# Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). { config, pkgs, ... }: { imports = [ # Include the results of the hardware scan. ./hardware.nix ]; programs.nix-ld = { enable = true; }; boot.initrd.systemd = { enable = true; tpm2 = {enable = true;}; dbus = {enable = true;}; }; boot.kernelPackages = pkgs.linuxPackages_cachyos; boot.kernelParams = [ "default_hugepagesz=1G" "hugepagesz=1G" ]; boot.kernel.sysctl = { "vm.nr_hugepages" = 512; "vm.swappiness" = 200; "net.core.netdev_max_backlog" = 32768; "net.core.somaxconn" = 16384; "net.core.rmem_default" = 1048576; "net.core.rmem_max" = 16777216; "net.core.wmem_default" = 1048576; "net.core.wmem_max" = 16777216; "net.core.optmem_max" = 65536; "net.ipv4.tcp_rmem" = "4096 1048576 2097152"; "net.ipv4.tcp_wmem" = "4096 65536 16777216"; "net.ipv4.udp_rmem_min" = 8192; "net.ipv4.udp_wmem_min" = 8192; "net.ipv4.tcp_fastopen" = 3; "net.core.default_qdisc" = "cake"; "net.ipv4.tcp_congestion_control" = "bbr"; "vm.dirty_ratio" = 20; "vm.dirty_background_ratio" = 10; "vm.vfs_cache_pressure" = 25; "vm.hugetlb_optimize_vmemmap" = 1; }; services.scx = { enable = true; scheduler = "scx_lavd"; extraArgs = ["--performance"]; }; boot.runSize = "100%"; boot.devSize = "100%"; boot.devShmSize = "100%"; boot.tmp.useTmpfs = true; boot.tmp.tmpfsSize = "100%"; boot.tmp.cleanOnBoot = true; fileSystems."/" = { device = "/dev/disk/by-uuid/11a954cd-1e6b-40e5-9322-e4b5349076fd"; fsType = "btrfs"; options = ["compress=zstd:6" "discard" "flushoncommit" "subvol=@"]; }; services.btrfs.autoScrub = { fileSystems = ["/"]; # Assuming root is formatted with Btrfs. interval = "daily"; enable = true; }; swapDevices = [ { device = "/dev/disk/by-uuid/4d101e1e-8f76-472e-8282-62bb23d122e4"; priority = 50; } ]; zramSwap = { enable = true; priority = 100; memoryPercent = 100; }; nix.gc = { automatic = true; options = "-d"; }; nix.optimise.automatic = true; nix.settings = { experimental-features = "cgroups dynamic-derivations flakes nix-command recursive-nix"; auto-optimise-store = true; http-connections = 0; download-buffer-size = 671088640; max-jobs = "auto"; sync-before-registering = true; use-cgroups = true; }; boot.initrd.kernelModules = ["amdgpu"]; # Processor settings for AMD hardware.cpu.amd = { sev.enable = true; updateMicrocode = true; }; # Bootloader. boot.loader.systemd-boot = { enable = true; edk2-uefi-shell = {enable = true;}; memtest86 = {enable = true;}; configurationLimit = 3; }; boot.plymouth = { enable = true; }; boot.loader.efi.canTouchEfiVariables = true; networking.hostName = "zirconium"; # Hostname. networking.networkmanager = { enable = true; dns = "systemd-resolved"; ethernet = { macAddress = "random"; }; wifi = { backend = "iwd"; macAddress = "random"; }; }; networking.tempAddresses = "default"; # Set your time zone. time.timeZone = "America/Montevideo"; # Select internationalisation properties. i18n.defaultLocale = "en_US.UTF-8"; i18n.extraLocaleSettings = { LC_ADDRESS = "en_US.UTF-8"; LC_IDENTIFICATION = "en_US.UTF-8"; LC_MEASUREMENT = "en_US.UTF-8"; LC_MONETARY = "en_US.UTF-8"; LC_NAME = "en_US.UTF-8"; LC_NUMERIC = "en_US.UTF-8"; LC_PAPER = "en_US.UTF-8"; LC_TELEPHONE = "en_US.UTF-8"; LC_TIME = "en_US.UTF-8"; }; # Load AMD GPU drivers early hardware.amdgpu.initrd = { enable = true; }; hardware.amdgpu.opencl = { enable = true; }; # Graphics hardware.graphics = { enable = true; enable32Bit = true; }; # Enable the X11 windowing system. services.xserver.enable = true; services.xserver.videoDrivers = ["amdgpu"]; services.xserver.updateDbusEnvironment = true; services.xserver.enableTearFree = true; qt = { platformTheme = "kde"; }; # TLP services.power-profiles-daemon.enable = false; # We disable this because it sucks services.tlp.enable = true; services.tlp.settings = { CPU_DRIVER_OPMODE_ON_AC = "active"; CPU_DRIVER_OPMODE_ON_BAT = "active"; CPU_SCALING_GOVERNOR_ON_AC = "performance"; CPU_SCALING_GOVERNOR_ON_BAT = "schedutil"; CPU_BOOST_ON_AC = 1; CPU_BOOST_ON_BAT = 0; PLATFORM_PROFILE_ON_AC = "performance"; PLATFORM_PROFILE_ON_BAT = "low-power"; DISK_IOSCHED = "kyber"; RADEON_DPM_PERF_LEVEL_ON_AC = "high"; WIFI_PWR_ON_AC = "off"; WIFI_PWR_ON_BAT = "off"; }; # Configure keymap in X11 services.xserver.xkb = { layout = "us"; variant = ""; }; # Enable sound with pipewire. hardware.pulseaudio.enable = false; security.rtkit.enable = true; services.pipewire = { enable = true; alsa.enable = true; alsa.support32Bit = true; pulse.enable = true; jack.enable = true; }; # Enable touchpad support (enabled default in most desktopManager). services.libinput.enable = true; users.defaultUserShell = pkgs.zsh; environment.shells = with pkgs; [zsh]; programs.zsh = { enable = true; enableCompletion = true; autosuggestions = { enable = true; strategy = ["completion"]; }; zsh-autoenv = { enable = true; }; syntaxHighlighting = { enable = true; highlighters = ["main" "brackets" "pattern" "cursor" "regexp" "root" "line"]; }; shellAliases = { ll = "ls -l"; update = "sudo nixos-rebuild switch --upgrade"; }; ohMyZsh = { enable = true; plugins = ["git" "direnv" "fzf"]; theme = "half-life"; }; }; # DirEnv support programs.direnv = { enable = true; enableZshIntegration = true; nix-direnv = { enable = true; }; }; # Define a user account. Don't forget to set a password with ‘passwd’. users.users.xmm = { isNormalUser = true; description = "xmm"; extraGroups = ["wheel"]; packages = with pkgs; [ (wrapOBS { plugins = with pkgs.obs-studio-plugins; [ obs-backgroundremoval obs-pipewire-audio-capture ]; }) vesktop vscode-fhs jetbrains-toolbox spotify alacritty halloy alacritty-theme ]; }; services.displayManager.sddm.enable = true; services.desktopManager.plasma6.enable = true; services.displayManager.defaultSession = "plasma"; services.displayManager.sddm.wayland.enable = true; programs.dconf.enable = true; xdg.portal.enable = true; xdg.portal.xdgOpenUsePortal = true; # Allow unfree packages nixpkgs.config.allowUnfree = true; environment.plasma6.excludePackages = with pkgs.kdePackages; [ konsole oxygen libqaccessibilityclient ]; environment.systemPackages = with pkgs; [ ripgrep simp1e-cursors alejandra pre-commit unzip neovim fuzzel fzf firefox_nightly wget2 git btop-rocm llvmPackages_19.clangUseLLVM llvmPackages_19.clang-tools llvmPackages_19.libllvm scx_git.rustscheds hyfetch fastfetch ffmpeg-full gnumake cmake python3 meson ninja nodePackages_latest.nodejs pnpm vulkanPackages_latest.vulkan-extension-layer vulkanPackages_latest.vulkan-loader vulkanPackages_latest.vulkan-validation-layers luajitPackages.luarocks ]; fonts.packages = with pkgs; [ noto-fonts noto-fonts-cjk-sans noto-fonts-cjk-serif noto-fonts-lgc-plus noto-fonts-color-emoji cozette ]; # Improve font quality fonts.fontconfig = { defaultFonts = { serif = ["Liberation Serif"]; sansSerif = ["Liberation Sans"]; monospace = ["Liberation Mono"]; emoji = ["Noto Color Emoji"]; }; cache32Bit = true; }; services.dbus = { implementation = "broker"; }; # SECURITY security = { tpm2 = { enable = true; }; # Having TPM2 is nice. polkit = { enable = true; }; protectKernelImage = true; forcePageTableIsolation = true; }; systemd.tpm2.enable = true; networking.nameservers = [ "1.1.1.1#one.one.one.one" "1.0.0.1#one.one.one.one" "2606:4700:4700::1111#one.one.one.one" "2606:4700:4700::1001#one.one.one.one" ]; services.resolved = { enable = true; dnssec = "true"; domains = ["~."]; fallbackDns = [ "1.1.1.1#one.one.one.one" "1.0.0.1#one.one.one.one" "2606:4700:4700::1111#one.one.one.one" "2606:4700:4700::1001#one.one.one.one" ]; dnsovertls = "true"; llmnr = "false"; }; networking.firewall.enable = true; system.stateVersion = "24.05"; # Did you read the comment? }