dotfiles/hosts/Arendia/default.nix

{ pkgs, lib, inputs, config, nixos-06cb-009a-fingerprint-sensor, ... }:
let
    serverIP = "10.0.0.1";
in {
    imports = [
        (import ../Common/default.nix { inherit inputs pkgs config; })
        (import ../Common/desktop.nix { inherit inputs pkgs config; })
        (import ../Common/nfs.nix { inherit pkgs serverIP; })
        (import ../Common/zfs.nix {inherit inputs pkgs config; })
    ];

    hardware.graphics.extraPackages = [
        pkgs.intel-compute-runtime
        pkgs.intel-media-driver
    ];

    zramSwap.enable = true;
    services.upower.enable = true;
    services.logind.extraConfig = ''HandlePowerKey=ignore'';
    services.throttled = {
        enable = true;
        extraConfig = ''
            [GENERAL]
            # Enable or disable the script execution
            Enabled: True
            # SYSFS path for checking if the system is running on AC power
            Sysfs_Power_Path: /sys/class/power_supply/AC*/online
            # Auto reload config on changes
            Autoreload: True

            ## Settings to apply while connected to Battery power
            [BATTERY]
            # Update the registers every this many seconds
            Update_Rate_s: 30
            # Max package power for time window #1
            PL1_Tdp_W: 29
            # Time window #1 duration
            PL1_Duration_s: 28
            # Max package power for time window #2
            PL2_Tdp_W: 44
            # Time window #2 duration
            PL2_Duration_S: 0.002
            # Max allowed temperature before throttling
            Trip_Temp_C: 85
            # Set cTDP to normal=0, down=1 or up=2 (EXPERIMENTAL)
            cTDP: 0
            # Disable BDPROCHOT (EXPERIMENTAL)
            Disable_BDPROCHOT: False

            ## Settings to apply while connected to AC power
            [AC]
            # Update the registers every this many seconds
            Update_Rate_s: 5
            # Max package power for time window #1
            PL1_Tdp_W: 44
            # Time window #1 duration
            PL1_Duration_s: 28
            # Max package power for time window #2
            PL2_Tdp_W: 44
            # Time window #2 duration
            PL2_Duration_S: 0.002
            # Max allowed temperature before throttling
            Trip_Temp_C: 95
            # Set HWP energy performance hints to 'performance' on high load (EXPERIMENTAL)
            # Uncomment only if you really want to use it
            # HWP_Mode: False
            # Set cTDP to normal=0, down=1 or up=2 (EXPERIMENTAL)
            cTDP: 0
            # Disable BDPROCHOT (EXPERIMENTAL)
            Disable_BDPROCHOT: False

            [UNDERVOLT]
            CORE: -105
            GPU: -85
            CACHE: -105
            UNCORE: -85
            ANALOGIO: 0
        '';
    };

    networking.hostId = "b6c5c9af";
    networking.interfaces.wlan0.useDHCP = lib.mkDefault false;
    networking.wireless.iwd.enable = true;
    networking.wireless.iwd.settings = {
        IPv6 = {
            Enabled = true;
        };
        Settings = {
            AutoConnect = true;
        };
        General = {
            EnableNetworkConfiguration = true;
        };
    };

    systemd.services.fprintd = {
        wantedBy = [ "multi-user.target" ];
        serviceConfig.Type = "simple";
    };
    services.fprintd = {
        enable = true;
        # tod = {
        #     enable = true;
            # driver = nixos-06cb-009a-fingerprint-sensor.lib.libfprint-2-tod1-vfs0090-bingch {
            #     calib-data-file = ./calib-data.bin;
            # };
        # };
    };


    # virtualisation
    virtualisation.libvirtd.enable = true;
    virtualisation.libvirtd.qemu.ovmf.enable = true;
    virtualisation.spiceUSBRedirection.enable = true;
    programs.virt-manager.enable = true;
    users.users.user.extraGroups = [ "libvirtd" ];

    services.tlp = {
        enable = true;
        settings = {
            CPU_SCALING_GOVERNOR_ON_AC = "performance";
            CPU_SCALING_GOVERNOR_ON_BAT = "powersave";

            CPU_ENERGY_PERF_POLICY_ON_BAT = "power";
            CPU_ENERGY_PERF_POLICY_ON_AC = "performance";

            CPU_MIN_PERF_ON_AC = 0;
            CPU_MAX_PERF_ON_AC = 100;
            CPU_MIN_PERF_ON_BAT = 0;
            CPU_MAX_PERF_ON_BAT = 100;

            #Optional helps save long term battery health
            START_CHARGE_THRESH_BAT0 = 40; # 40 and bellow it starts to charge
            STOP_CHARGE_THRESH_BAT0 = 80; # 80 and above it stops charging
            START_CHARGE_THRESH_BAT1 = 40; # 40 and bellow it starts to charge
            STOP_CHARGE_THRESH_BAT1 = 80; # 80 and above it stops charging
        };
    };

    networking.wg-quick.interfaces = {
        Tunnel = {
            address = [ "10.0.0.7/24" "2a02:a03f:83ad:2101::7/128" ];
            privateKeyFile = "/home/user/.secrets/Wireguard/Arendia.key";
            listenPort = 51820;
            autostart = false;
            postUp = "resolvectl dns Tunnel 10.0.0.1; resolvectl domain Tunnel ~thomasave.be;";
            dns = ["10.0.0.1"];
            peers = [{
                publicKey = "/9ppjm3yeD0duDvxrqgcHscHmftXko+0s2RbivNEy2c=";
                allowedIPs = [ "0.0.0.0/0" "::/0" ];
                endpoint = "h.thomasave.be:13231";
                persistentKeepalive = 25;
            }];
        };
        OPNsense = {
            address = [ "10.0.0.7/24" "2a02:a03f:83ad:2101::7/128" ];
            privateKeyFile = "/home/user/.secrets/Wireguard/Arendia.key";
            listenPort = 51820;
            autostart = true;
            postUp = "resolvectl dns OPNsense 10.0.0.1; resolvectl domain OPNsense ~thomasave.be;";
            dns = ["10.0.0.1"];
            peers = [{
                publicKey = "/9ppjm3yeD0duDvxrqgcHscHmftXko+0s2RbivNEy2c=";
                allowedIPs = [ "10.0.0.1/8" "192.168.1.2/32" ];
                endpoint = "h.thomasave.be:13231";
                persistentKeepalive = 25;
            }];
        };
    };
}