Andrew/configuration
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
configuration/hosts/main/system.nix
Andrew Kvalheim 243a78a171 Minor refactor
2023-06-16 11:11:55 -07:00

96 lines
2.6 KiB
Nix
Raw Blame History

{ lib, pkgs, ... }:
let
inherit (lib) mkForce;
identity = import ../../common/resources/identity.nix;
in
{
imports = [
../../common/system.nix
<nixos-hardware/lenovo/thinkpad/t14/amd/gen2>
/etc/nixos/hardware-configuration.nix
./local/system.nix
];
# Host parameters
host = {
name = "main";
local = ./local;
resources = ./resources;
};
# Hardware
services.fstrim.enable = true;
services.kmonad.keyboards.default.device = "/dev/input/by-path/platform-i8042-serio-0-event-kbd";
systemd.services.configure-sound-leds = rec {
wantedBy = [ "sys-devices-pci0000:00-0000:00:08.1-0000:07:00.6-sound-card1-controlC1.device" ];
after = wantedBy;
serviceConfig.Type = "oneshot";
script = ''
echo follow-route > /sys/class/sound/ctl-led/mic/mode
echo off > /sys/class/sound/ctl-led/speaker/mode # follow-route pending https://discourse.nixos.org/t/20480
'';
};
# Nix
system.stateVersion = "22.05"; # Permanent
nixpkgs.localSystem = {
system = builtins.currentSystem;
platform.gcc = { arch = "znver3"; tune = "znver3"; };
};
# Filesystems
# TODO: Set `chattr +i` on intermittent mount points
fileSystems = {
"/home/ak/annex" = {
device = "closet.home.arpa:/mnt/hdd/home-ak-annex";
fsType = "nfs";
options = [ "noauto" "user" ];
};
"/home/ak/services-hdd" = {
device = "closet.home.arpa:/mnt/hdd/services";
fsType = "nfs";
options = [ "noauto" "user" ];
};
"/home/ak/services-ssd" = {
device = "closet.home.arpa:/mnt/ssd/services";
fsType = "nfs";
options = [ "noauto" "user" ];
};
};
# Workaround for:
# - https://github.com/NixOS/nixpkgs/issues/24913
# - https://github.com/NixOS/nixpkgs/issues/9848
security.wrappers = {
"mount.nfs" = {
source = "${pkgs.nfs-utils}/bin/mount.nfs";
owner = "root"; group = "root"; setuid = true;
};
"umount.nfs" = {
source = "${pkgs.nfs-utils}/bin/umount.nfs";
owner = "root"; group = "root"; setuid = true;
};
};
# Networking
systemd.network.links = {
"10-dock".linkConfig.Name = "dock";
"10-jack".linkConfig.Name = "jack";
"10-wifi".linkConfig.Name = "wifi";
};
# usbmuxd
services.usbmuxd.enable = true;
# Wireshark
programs.wireshark.enable = true;
users.users.${identity.username}.extraGroups = [ "usbmux" "wireshark" ];
# UniFi Network application
allowedUnfree = [ "mongodb" "unifi-controller" ];
services.unifi = { enable = true; openFirewall = false; };
systemd.services.unifi.wantedBy = mkForce []; # Manual start
}
Reference in a new issue View git blame Copy permalink