From 6cbb18096f3d43f39a3452323a8325f1c4cab45c Mon Sep 17 00:00:00 2001 From: xmm16 Date: Tue, 10 Dec 2024 23:09:44 -0300 Subject: [PATCH] wip: Implement nyx overlay --- flake.lock | 131 +++++++++++++++++++++-- flake.nix | 8 ++ hosts/default.nix | 1 + hosts/micronix/default.nix | 14 +-- hosts/micronix/hardware.nix | 49 ++++----- hosts/micronix/system.nix | 202 ++++++++++++++++++++++++++++++++++++ hosts/micronix/users.nix | 2 + 7 files changed, 363 insertions(+), 44 deletions(-) create mode 100644 hosts/micronix/system.nix diff --git a/flake.lock b/flake.lock index 20811f8..c4dc02b 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,27 @@ { "nodes": { + "chaotic": { + "inputs": { + "flake-schemas": "flake-schemas", + "home-manager": "home-manager", + "jovian": "jovian", + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1733839340, + "narHash": "sha256-aaA0XSnlqpjjMdJoQFc8knMStn3/kXxVLs3z2erhmNI=", + "owner": "chaotic-cx", + "repo": "nyx", + "rev": "d3a3a98545d2ba55affa97e189e8f98b43e9da70", + "type": "github" + }, + "original": { + "owner": "chaotic-cx", + "ref": "nyxpkgs-unstable", + "repo": "nyx", + "type": "github" + } + }, "disko": { "inputs": { "nixpkgs": [ @@ -96,6 +118,20 @@ "type": "github" } }, + "flake-schemas": { + "locked": { + "lastModified": 1721999734, + "narHash": "sha256-G5CxYeJVm4lcEtaO87LKzOsVnWeTcHGKbKxNamNWgOw=", + "rev": "0a5c42297d870156d9c57d8f99e476b738dcd982", + "revCount": 75, + "type": "tarball", + "url": "https://api.flakehub.com/f/pinned/DeterminateSystems/flake-schemas/0.1.5/0190ef2f-61e0-794b-ba14-e82f225e55e6/source.tar.gz" + }, + "original": { + "type": "tarball", + "url": "https://flakehub.com/f/DeterminateSystems/flake-schemas/%3D0.1.5.tar.gz" + } + }, "flake-utils": { "inputs": { "systems": "systems" @@ -158,6 +194,49 @@ "type": "github" } }, + "home-manager": { + "inputs": { + "nixpkgs": [ + "chaotic", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1733484277, + "narHash": "sha256-i5ay20XsvpW91N4URET/nOc0VQWOAd4c4vbqYtcH8Rc=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "d00c6f6d0ad16d598bf7e2956f52c1d9d5de3c3a", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "jovian": { + "inputs": { + "nix-github-actions": "nix-github-actions", + "nixpkgs": [ + "chaotic", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1733491721, + "narHash": "sha256-n4fTKTYXeGRngeanNDxSxbuWSRCQ6l74IwOBlqp8dcw=", + "owner": "Jovian-Experiments", + "repo": "Jovian-NixOS", + "rev": "0f415721ee427270bc078ef3a5ba2a308d47461f", + "type": "github" + }, + "original": { + "owner": "Jovian-Experiments", + "repo": "Jovian-NixOS", + "type": "github" + } + }, "mnw": { "locked": { "lastModified": 1731821965, @@ -224,17 +303,40 @@ "type": "github" } }, + "nix-github-actions": { + "inputs": { + "nixpkgs": [ + "chaotic", + "jovian", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1729697500, + "narHash": "sha256-VFTWrbzDlZyFHHb1AlKRiD/qqCJIripXKiCSFS8fAOY=", + "owner": "zhaofengli", + "repo": "nix-github-actions", + "rev": "e418aeb728b6aa5ca8c5c71974e7159c2df1d8cf", + "type": "github" + }, + "original": { + "owner": "zhaofengli", + "ref": "matrix-name", + "repo": "nix-github-actions", + "type": "github" + } + }, "nixpkgs": { "locked": { "lastModified": 