ark/hosts/lungmen/default.nix

{
  config,
  lib,
  pkgs,
  inputs,
  ...
}: let
  btrfsPartPath = "/dev/disk/by-label/NIXOS";
  btrfsOptions = ["compress-force=zstd" "noatime"];
  btrfsDiff =
    pkgs.writeScriptBin
    "btrfs-diff"
    ''
      #!${pkgs.bash}/bin/bash
      set -euo pipefail

      sudo mkdir -p /mnt
      sudo mount -o subvol=/ ${btrfsPartPath} /mnt

      OLD_TRANSID=$(sudo btrfs subvolume find-new /mnt/root-blank 9999999)

      sudo btrfs subvolume find-new "/mnt/root" "$OLD_TRANSID" |
      sed '$d' |
      cut -f17- -d' ' |
      sort |
      uniq |
      while read path; do
        path="/$path"
        if [ -L "$path" ]; then
          : # The path is a symbolic link, so is probably handled by NixOS already
        elif [ -d "$path" ]; then
          : # The path is a directory, ignore
        else
          echo "$path"
        fi
      done

      sudo umount /mnt
    '';
in {
  imports = with inputs;
  with nixos-hardware.nixosModules; [
    nixpkgs.nixosModules.notDetected
    nixos-persistence.nixosModule
    common-pc-ssd
    common-pc
    common-gpu-amd
    common-cpu-amd
    ../../modules/network/dns
    ../../modules/develop/nixbuild
    ../../users/root
    ../../users/patriot
  ];

  boot = {
    tmpOnTmpfs = true;
    loader = {
      efi.canTouchEfiVariables = true;
      systemd-boot.enable = true;
      systemd-boot.configurationLimit = 10;
    };
    kernelPackages = pkgs.linuxPackages_latest;
    supportedFilesystems = ["btrfs"];
    initrd = {
      availableKernelModules = ["xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod"];
      kernelModules = ["amdgpu"];
    };
    kernelModules = ["kvm-amd"];
    extraModulePackages = [];
    initrd.postDeviceCommands =
      pkgs.lib.mkBefore
      ''
        mkdir -p /mnt
        mount -o subvol=/ ${btrfsPartPath} /mnt
        btrfs subvolume list -o /mnt/root |
        cut -f9 -d' ' |
        while read subvolume; do
          echo "deleting /$subvolume subvolume..."
          btrfs subvolume delete "/mnt/$subvolume"
        done &&
        echo "deleting /root subvolume..." &&
        btrfs subvolume delete /mnt/root
        echo "restoring blank /root subvolume"
        btrfs subvolume snapshot /mnt/root-blank /mnt/root
        umount /mnt
      '';
    kernel.sysctl = {"fs.inotify.max_user_watches" = 524288;};
  };

  fileSystems."/" = {
    device = btrfsPartPath;
    fsType = "btrfs";
    options = ["subvol=root"] ++ btrfsOptions;
  };
  fileSystems."/home" = {
    device = btrfsPartPath;
    fsType = "btrfs";
    options = ["subvol=home"] ++ btrfsOptions;
  };
  /*
     fileSystems."/media/archive" = {
     device = "/dev/disk/by-uuid/f9b5f7f3-51e8-4357-8518-986b16311c71";
     fsType = "btrfs";
     options = btrfsOptions;
   };
   */
  fileSystems."/nix" = {
    device = btrfsPartPath;
    fsType = "btrfs";
    options = ["subvol=nix"] ++ btrfsOptions;
  };
  fileSystems."/persist" = {
    device = btrfsPartPath;
    fsType = "btrfs";
    options = ["subvol=persist"] ++ btrfsOptions;
    neededForBoot = true;
  };
  fileSystems."/boot" = {
    device = "/dev/disk/by-uuid/5784-BBB1";
    fsType = "vfat";
  };

  swapDevices = [];
  zramSwap = {
    enable = true;
    algorithm = "zstd";
  };

  nix.maxJobs = lib.mkDefault 4;
  security = {
    pam.loginLimits = [
      {
        domain = "*";
        type = "soft";
        item = "nofile";
        value = "524288";
      }
      {
        domain = "*";
        type = "hard";
        item = "nofile";
        value = "524288";
      }
    ];
    allowSimultaneousMultithreading = false;
    # Deleting root subvolume makes sudo show lecture every boot
    sudo.extraConfig = ''
      Defaults lecture = never
    '';
    rtkit.enable = true;
  };

  sound.enable = false;
  services.pipewire = {
    enable = true;
    alsa.enable = true;
    alsa.support32Bit = true;
    pulse.enable = true;
  };
  hardware = {
    opengl = {
      driSupport = true;
      driSupport32Bit = true;
      enable = true;
      extraPackages = with pkgs; [amdvlk libvdpau-va-gl vaapiVdpau libva vulkan-loader pipewire];
      extraPackages32 = with pkgs.pkgsi686Linux;
        [libvdpau-va-gl vaapiVdpau libva vulkan-loader pipewire] ++ [pkgs.driversi686Linux.amdvlk];
    };
    pulseaudio = {
      enable = false;
      support32Bit = true;
    };
  };

  fonts = {
    enableDefaultFonts = true;
    fontconfig.enable = true;
    fonts = [pkgs.dejavu_fonts];
  };

  environment = {
    systemPackages = [btrfsDiff pkgs.ntfs3g];
    pathsToLink = ["/share/zsh"];
    persistence."/persist" = {
      directories = ["/etc/nixos"];
      files = ["/etc/machine-id"];
    };
  };

