209 lines
5.9 KiB
Nix
209 lines
5.9 KiB
Nix
{ pkgs, config, ... }:
|
|
let
|
|
mkConnection = name: cfg: {
|
|
connection = {
|
|
id = name;
|
|
type = "wifi";
|
|
};
|
|
ipv4 = {
|
|
method = "auto";
|
|
};
|
|
ipv6 = {
|
|
method = "auto";
|
|
};
|
|
wifi = {
|
|
ssid = name;
|
|
mode = "infrastructure";
|
|
};
|
|
wifi-security = {
|
|
auth-alg = "open";
|
|
key-mgmt = "wpa-psk";
|
|
psk = cfg.id;
|
|
};
|
|
};
|
|
connections = {
|
|
"The Buttshark" = {
|
|
id = "$THE_BUTTSHARK";
|
|
};
|
|
"5G Research Tower (5000 Watt)" = {
|
|
id = "$RESEARCH_TOWER";
|
|
};
|
|
"5G Research Tower (2400 Watt)" = {
|
|
id = "$RESEARCH_TOWER";
|
|
};
|
|
};
|
|
in
|
|
{
|
|
services.pcscd.enable = true;
|
|
services.xserver.videoDrivers = ["nvidia"];
|
|
hardware.opengl.extraPackages = [
|
|
pkgs.intel-compute-runtime
|
|
pkgs.intel-media-driver
|
|
];
|
|
services.thermald.enable = true;
|
|
services.fwupd.enable = true;
|
|
environment.systemPackages = with pkgs; [
|
|
wireguard-tools
|
|
|
|
# Podman
|
|
dive
|
|
podman-tui
|
|
docker-compose
|
|
|
|
# CUDA
|
|
pciutils
|
|
file
|
|
gnumake
|
|
gcc
|
|
cudatoolkit
|
|
];
|
|
hardware.nvidia = {
|
|
package = config.boot.kernelPackages.nvidiaPackages.stable;
|
|
modesetting.enable = true;
|
|
powerManagement.enable = false;
|
|
powerManagement.finegrained = true;
|
|
open = false;
|
|
nvidiaSettings = true;
|
|
prime = {
|
|
intelBusId = "PCI:0:2:0";
|
|
nvidiaBusId = "PCI:1:0:0";
|
|
offload = {
|
|
enable = true;
|
|
enableOffloadCmd = true;
|
|
};
|
|
};
|
|
};
|
|
systemd.services.nvidia-control-devices = {
|
|
wantedBy = [ "multi-user.target" ];
|
|
serviceConfig.ExecStart = "${pkgs.linuxPackages.nvidia_x11.bin}/bin/nvidia-smi";
|
|
};
|
|
specialisation = {
|
|
docked.configuration = {
|
|
system.nixos.tags = [ "docked" ];
|
|
hardware.nvidia = {
|
|
powerManagement.finegrained = pkgs.lib.mkForce false;
|
|
prime.offload.enable = pkgs.lib.mkForce false;
|
|
prime.offload.enableOffloadCmd = pkgs.lib.mkForce false;
|
|
prime.sync.enable = pkgs.lib.mkForce true;
|
|
};
|
|
};
|
|
};
|
|
services.udev.packages = [ pkgs.yubikey-personalization ];
|
|
services.logind.extraConfig = ''HandlePowerKey=ignore'';
|
|
# Enable common container config files in /etc/containers
|
|
virtualisation.containers.enable = true;
|
|
virtualisation = {
|
|
podman = {
|
|
enable = true;
|
|
dockerCompat = true;
|
|
defaultNetwork.settings.dns_enabled = true;
|
|
};
|
|
};
|
|
|
|
services.ollama = {
|
|
enable = true;
|
|
acceleration = "cuda";
|
|
};
|
|
|
|
# Calendar
|
|
programs.dconf.enable = true;
|
|
services.gnome.evolution-data-server.enable = true;
|
|
services.gnome.gnome-online-accounts.enable = true;
|
|
services.gnome.gnome-keyring.enable = true;
