From eefd4b77af4fbc54efc1b21f199ec3aaa714227e Mon Sep 17 00:00:00 2001 From: mjallen18 Date: Tue, 3 Jun 2025 10:16:34 -0500 Subject: [PATCH] idk --- flake.nix | 59 ++++++++++ hosts/desktop/boot.nix | 2 +- hosts/desktop/netboot.nix | 206 +++++++++++++++++++++++++++++++++++ hosts/desktop/networking.nix | 2 +- hosts/desktop/nix.nix | 15 ++- hosts/nas/nix-serve.nix | 20 ++-- 6 files changed, 288 insertions(+), 16 deletions(-) create mode 100644 hosts/desktop/netboot.nix diff --git a/flake.nix b/flake.nix index f66847d..c840a5c 100755 --- a/flake.nix +++ b/flake.nix @@ -405,6 +405,65 @@ desktop-nixos-hardware.nixosModules.common-pc ]; }; + + # Desktop + "matt-netboot" = desktop-nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { + inherit inputs outputs; + }; + modules = [ + ./base/base-nogui + ./base/base-gui + ./hosts/desktop/netboot.nix + ./modules/desktop-environments/gnome + + # Chaotic Nyx + desktop-chaotic.nixosModules.default + + desktop-sops-nix.nixosModules.sops + + # Home Manager + desktop-home-manager.nixosModules.home-manager + { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.matt = + { ... }: + { + imports = [ + ./hosts/desktop/home.nix + ./share/home/defaults.nix + ./share/home/git.nix + ./share/home/gnome.nix + ./share/home/librewolf.nix + ./share/home/office.nix + ./share/home/shell.nix + ./share/home/vscode.nix + desktop-steam-rom-manager.homeManagerModules.default + desktop-sops-nix.homeManagerModules.sops + ]; + }; + home-manager.users.root = + { ... }: + { + imports = [ + ./share/root-user + desktop-sops-nix.homeManagerModules.sops + ]; + }; + home-manager.backupFileExtension = "backup"; + } + + # nixos hardware + desktop-nixos-hardware.nixosModules.common-cpu-amd + desktop-nixos-hardware.nixosModules.common-cpu-amd-pstate + desktop-nixos-hardware.nixosModules.common-cpu-amd-zenpower + desktop-nixos-hardware.nixosModules.common-gpu-amd + desktop-nixos-hardware.nixosModules.common-hidpi + desktop-nixos-hardware.nixosModules.common-pc + ]; + }; # NAS "jallen-nas" = nas-nixpkgs.lib.nixosSystem { diff --git a/hosts/desktop/boot.nix b/hosts/desktop/boot.nix index cea056f..6f44f9d 100755 --- a/hosts/desktop/boot.nix +++ b/hosts/desktop/boot.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: +{ config, pkgs, ... }: let configLimit = 5; # default = "@saved"; diff --git a/hosts/desktop/netboot.nix b/hosts/desktop/netboot.nix new file mode 100644 index 0000000..4eb553c --- /dev/null +++ b/hosts/desktop/netboot.nix @@ -0,0 +1,206 @@ +{ config, lib, pkgs, ... }: +let + pkgsVersion = pkgs; #.unstable; + kernel = pkgs.linuxPackages_cachyos; + environmentVariables = { + STEAM_FORCE_DESKTOPUI_SCALING = "1.0"; + GDK_SCALE = "1"; + EDITOR = "${pkgs.vscodium}/bin/codium --wait"; + VISUAL = "${pkgs.vscodium}/bin/codium --wait"; + }; + systemPackages = with pkgsVersion; [ + aha + aspell + aspellDicts.en + aspellDicts.en-computers + aspellDicts.en-science + borgbackup + # brscan5 + efibootmgr + kdePackages.ksvg + memtest86-efi + memtest86plus + # occt + os-prober + nil + qemu_full + rclone + rclone-browser + restic + restic-browser + restic-integrity + sane-frontends + sbctl + tpm2-tools + tpm2-tss + udisks2 + unzip + winetricks + + edk2-uefi-shell + ]; + lactConfig = '' + daemon: + log_level: info + admin_groups: + - wheel + - sudo + disable_clocks_cleanup: false + apply_settings_timer: 5 + gpus: + 1002:73BF-1002:0E3A-0000:03:00.0: + fan_control_enabled: true + fan_control_settings: + mode: curve + static_speed: 1.0 + temperature_key: edge + interval_ms: 500 + curve: + 30: 0.0 + 40: 0.2 + 50: 0.35 + 60: 0.5 + 70: 0.75 + 80: 1.0 + spindown_delay_ms: 0 + change_threshold: 0 + pmfw_options: {} + power_cap: 293.0 + performance_level: auto + voltage_offset: 0 + power_states: {} + ''; +in +{ + imports = [ + ./filesystems.nix + ./networking.nix + ./nix.nix + ./services.nix + ./sops.nix + ./users.nix + ../default.nix + ../../share/amd + ]; + + nix = { + settings = { + substituters = [ + "https://cache.mjallen.dev" + ]; + trusted-public-keys = [ + "cache.mjallen.dev-1:IzFmKCd8/gggI6lcCXsW65qQwiCLGFFN9t9s2iw7Lvc=" + ]; + }; + }; + + chaotic.mesa-git.enable = true; + + # Environment configuration + environment = { + systemPackages = systemPackages; + + etc."lact/config.yaml".text = lactConfig; + + variables = environmentVariables; + }; + + # Hardware configuration + hardware = { + # Enable the QMK firmware flashing tool. + keyboard = { + qmk.enable = true; + }; + + # Enable Sane and Brother printer support. + sane = { + enable = true; + brscan5.enable = false; + # extraBackends = [ pkgsVersion.brscan5 ]; + }; + }; + + # Common Configuration + share = { + gaming.enable = true; + hardware.amd = { + enable = lib.mkDefault true; + lact.enable = lib.mkDefault true; + }; + }; + + programs.coolercontrol.enable = true; + + # Time configuration + time = { + hardwareClockInLocalTime = lib.mkDefault false; + }; + + # Virtualisation configuration + virtualisation = { + libvirtd.enable = lib.mkDefault true; + waydroid.enable = lib.mkDefault true; + }; + + # Network boot specifics + boot = { + initrd = { + network.enable = true; + supportedFilesystems = [ "tmpfs" "squashfs" ]; + # extraFiles."/.ro-store".source = "${config.system.build.toplevel}"; + systemd.enable = true; + availableKernelModules = [ + "xhci_pci" + "nvme" + "ahci" + "usbhid" + "uas" + "usb_storage" + "sd_mod" + ]; + }; + + loader = { + grub.enable = lib.mkForce false; + systemd-boot.enable = lib.mkForce false; # already replaced by lanzaboote; included explicitly for clarity + generic-extlinux-compatible.enable = lib.mkForce true; # required for PXE NetBoot + timeout = 0; + efi.canTouchEfiVariables = lib.mkForce false; + }; + kernelModules = [ + "nct6775" + "kvm-amd" + ]; + kernelParams = [ + "ip=dhcp" + "boot.shell_on_fail" + "quiet" + "splash" + # needed cause ssd powersaving is broken af I guess + "nvme_core.default_ps_max_latency_us=0" + "pcie_aspm=off" + ]; + + plymouth = { + enable = true; + }; + }; + + zramSwap.enable = true; + + networking.hostName = lib.mkForce "matt-netboot"; + + # Stateless filesystem (tmpfs) + fileSystems = lib.mkForce { + "/" = { + device = "tmpfs"; + fsType = "tmpfs"; + options = [ "defaults" "size=25%" ]; + }; + # "/nix" = { + # device = "/.ro-store"; + # fsType = "none"; + # options = [ "bind" "ro" ]; + # }; + }; +} \ No newline at end of file diff --git a/hosts/desktop/networking.nix b/hosts/desktop/networking.nix index 255fc5b..1f904d4 100755 --- a/hosts/desktop/networking.nix +++ b/hosts/desktop/networking.nix @@ -5,7 +5,7 @@ in { # Networking configs networking = { - hostName = hostname; + hostName = lib.mkDefault hostname; # Enable Network Manager networkmanager = { diff --git a/hosts/desktop/nix.nix b/hosts/desktop/nix.nix index af710cd..4e5449a 100644 --- a/hosts/desktop/nix.nix +++ b/hosts/desktop/nix.nix @@ -6,12 +6,12 @@ in nix = { settings = { substituters = [ - # "https://cache.mjallen.dev" + "https://cache.mjallen.dev" "https://nix-community.cachix.org" "https://cache.nixos.org/" ]; trusted-public-keys = [ - # "cache.mjallen.dev-1:IzFmKCd8/gggI6lcCXsW65qQwiCLGFFN9t9s2iw7Lvc=" + "cache.mjallen.dev-1:IzFmKCd8/gggI6lcCXsW65qQwiCLGFFN9t9s2iw7Lvc=" "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" ]; warn-dirty = lib.mkForce false; @@ -21,5 +21,16 @@ in ]; trusted-users = [ user ]; }; + settings.builders-use-substitutes = true; + distributedBuilds = true; + buildMachines = [ + { + hostName = "jallen-nas.local"; + system = "x86_64-linux"; + maxJobs = 10; + sshUser = "admin"; + supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ]; + } + ]; }; } \ No newline at end of file diff --git a/hosts/nas/nix-serve.nix b/hosts/nas/nix-serve.nix index 84e9d92..f6aab38 100755 --- a/hosts/nas/nix-serve.nix +++ b/hosts/nas/nix-serve.nix @@ -1,4 +1,7 @@ { pkgs, ... }: +let + nix-build-mail = pkgs.writeShellScript "echo -e \"Content-Type: text/plain\\r\\nSubject: NixOS cache rebuild failed\\r\\n\\r\\nThe nix-rebuild-cache service failed at $(date).\" | sendmail jalle008@proton.me"; +in { # "https://cache.mjallen.dev" # "cache.mjallen.dev-1:IzFmKCd8/gggI6lcCXsW65qQwiCLGFFN9t9s2iw7Lvc=" @@ -32,6 +35,7 @@ gnugrep gnused openssh + nix-build-mail ]; script = '' #!/usr/bin/env bash @@ -66,7 +70,7 @@ if nix build .\#nixosConfigurations.steamdeck.config.system.build.toplevel --no-link; then echo "steamdeck built successfully at $(date)" git add . - git commit -m "Dteamdeck Updates $(date)" + git commit -m "Steamdeck Updates $(date)" else echo "steamdeck failed to build at $(date)" git reset --hard @@ -117,18 +121,10 @@ echo "jallen-nas failed to build at $(date)" git reset --hard fi - - # git push - ''; - # Send an email on failure (optional) - startPost = '' - if [ $SERVICE_RESULT != "success" ]; then - ${pkgs.mailutils}/bin/mail -s "NixOS cache rebuild failed" jalle008@proton.me <