From fafc1334b9b0710fcb2733285a2c24584ef24244 Mon Sep 17 00:00:00 2001 From: Paul-Henri Froidmont Date: Tue, 9 Sep 2025 13:41:05 +0200 Subject: [PATCH] Add stellaris host --- hosts/stellaris/default.nix | 116 +++++++++++++++++++++ hosts/stellaris/disko.nix | 79 ++++++++++++++ hosts/stellaris/hardware-configuration.nix | 83 +++++++++++++++ modules/desktop/default.nix | 2 +- modules/options.nix | 2 +- 5 files changed, 280 insertions(+), 2 deletions(-) create mode 100644 hosts/stellaris/default.nix create mode 100644 hosts/stellaris/disko.nix create mode 100644 hosts/stellaris/hardware-configuration.nix diff --git a/hosts/stellaris/default.nix b/hosts/stellaris/default.nix new file mode 100644 index 0000000..dac15a1 --- /dev/null +++ b/hosts/stellaris/default.nix @@ -0,0 +1,116 @@ +{ config, ... }: +{ + imports = [ ./hardware-configuration.nix ]; + + modules = { + desktop.wm.enable = true; + editor = { + vim.enable = true; + emacs.enable = true; + }; + services = { + flatpak.enable = true; + belgian-eid.enable = true; + docker.enable = true; + libvirt.enable = true; + languagetool.enable = true; + work-proxy.enable = true; + }; + media = { + mpd.enable = true; + ncmpcpp.enable = true; + }; + }; + + # Monitor backlight control + programs.light.enable = true; + + services.tlp.enable = true; + + hardware.cpu.amd.updateMicrocode = true; + hardware.tuxedo-drivers.enable = true; + hardware.tuxedo-rs = { + enable = true; + tailor-gui.enable = true; + }; + + hardware = { + bluetooth = { + enable = true; + # Enable A2DP Sink + settings = { + General = { + Enable = "Source,Sink,Media,Socket"; + }; + }; + }; + }; + + networking.networkmanager.enable = true; + + services.blueman.enable = true; + + services.logind.lidSwitch = "ignore"; + + user.name = "phfroidmont"; + + home-manager.users.${config.user.name} = + { ... }: + { + services.network-manager-applet.enable = true; + services.blueman-applet.enable = true; + wayland.windowManager.hyprland.settings = { + monitor = [ + "eDP-1, 1920x1080, 0x720, 1.5" + "DP-1, 1920x1080, 0x0, 1.5" + ]; + + workspace = [ + "w[tv1], gapsout:0, gapsin:0" + "f[1], gapsout:0, gapsin:0" + ]; + windowrulev2 = [ + "bordersize 0, floating:0, onworkspace:w[tv1]" + "rounding 0, floating:0, onworkspace:w[tv1]" + "bordersize 0, floating:0, onworkspace:f[1]" + "rounding 0, floating:0, onworkspace:f[1]" + ]; + }; + }; + + services.pipewire.wireplumber.extraConfig = { + "monitor.bluez.properties" = { + "bluez5.enable-sbc-xq" = true; + "bluez5.enable-msbc" = true; + "bluez5.enable-hw-volume" = true; + "bluez5.roles" = [ + "hsp_hs" + "hsp_ag" + "hfp_hf" + "hfp_ag" + ]; + }; + }; + + services.tailscale.enable = true; + + services.openssh = { + enable = true; + settings.PasswordAuthentication = false; + listenAddresses = [ + { + # Tailscale interface + addr = "100.64.0.5"; + port = 22; + } + ]; + }; + users.users.${config.user.name} = { + openssh.authorizedKeys.keyFiles = [ + ../../ssh_keys/phfroidmont-desktop.pub + ]; + extraGroups = [ "video" ]; + }; + + system.stateVersion = "25.05"; +} diff --git a/hosts/stellaris/disko.nix b/hosts/stellaris/disko.nix new file mode 100644 index 0000000..d62b17c --- /dev/null +++ b/hosts/stellaris/disko.nix @@ -0,0 +1,79 @@ +{ ... }: +{ + disko.devices = { + disk.main = { + type = "disk"; + # Replace with your device, e.g. /dev/disk/by-id/nvme-Samsung_SSD_980_... + device = "/dev/disk/by-id/nvme-Samsung_SSD_9100_PRO_2TB_S7YFNJ0Y612225D"; + content = { + type = "gpt"; + partitions = { + ESP = { + type = "ef00"; + size = "512M"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = [ "umask=0077" ]; + }; + }; + luks = { + size = "100%"; + content = { + type = "luks"; + name = "cryptroot"; + settings = { + allowDiscards = true; + }; + content = { + type = "btrfs"; + extraArgs = [ + "-L" + "nixos" + ]; + # Top-level btrfs mountpoint isn't used; subvols below define mounts + subvolumes = { + "@".mountpoint = "/"; + "@home".mountpoint = "/home"; + "@nix".mountpoint = "/nix"; + "@log".mountpoint = "/var/log"; + "@cache".mountpoint = "/var/cache"; + + # Common, fast, SSD-friendly defaults + "@".mountOptions = [ + "compress=zstd" + "noatime" + "ssd" + "autodefrag" + ]; + "@home".mountOptions = [ + "compress=zstd" + "noatime" + "ssd" + "autodefrag" + ]; + "@nix".mountOptions = [ + "compress=zstd" + "noatime" + "ssd" + ]; + "@log".mountOptions = [ + "compress=zstd" + "noatime" + "ssd" + ]; + "@cache".mountOptions = [ + "compress=zstd" + "noatime" + "ssd" + ]; + }; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/hosts/stellaris/hardware-configuration.nix b/hosts/stellaris/hardware-configuration.nix new file mode 100644 index 0000000..e09f656 --- /dev/null +++ b/hosts/stellaris/hardware-configuration.nix @@ -0,0 +1,83 @@ +{ + config, + lib, + pkgs, + modulesPath, + ... +}: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ + "nvme" + "xhci_pci" + "usb_storage" + "sd_mod" + "sdhci_pci" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/60093dc5-7e4f-479d-8e6b-d4f5fedcb01f"; + fsType = "btrfs"; + options = [ "subvol=@" ]; + }; + + boot.initrd.luks.devices."cryptroot".device = + "/dev/disk/by-uuid/46f38e24-f03e-4e3b-9266-652340e1fa41"; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/4847-A536"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; + + fileSystems."/home" = { + device = "/dev/disk/by-uuid/60093dc5-7e4f-479d-8e6b-d4f5fedcb01f"; + fsType = "btrfs"; + options = [ "subvol=@home" ]; + }; + + fileSystems."/nix" = { + device = "/dev/disk/by-uuid/60093dc5-7e4f-479d-8e6b-d4f5fedcb01f"; + fsType = "btrfs"; + options = [ "subvol=@nix" ]; + }; + + fileSystems."/var/cache" = { + device = "/dev/disk/by-uuid/60093dc5-7e4f-479d-8e6b-d4f5fedcb01f"; + fsType = "btrfs"; + options = [ "subvol=@cache" ]; + }; + + fileSystems."/var/log" = { + device = "/dev/disk/by-uuid/60093dc5-7e4f-479d-8e6b-d4f5fedcb01f"; + fsType = "btrfs"; + options = [ "subvol=@log" ]; + }; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = true; + + services.xserver.videoDrivers = [ "nvidia" ]; + + hardware.nvidia = { + modesetting.enable = true; + powerManagement.enable = false; + powerManagement.finegrained = false; + open = true; + nvidiaSettings = true; + package = config.boot.kernelPackages.nvidiaPackages.stable; + }; +} diff --git a/modules/desktop/default.nix b/modules/desktop/default.nix index dab1b14..fab4e4e 100644 --- a/modules/desktop/default.nix +++ b/modules/desktop/default.nix @@ -7,7 +7,7 @@ let wallpaper = pkgs.fetchurl { - url = "https://raw.githubusercontent.com/AngelJumbo/gruvbox-wallpapers/main/wallpapers/irl/houseonthesideofalake.jpg"; + url = "https://raw.githubusercontent.com/AngelJumbo/gruvbox-wallpapers/main/wallpapers/photography/houseonthesideofalake.jpg"; sha256 = "sha256-obKI4qZvucogqRCl51lwV9X8SRaMqcbBwWMfc9TupIo="; }; in diff --git a/modules/options.nix b/modules/options.nix index 7682492..383760a 100644 --- a/modules/options.nix +++ b/modules/options.nix @@ -13,7 +13,7 @@ config = { user = { - name = "froidmpa"; + name = lib.mkDefault "froidmpa"; description = "The primary user account"; extraGroups = [ "wheel"