thomasave
/
dotfiles
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
dotfiles/hosts/Arendia/default.nix

141 lines
4.6 KiB
Nix
Raw Blame History

{ pkgs, lib, inputs, config, nixos-06cb-009a-fingerprint-sensor, ... }:
let
serverIP = "10.0.0.1";
in {
imports = [
(import ../Common/default.nix { inherit inputs pkgs config; })
(import ../Common/desktop.nix { inherit inputs pkgs config; })
(import ../Common/nfs.nix { inherit pkgs serverIP; })
(import ../Common/zfs.nix {inherit inputs pkgs config; })
];
hardware.graphics.extraPackages = [
pkgs.intel-compute-runtime
pkgs.intel-media-driver
];
zramSwap.enable = true;
services.upower.enable = true;
services.thermald.enable = true;
services.logind.extraConfig = ''HandlePowerKey=ignore'';
services.throttled = {
enable = true;
extraConfig = ''
[GENERAL]
Enabled: True
Sysfs_Power_Path: /sys/class/power_supply/AC*/online
Autoreload: False
[BATTERY]
Update_Rate_s: 30
## Settings to apply while connected to AC power
[AC]
Update_Rate_s: 5
[UNDERVOLT]
CORE: -105
GPU: -85
CACHE: -105
UNCORE: -85
ANALOGIO: 0
'';
};
networking.hostId = "b6c5c9af";
networking.interfaces.wlan0.useDHCP = lib.mkDefault false;
networking.wireless.iwd.enable = true;
networking.wireless.iwd.settings = {
IPv6 = {
Enabled = true;
};
Settings = {
AutoConnect = true;
};
General = {
EnableNetworkConfiguration = true;
};
};
systemd.services.fprintd = {
wantedBy = [ "multi-user.target" ];
serviceConfig.Type = "simple";
};
services.fprintd = {
enable = true;
tod = {
enable = true;
driver = nixos-06cb-009a-fingerprint-sensor.lib.libfprint-2-tod1-vfs0090-bingch {
calib-data-file = ./files/calib-data.bin;
};
};
};
# config.services.fprintd.enable = true;
security.pam.services.login.fprintAuth = true;
security.pam.services.su.fprintAuth = true;
security.pam.services.sudo.fprintAuth = true;
security.pam.services.swaylock.fprintAuth = true;
security.pam.services.swaylock-fancy.fprintAuth = true;
# virtualisation
virtualisation.libvirtd.enable = true;
virtualisation.libvirtd.qemu.ovmf.enable = true;
virtualisation.spiceUSBRedirection.enable = true;
programs.virt-manager.enable = true;
users.users.user.extraGroups = [ "libvirtd" ];
services.tlp = {
enable = true;
settings = {
CPU_SCALING_GOVERNOR_ON_AC = "performance";
CPU_SCALING_GOVERNOR_ON_BAT = "powersave";
CPU_ENERGY_PERF_POLICY_ON_BAT = "power";
CPU_ENERGY_PERF_POLICY_ON_AC = "performance";
CPU_MIN_PERF_ON_AC = 0;
CPU_MAX_PERF_ON_AC = 100;
CPU_MIN_PERF_ON_BAT = 0;
CPU_MAX_PERF_ON_BAT = 40;
#Optional helps save long term battery health
START_CHARGE_THRESH_BAT0 = 40; # 40 and bellow it starts to charge
STOP_CHARGE_THRESH_BAT0 = 80; # 80 and above it stops charging
START_CHARGE_THRESH_BAT1 = 40; # 40 and bellow it starts to charge
STOP_CHARGE_THRESH_BAT1 = 80; # 80 and above it stops charging
};
};
networking.wg-quick.interfaces = {
Tunnel = {
address = [ "10.0.0.7/24" "2a02:a03f:83ad:2101::7/128" ];
privateKeyFile = "/home/user/.secrets/Wireguard/Arendia.key";
listenPort = 51820;
autostart = false;
postUp = "resolvectl dns Tunnel 10.0.0.1; resolvectl domain Tunnel ~thomasave.be;";
dns = ["10.0.0.1"];
peers = [{
publicKey = "/9ppjm3yeD0duDvxrqgcHscHmftXko+0s2RbivNEy2c=";
allowedIPs = [ "0.0.0.0/0" "::/0" ];
endpoint = "h.thomasave.be:13231";
persistentKeepalive = 25;
}];
};
OPNsense = {
address = [ "10.0.0.7/24" "2a02:a03f:83ad:2101::7/128" ];
privateKeyFile = "/home/user/.secrets/Wireguard/Arendia.key";
listenPort = 51820;
autostart = true;
postUp = "resolvectl dns OPNsense 10.0.0.1; resolvectl domain OPNsense ~thomasave.be;";
dns = ["10.0.0.1"];
peers = [{
publicKey = "/9ppjm3yeD0duDvxrqgcHscHmftXko+0s2RbivNEy2c=";
allowedIPs = [ "10.0.0.1/8" "192.168.1.2/32" ];
endpoint = "h.thomasave.be:13231";
persistentKeepalive = 25;
}];
};
};
}
Reference in New Issue View Git Blame Copy Permalink