London update

New hardware, use systemd-boot, remove vfio bits, xfs fs
2023-12-08 23:43:18 +00:00 · 2023-12-08 23:43:18 +00:00 · 7dfc818b6c
parent cd5536c15a
commit 7dfc818b6c
5 changed files with 33 additions and 82 deletions
--- a/nix/london/config.nu
+++ b/nix/london/config.nu
@ -236,14 +236,20 @@ $env.config = {
    use_kitty_protocol: true # enables keyboard enhancement protocol implemented by kitty console, only if your terminal support this

    hooks: {
-        pre_prompt: [{ null }] # run before the prompt is shown
        pre_execution: [{ null }] # run before the repl input is run
        env_change: {
            PWD: [{|before, after| null }] # run if the PWD environment is different since the last repl input
        }
        display_output: "if (term size).columns >= 100 { table -e } else { table }" # run to display the output of a pipeline
        command_not_found: { null } # return an error message when a command is not found
-    }
+    pre_prompt: [{ ||
+      if (which direnv | is-empty) {
+        return
+      }
+
+      direnv export json | from json | default {} | load-env
+    }]
+  }

    menus: [
        # Configuration for default nushell menus
--- a/nix/london/configuration.nix
+++ b/nix/london/configuration.nix
@ -9,32 +9,18 @@
  # Bootloader
  boot = {
    loader = {
-      grub = {
-        enable = true;
-        device = "nodev";
-        useOSProber = true;
-        efiSupport = true;
-        enableCryptodisk = true;
-      };
+      systemd-boot.enable = true;
      efi = {
        canTouchEfiVariables = true;
-        efiSysMountPoint = "/boot/efi";
      };
    };
+    tmp.cleanOnBoot = true;
    binfmt.emulatedSystems = [ "aarch64-linux" ];
    extraModulePackages = [
      config.boot.kernelPackages.v4l2loopback
    ];
    kernelPackages = pkgs.linuxPackages_zen;
    kernelModules = [ "amdgpu" "coretemp" "kvm-amd" "v4l2loopback" ];
-
-    initrd.secrets = {
-      "/crypto_keyfile.bin" = null;
-    };
-    initrd.luks.devices."luks-63100442-37df-4579-a787-cb2f2c67b3d1" = {
-      device = "/dev/disk/by-uuid/63100442-37df-4579-a787-cb2f2c67b3d1";
-      keyFile = "/crypto_keyfile.bin";
-    };
  };

  time.hardwareClockInLocalTime = true;
@ -54,15 +40,16 @@
  nixpkgs.config.allowUnfree = true;
  systemd.services.NetworkManager-wait-online.enable = false;
  networking = {
+    hostId = "3c26267f";
    hostName = "LONDON";
    networkmanager.enable = true;
    firewall = {
      enable = true;
      allowedUDPPortRanges = [ { from = 27031; to = 27036; } ];
      allowedTCPPortRanges = [ { from = 27036; to = 27037; } ];
-      allowedTCPPorts = [ 7000 7100 22000 8000 ];
+      allowedTCPPorts = [ 7000 7100 22000 8000 3000 ];
      allowedUDPPorts = [ 6000 6001 7011 41641 3478 22000 21027 ];
-      trustedInterfaces = [ "tailscale0" ];
+      trustedInterfaces = [ "enp4s0" "tailscale0" "docker0" ];
      checkReversePath = "loose";
    };
    nftables.enable = true;
@ -108,12 +95,12 @@
      overrideFolders = false;
      user = "gsimmer";
      dataDir = "/home/gsimmer";
-      guiAddress = "100.93.188.51:8384";
+      guiAddress = "100.98.191.127:8384";
    };
    usbmuxd.enable = true;
    prometheus.exporters.node = {
      enable = true;
-      listenAddress = "100.93.188.51";
+      listenAddress = "100.98.191.127";
      enabledCollectors = [
        "systemd" "processes"
      ];
@ -176,6 +163,7 @@
  xdg.portal.enable = true;

  programs = {
+    sway.enable = true;
    gamemode.enable = true;
    zsh.enable = true;
    fish.enable = true;
@ -218,10 +206,10 @@

  fonts = {
    packages = with pkgs; [
-    ibm-plex
-    jetbrains-mono
-    emojione
-    font-awesome
+      ibm-plex
+      jetbrains-mono
+      emojione
+      font-awesome
    ];
    enableDefaultPackages = true;
  };
@ -248,6 +236,7 @@
      glmark2
      libnotify
      emojione
+      swtpm
    ];
  };