|
|
|
|
# Add the server using gnome-online-accounts:
|
|
# nix-shell -p gnome.gnome-control-center --run "gnome-control-center"
|
|
# Just add the main webdav server and gnome-calendar will automatically pick up all available calendars.
|
|
|
|
# networking.nameservers = [ "1.1.1.1#one.one.one.one" "1.0.0.1#one.one.one.one" ];
|
|
# services.resolved = {
|
|
# enable = true;
|
|
# dnssec = "true";
|
|
# domains = [ "~." ];
|
|
# fallbackDns = [ "1.1.1.1#one.one.one.one" "1.0.0.1#one.one.one.one" ];
|
|
# dnsovertls = "true";
|
|
# };
|
|
|
|
networking.wg-quick.interfaces = {
|
|
wg0 = {
|
|
address = [ "10.0.0.5/24" "2a02:a03f:83ad:2101::5/128" ];
|
|
# dns = [ "10.0.0.1" "fdc9:281f:04d7:9ee9::1" ];
|
|
privateKeyFile = "/home/user/.secrets/Wireguard/Aloria.key";
|
|
listenPort = 51820;
|
|
postUp = "resolvectl dns wg0 10.0.0.1; resolvectl domain wg0 ~thomasave.be;";
|
|
peers = [{
|
|
publicKey = "/9ppjm3yeD0duDvxrqgcHscHmftXko+0s2RbivNEy2c=";
|
|
allowedIPs = [ "10.0.0.1/8" "192.168.1.2/32" ];
|
|
endpoint = "h.thomasave.be:13231";
|
|
persistentKeepalive = 25;
|
|
}];
|
|
};
|
|
};
|
|
networking.networkmanager = {
|
|
enable = true;
|
|
ensureProfiles = {
|
|
environmentFiles = [
|
|
"/home/user/.secrets/Wireless/Aloria.env"
|
|
];
|
|
profiles = pkgs.lib.mapAttrs mkConnection connections;
|
|
};
|
|
dns = "systemd-resolved";
|
|
};
|
|
networking.networkmanager.wifi.backend = "iwd";
|
|
networking.wireless.iwd.enable = true;
|
|
networking.wireless.iwd.settings = {
|
|
IPv6 = {
|
|
Enabled = true;
|
|
};
|
|
Settings = {
|
|
AutoConnect = true;
|
|
};
|
|
};
|
|
|
|
services.resolved = {
|
|
enable = true;
|
|
fallbackDns = [ "1.1.1.1" "1.0.0.1" ];
|
|
};
|
|
|
|
hardware.bluetooth.enable = true;
|
|
hardware.bluetooth.powerOnBoot = true;
|
|
services.blueman.enable = true;
|
|
systemd.user.services.mpris-proxy = {
|
|
description = "Mpris proxy";
|
|
after = [ "network.target" "sound.target" ];
|
|
wantedBy = [ "default.target" ];
|
|
serviceConfig.ExecStart = "${pkgs.bluez}/bin/mpris-proxy";
|
|
};
|
|
hardware.bluetooth.settings = {
|
|
General = {
|
|
Experimental = true;
|
|
};
|
|
};
|
|
|
|
fileSystems."/home/server" = {
|
|
device = "10.1:/home/server";
|
|
fsType = "nfs";
|
|
options = [ "x-systemd.automount" "x-systemd.mount-timeout=1" "_netdev" "noauto" "timeo=1" ];
|
|
};
|
|
fileSystems."/home/user/Workspace" = {
|
|
device = "10.1:/home/server/Workspace";
|
|
fsType = "nfs";
|
|
options = [ "x-systemd.automount" "x-systemd.mount-timeout=1" "_netdev" "noauto" "timeo=1" ];
|
|
};
|
|
fileSystems."/home/user/Documents" = {
|
|
device = "10.1:/home/server/Storage/Thomas/Documents";
|
|
fsType = "nfs";
|
|
options = [ "x-systemd.automount" "x-systemd.mount-timeout=1" "_netdev" "noauto" "timeo=1" ];
|
|
};
|
|
fileSystems."/home/user/Pictures" = {
|
|
device = "10.1:/home/server/Storage/Thomas/Pictures";
|
|
fsType = "nfs";
|
|
options = [ "x-systemd.automount" "x-systemd.mount-timeout=1" "_netdev" "noauto" "timeo=1" ];
|
|
};
|
|
fileSystems."/home/user/Videos" = {
|
|
device = "10.1:/home/server/Storage/Thomas/Videos";
|
|
fsType = "nfs";
|
|
options = [ "x-systemd.automount" "x-systemd.mount-timeout=1" "_netdev" "noauto" "timeo=1" ];
|
|
};
|
|
}
|