86_64-linux"; + hostName = "w"; +in { + flake.nixosConfigurations.${hostName} = inputs."nixpkgs-${channel}".lib.nixosSystem { + inherit system; + specialArgs = { + inherit inputs; + lib = inputs."nixpkgs-${channel}".lib.extend ( + final: prev: + import ../../../../lib { + inherit inputs; + lib = final; + } + ); + }; + modules = [ + { + networking.hostName = hostName; + } + + ./_nixos + + inputs.nixos-hardware.nixosModules.lenovo-thinkpad-x13-amd + inputs.lanzaboote.nixosModules.lanzaboote + inputs."home-manager-${channel}".nixosModules.home-manager + + ({ + config, + lib, + ... + }: let + user = "j"; + in { + imports = with inputs.self.modules.nixos; + [ + core + amdgpu + audio + nvim + nix + tailscale + lazygit + gnupg + tlp + tidal + ssh-agent + displaylink + + home-manager + { + home-manager.users.${user} = { + imports = with inputs.self.modules.homeManager; + [ + git + ] + ++ [ + { + home.stateVersion = config.system.stateVersion; + + programs.iamb = { + enable = true; + settings = { + default_profile = "liljamo"; + profiles = { + liljamo.user_id = "@liljamo:lothlorien.social"; + skye.user_id = "@skye:lothlorien.social"; + }; + settings = { + message_shortcode_display = true; + reaction_shortcode_display = true; + notifications.enabled = true; + image_preview.protocol.type = "sixel"; + }; + }; + }; + + services.wpaperd = { + enable = true; + settings = { + "any" = { + path = "/home/j/dev/wallhaven-zmeqyg.jpg"; + }; + }; + }; + + services.kanshi = { + enable = true; + systemdTarget = "graphical-session.target"; + settings = let + internal = { + criteria = "eDP-1"; + mode = "1920x1200@60Hz"; + scale = 1.0; + }; + in [ + { + profile.name = "standalone"; + profile.outputs = [ + internal + ]; + } + { + profile.name = "work"; + profile.outputs = [ + ( + internal + // { + position = "0,0"; + } + ) + { + criteria = "Samsung Electric Company LF24T450F HK2RA01018"; + mode = "1920x1080@60Hz"; + position = "1920,0"; + } + { + criteria = "Samsung Electric Company LF24T450F HK2R904582"; + mode = "1920x1080@60Hz"; + position = "3840,0"; + } + ]; + } + { + profile.name = "naruska"; + profile.outputs = [ + ( + internal + // { + position = "760,0"; + } + ) + { + criteria = "Samsung Electric Company S34CG50 HNBX800050"; + mode = "3440x1440@100Hz"; + position = "0,-1440"; + } + ]; + } + ]; + }; + } + + # TODO: see alice + { + arta.git = { + email = "jonni@liljamo.com"; + name = "Jonni Liljamo"; + }; + + arta.hyprland.extraConfig = { + exec-once = [ + "waybar" + ]; + + monitor = [ + "desc:Samsung Electric Company S34CG50 HNBX800050,preferred,auto,1,bitdepth,10,cm,auto,sdrbrightness,1.0,sdrsaturation,1.0" + ]; + + workspace = [ + "1,monitor:eDP-1,default:true" + "8,monitor:eDP-1" + "9,monitor:eDP-1" + ]; + + experimental = { + xx_color_management_v4 = true; + }; + }; + + arta.hyprlock.extraConfig = { + auth = { + fingerprint = { + enabled = true; + }; + }; + }; + + arta.waybar.extraConfig = { + output = ["eDP-1"]; + + modules-left = ["hyprland/workspaces"]; + modules-right = [ + "bluetooth" + "custom/sep" + "backlight" + "custom/sep" + "battery" + "custom/sep" + "wireplumber" + "custom/sep" + "disk" + "custom/sep" + "network" + "custom/sep" + "clock" + "custom/sep" + "hyprland/language" + "tray" + ]; + + "network".interface = "wlp1s0"; + }; + + programs.git.includes = [ + { + condition = "gitdir:~/dev/work/"; + contents.user.email = "jonni.liljamo@sensorfleet.com"; + } + ]; + } + ]; + }; + } + ] + ++ [ + inputs.self.modules.nixos.${user} + { + users.users.${user}.extraGroups = ["video" "wireshark" "docker"]; + } + ] + ++ lib.flatten [ + (lib.arta.importBoth "hyprland" user) + (lib.arta.importBoth "shell" user) + (lib.arta.importBoth "passmenu" user) + (lib.arta.importBoth "bluetooth" user) + ]; + }) + ]; + }; +} -- 2.44.1