1733759999, "narHash": "sha256-463SNPWmz46iLzJKRzO3Q2b0Aurff3U1n0nYItxq7jU=", - "owner": "nixos", + "owner": "NixOS", "repo": "nixpkgs", "rev": "a73246e2eef4c6ed172979932bc80e1404ba2d56", "type": "github" }, "original": { - "owner": "nixos", + "owner": "NixOS", "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" @@ -285,6 +387,22 @@ } }, "nixpkgs_2": { + "locked": { + "lastModified": 1733759999, + "narHash": "sha256-463SNPWmz46iLzJKRzO3Q2b0Aurff3U1n0nYItxq7jU=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "a73246e2eef4c6ed172979932bc80e1404ba2d56", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { "locked": { "lastModified": 1732617236, "narHash": "sha256-PYkz6U0bSEaEB1al7O1XsqVNeSNS+s3NVclJw7YC43w=", @@ -300,7 +418,7 @@ "type": "github" } }, - "nixpkgs_3": { + "nixpkgs_4": { "locked": { "lastModified": 1656753965, "narHash": "sha256-BCrB3l0qpJokOnIVc3g2lHiGhnjUi0MoXiw6t1o8H1E=", @@ -338,7 +456,7 @@ "flake-utils": "flake-utils", "mnw": "mnw", "nil": "nil", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs_3", "nmd": "nmd", "plugin-alpha-nvim": "plugin-alpha-nvim", "plugin-base16": "plugin-base16", @@ -2384,7 +2502,7 @@ "rnix-lsp": { "inputs": { "naersk": "naersk", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_4", "utils": "utils" }, "locked": { @@ -2403,10 +2521,11 @@ }, "root": { "inputs": { + "chaotic": "chaotic", "disko": "disko", "flake-parts": "flake-parts", "git-hooks-nix": "git-hooks-nix", - "nixpkgs": "nixpkgs", + "nixpkgs": "nixpkgs_2", "painless-neovim": "painless-neovim", "pankomacs": "pankomacs", "rosepine-qutebrowser": "rosepine-qutebrowser", diff --git a/flake.nix b/flake.nix index 214ace7..35e45d0 100644 --- a/flake.nix +++ b/flake.nix @@ -49,9 +49,17 @@ ref = "master"; inputs.nixpkgs.follows = "nixpkgs"; }; + # chaotic = { +# type = "github"; +# owner = "chaotic-cx"; +# repo = "nyx"; +# ref = "nyxpkgs-unstable"; + #}; + chaotic.url = "github:chaotic-cx/nyx/nyxpkgs-unstable"; }; outputs = inputs @ { nixpkgs, + chaotic, flake-parts, ... }: let diff --git a/hosts/default.nix b/hosts/default.nix index c5b5120..9214f5a 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -15,6 +15,7 @@ system = "x86_64-linux"; extraModules = [ inputs.disko.nixosModules.disko + inputs.chaotic.nixosModules.default ]; }; }; diff --git a/hosts/micronix/default.nix b/hosts/micronix/default.nix index 643b4a2..d72b7a1 100644 --- a/hosts/micronix/default.nix +++ b/hosts/micronix/default.nix @@ -1,15 +1,12 @@ {...}: { imports = [ ./hardware.nix + ./system.nix + ./users.nix ./fonts.nix ]; config = { - boot.loader = { - systemd-boot.enable = true; - efi.canTouchEfiVariables = true; - }; - console = { font = "Lat2-Terminus16"; keyMap = "us"; @@ -19,14 +16,7 @@ xserver.xkb = { layout = "us"; }; - libinput.enable = true; - openssh.enable = true; - }; - - hardware.graphics = { - enable = true; - enable32Bit = false; }; networking.networkmanager = { diff --git a/hosts/micronix/hardware.nix b/hosts/micronix/hardware.nix index f2c17a0..f470d76 100644 --- a/hosts/micronix/hardware.nix +++ b/hosts/micronix/hardware.nix @@ -1,38 +1,35 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + { - config, - lib, - modulesPath, - ... -}: { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = ["nvme"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-amd"]; - boot.extraModulePackages = []; + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; - fileSystems."