--- a/nix/london/gsimmer.nix
+++ b/nix/london/gsimmer.nix
@ -16,14 +16,14 @@
        [
          (import (builtins.fetchTarball {
            url = "https://github.com/nix-community/emacs-overlay/archive/master.tar.gz";
-            sha256 = "156jbn5s9rv7qjy5q6d9yq56zmxv07i5viqs0ryvhazdg1lzw311";
+            sha256 = "03nrh6axxckjsdy8jykqpdsvq7dik0x04pybvwxxy9sd04b8kdh2";
          })) discordOverlay];
  };
  home = {
    username = "gsimmer";
    homeDirectory = "/home/gsimmer";
  };
-
+  
  services.pueue = {
    enable = true;
    settings = {
@ -86,7 +86,6 @@

    eza = {
      enable = true;
-      enableAliases = true;
    };

    bat = {
@ -124,6 +123,7 @@
    discord
    mangohud
    comma
+    looking-glass-client
  ];

  # This value determines the Home Manager release that your
--- a/nix/london/hardware-configuration.nix
+++ b/nix/london/hardware-configuration.nix
@ -8,30 +8,23 @@
    [ (modulesPath + "/installer/scan/not-detected.nix")
    ];

-  boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
+  boot.initrd.availableKernelModules = [ "nvme" "ahci" "xhci_pci" "usbhid" "usb_storage" "sd_mod" ];
  boot.initrd.kernelModules = [ ];
  boot.kernelModules = [ "kvm-amd" ];
  boot.extraModulePackages = [ ];

  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/cd6f3e34-65ce-4be5-b4d4-6818e70dcff3";
-      fsType = "ext4";
+    { device = "/dev/disk/by-uuid/736c20e1-f11a-4af7-88f2-bba7b0f09939";
+      fsType = "xfs";
    };

-  boot.initrd.luks.devices."luks-0cd5d85e-e232-4f75-a8b3-087737657fef".device = "/dev/disk/by-uuid/0cd5d85e-e232-4f75-a8b3-087737657fef";
-
-  fileSystems."/boot/efi" =
-    { device = "/dev/disk/by-uuid/AB23-FA19";
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/2A2C-A8CE";
      fsType = "vfat";
    };

-  fileSystems."/home/gsimmer/FHG" = {
-    device = "/dev/disk/by-label/FHG";
-    fsType = "ext4";
-  };
-  
  swapDevices =
-    [ { device = "/dev/disk/by-uuid/c50f2d93-2f31-4afc-ad26-4730a8f4b7f0"; }
+    [ { device = "/dev/disk/by-uuid/41c7d0e1-e015-4d78-a0fb-f039a7f648ef"; }
    ];

  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
@ -39,9 +32,9 @@
  # still possible to use this option, but it's recommended to use it in conjunction
  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
  networking.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp4s0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp14s0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp15s0.useDHCP = lib.mkDefault true;

+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
-  # high-resolution display
-  # hardware.video.hidpi.enable = lib.mkDefault true;
 }
--- a/nix/london/vfio.nix
+++ b/nix/london/vfio.nix
@ -1,37 +0,0 @@
-let
-  # RTX 3070 Ti
-  gpuIDs = [
-    "10de:1b81" # Graphics
-    "10de:10f0" # Audio
-  ];
-in { pkgs, lib, config, ... }: {
-  options.vfio.enable = with lib;
-    mkEnableOption "Configure the machine for VFIO";
-
-  config = let cfg = config.vfio;
-  in {
-    boot = {
-      initrd.kernelModules = [
-        "vfio_pci"
-        "vfio"
-        "vfio_iommu_type1"
-
-        "nvidia"
-        "nvidia_modeset"
-        "nvidia_uvm"
-        "nvidia_drm"
-      ];
-
-      kernelParams = [
-        # enable IOMMU
-        "amd_iommu=on"
-        "pcie_acs_override=downstream,multifunction"
-      ] ++ lib.optional cfg.enable
-        # isolate the GPU
-        ("vfio-pci.ids=" + lib.concatStringsSep "," gpuIDs);
-    };
-
-    hardware.opengl.enable = true;
-    virtualisation.spiceUSBRedirection.enable = true;
-  };
-}