/" = { - device = "/dev/disk/by-uuid/11a954cd-1e6b-40e5-9322-e4b5349076fd"; - fsType = "btrfs"; - options = ["subvol=@"]; - }; + fileSystems."/" = + { device = "/dev/disk/by-uuid/41853b7d-f098-4ae6-ae9c-1b97b1074bde"; + fsType = "btrfs"; + options = [ "subvol=@" ]; + }; - boot.initrd.luks.devices."luks-62a94d2c-2306-417d-bbfa-c7c6d89043dd".device = "/dev/disk/by-uuid/62a94d2c-2306-417d-bbfa-c7c6d89043dd"; + boot.initrd.luks.devices."luks-fc6b34e2-c93a-4d14-8194-1c30b63f8fb5".device = "/dev/disk/by-uuid/fc6b34e2-c93a-4d14-8194-1c30b63f8fb5"; - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/1F69-C02B"; - fsType = "vfat"; - options = ["fmask=0077" "dmask=0077"]; - }; + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/47C4-D06C"; + fsType = "vfat"; + options = [ "fmask=0077" "dmask=0077" ]; + }; - swapDevices = [ - {device = "/dev/disk/by-uuid/4d101e1e-8f76-472e-8282-62bb23d122e4";} - ]; + swapDevices = + [ { device = "/dev/disk/by-uuid/5743e1ce-4f91-4ab9-9b5d-b46eeda3fb1e"; } + ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/hosts/micronix/system.nix b/hosts/micronix/system.nix new file mode 100644 index 0000000..21b34e2 --- /dev/null +++ b/hosts/micronix/system.nix @@ -0,0 +1,202 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). +{ + config, + pkgs, + libs, + ... +}: { + boot.initrd.systemd = { + enable = true; + tpm2 = {enable = true;}; + dbus = {enable = true;}; + }; + + boot.kernelPackages = pkgs.linuxPackages_cachyos; + + boot.kernelParams = [ + "default_hugepagesz=1G" + "hugepagesz=1G" + ]; + + boot.kernel.sysctl = { + "vm.nr_hugepages" = 512; + "vm.swappiness" = 200; + "net.core.netdev_max_backlog" = 32768; + "net.core.somaxconn" = 16384; + "net.core.rmem_default" = 1048576; + "net.core.rmem_max" = 16777216; + "net.core.wmem_default" = 1048576; + "net.core.wmem_max" = 16777216; + "net.core.optmem_max" = 65536; + "net.ipv4.tcp_rmem" = "4096 1048576 2097152"; + "net.ipv4.tcp_wmem" = "4096 65536 16777216"; + "net.ipv4.udp_rmem_min" = 8192; + "net.ipv4.udp_wmem_min" = 8192; + "net.ipv4.tcp_fastopen" = 3; + "net.core.default_qdisc" = "cake"; + "net.ipv4.tcp_congestion_control" = "bbr"; + "vm.dirty_ratio" = 20; + "vm.dirty_background_ratio" = 10; + "vm.vfs_cache_pressure" = 25; + "vm.hugetlb_optimize_vmemmap" = 1; + }; + + services.scx = { + enable = true; + scheduler = "scx_lavd"; + extraArgs = ["--performance"]; + }; + + boot.runSize = "100%"; + boot.devSize = "100%"; + boot.devShmSize = "100%"; + boot.tmp.useTmpfs = true; + boot.tmp.tmpfsSize = "100%"; + boot.tmp.cleanOnBoot = true; + + fileSystems."/" = { + fsType = "btrfs"; + options = ["compress=zstd:6" "discard" "flushoncommit" "subvol=@"]; + }; + + services.btrfs.autoScrub = { + fileSystems = ["/"]; # Assuming root is formatted with Btrfs. + interval = "daily"; + enable = true; + }; + + zramSwap = { + enable = true; + priority = 100; + memoryPercent = 100; + }; + + nix.gc = { + automatic = true; + options = "-d"; + }; + + nix.optimise.automatic = true; + + nix.settings = { + experimental-features = "cgroups dynamic-derivations flakes nix-command recursive-nix"; + auto-optimise-store = true; + http-connections = 0; + download-buffer-size = 671088640; + max-jobs = "auto"; + sync-before-registering = true; + use-cgroups = true; + }; + + boot.initrd.kernelModules = ["amdgpu"]; + + # Processor settings for AMD + hardware.cpu.amd = { + sev.enable = true; + updateMicrocode = true; + }; + + # Bootloader. + boot.loader.systemd-boot = { + enable = true; + edk2-uefi-shell = {enable = true;}; + memtest86 = {enable = true;}; + configurationLimit = 3; + }; + + boot.plymouth = { + enable = true; + }; + + networking.tempAddresses = "default"; + + # Load AMD GPU drivers early + hardware.amdgpu.initrd = { + enable = true; + }; + + hardware.amdgpu.opencl = { + enable = true; + }; + + # Graphics + hardware.graphics = { + enable = true; + enable32Bit = true; + }; + + # Enable the X11 windowing system. + services.xserver.enable = true; + services.xserver.videoDrivers = ["amdgpu"]; + services.xserver.updateDbusEnvironment = true; + services.xserver.enableTearFree = true; + + qt = { + platformTheme = "kde"; + }; + + # TLP + services.power-profiles-daemon.enable = false; # We disable this because it sucks + services.tlp.enable = true; + services.tlp.settings = { + CPU_DRIVER_OPMODE_ON_AC = "active"; + CPU_DRIVER_OPMODE_ON_BAT = "active"; + CPU_SCALING_GOVERNOR_ON_AC = "performance"; + CPU_SCALING_GOVERNOR_ON_BAT = "schedutil"; + CPU_BOOST_ON_AC = 1; + CPU_BOOST_ON_BAT = 0; + PLATFORM_PROFILE_ON_AC = "performance"; + PLATFORM_PROFILE_ON_BAT = "low-power"; + DISK_IOSCHED = "kyber"; + RADEON_DPM_PERF_LEVEL_ON_AC = "high"; + WIFI_PWR_ON_AC = "off"; + WIFI_PWR_ON_BAT = "off"; + }; + + # Enable sound with pipewire. + hardware.pulseaudio.enable = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + jack.enable = true; + }; + + services.displayManager.sddm.enable = true; + services.desktopManager.plasma6.enable = true; + services.displayManager.defaultSession = "plasma"; + services.displayManager.sddm.wayland.enable = true; + + programs.dconf.enable = true; + + xdg.portal.enable = true; + xdg.portal.xdgOpenUsePortal = true; + + environment.plasma6.excludePackages = with pkgs.kdePackages; [ + konsole + oxygen + libqaccessibilityclient + ]; + + services.dbus = { + implementation = "broker"; + }; + + # SECURITY + security = { + tpm2 = { + enable = true; + }; # Having TPM2 is nice. + polkit = { + enable = true; + }; + protectKernelImage = true; + forcePageTableIsolation = true; + }; + + systemd.tpm2.enable = true; +} diff --git a/hosts/micronix/users.nix b/hosts/micronix/users.nix index c9cf021..6d1cddd 100644 --- a/hosts/micronix/users.nix +++ b/hosts/micronix/users.nix @@ -8,6 +8,8 @@ inherit (pkgs) wget2 + alacritty + firefox vesktop mpv imv