  networking.firewall.checkReversePath = "loose";
  networking.interfaces.enp6s0.useDHCP = true;
  services = {
    haveged.enable = true;
    tailscale.enable = true;
    earlyoom.enable = true;
    ipfs = {
      enable = false;
      enableGC = true;
      autoMount = true;
    };
    flatpak.enable = false;
    xserver.videoDrivers = ["amdgpu"];
  };

  virtualisation = {
    podman.enable = true;
    libvirtd.enable = false;
  };

  system.stateVersion = "20.09";
}
stuff 2022-02-18 20:31:01 +03:00			`{`
			`config,`
			`lib,`
			`pkgs,`
drop fup 2022-04-09 21:33:13 +03:00			`inputs,`
stuff 2022-02-18 20:31:01 +03:00			`...`
ayo 2022-03-09 23:55:02 +03:00			`}: let`
temp 2020-11-22 18:34:10 +03:00			`btrfsPartPath = "/dev/disk/by-label/NIXOS";`
stuff 2022-02-18 20:31:01 +03:00			`btrfsOptions = ["compress-force=zstd" "noatime"];`
			`btrfsDiff =`
			`pkgs.writeScriptBin`
			`"btrfs-diff"`
			`''`
			`#!${pkgs.bash}/bin/bash`
			`set -euo pipefail`

			`sudo mkdir -p /mnt`
			`sudo mount -o subvol=/ ${btrfsPartPath} /mnt`

			`OLD_TRANSID=$(sudo btrfs subvolume find-new /mnt/root-blank 9999999)`

			`sudo btrfs subvolume find-new "/mnt/root" "$OLD_TRANSID" \|`
			`sed '$d' \|`
			`cut -f17- -d' ' \|`
			`sort \|`
			`uniq \|`
			`while read path; do`
			`path="/$path"`
			`if [ -L "$path" ]; then`
			`: # The path is a symbolic link, so is probably handled by NixOS already`
			`elif [ -d "$path" ]; then`
			`: # The path is a directory, ignore`
			`else`
			`echo "$path"`
			`fi`
			`done`

			`sudo umount /mnt`
			`'';`
			`in {`
drop fup 2022-04-09 21:33:13 +03:00			`imports = with inputs;`
			`with nixos-hardware.nixosModules; [`
a 2022-04-17 19:20:06 +03:00			`nixpkgs.nixosModules.notDetected`
drop fup 2022-04-09 21:33:13 +03:00			`nixos-persistence.nixosModule`
			`common-pc-ssd`
			`common-pc`
			`common-gpu-amd`
			`common-cpu-amd`
			`../../modules/network/dns`
add nixbuild config 2022-05-03 21:12:47 +03:00			`../../modules/develop/nixbuild`
drop fup 2022-04-09 21:33:13 +03:00			`../../users/root`
			`../../users/patriot`
			`];`

stuff 2020-11-21 23:54:07 +03:00			`boot = {`
drop fup 2022-04-09 21:33:13 +03:00			`tmpOnTmpfs = true;`
stuff 2020-11-21 23:54:07 +03:00			`loader = {`
			`efi.canTouchEfiVariables = true;`
			`systemd-boot.enable = true;`
drop fup 2022-04-09 21:33:13 +03:00			`systemd-boot.configurationLimit = 10;`
stuff 2020-11-21 23:54:07 +03:00			`};`
			`kernelPackages = pkgs.linuxPackages_latest;`
stuff 2022-02-18 20:31:01 +03:00			`supportedFilesystems = ["btrfs"];`
stuff 2020-11-21 23:54:07 +03:00			`initrd = {`
stuff 2022-02-18 20:31:01 +03:00			`availableKernelModules = ["xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod"];`
			`kernelModules = ["amdgpu"];`
we got vscode now 2021-01-02 16:21:55 +03:00			`};`
stuff 2022-02-18 20:31:01 +03:00			`kernelModules = ["kvm-amd"];`
			`extraModulePackages = [];`
			`initrd.postDeviceCommands =`
			`pkgs.lib.mkBefore`
			`''`
			`mkdir -p /mnt`
			`mount -o subvol=/ ${btrfsPartPath} /mnt`
			`btrfs subvolume list -o /mnt/root \|`
			`cut -f9 -d' ' \|`
			`while read subvolume; do`
			`echo "deleting /$subvolume subvolume..."`
			`btrfs subvolume delete "/mnt/$subvolume"`
			`done &&`
			`echo "deleting /root subvolume..." &&`
			`btrfs subvolume delete /mnt/root`
			`echo "restoring blank /root subvolume"`
			`btrfs subvolume snapshot /mnt/root-blank /mnt/root`
			`umount /mnt`
			`'';`
ayo 2022-03-09 23:55:02 +03:00			`kernel.sysctl = {"fs.inotify.max_user_watches" = 524288;};`
stuff 2020-11-21 23:54:07 +03:00			`};`
drop fup 2022-04-09 21:33:13 +03:00
stuff 2020-11-21 23:54:07 +03:00			`fileSystems."/" = {`
			`device = btrfsPartPath;`
			`fsType = "btrfs";`
stuff 2022-02-18 20:31:01 +03:00			`options = ["subvol=root"] ++ btrfsOptions;`
stuff 2020-11-21 23:54:07 +03:00			`};`
			`fileSystems."/home" = {`
			`device = btrfsPartPath;`
			`fsType = "btrfs";`
stuff 2022-02-18 20:31:01 +03:00			`options = ["subvol=home"] ++ btrfsOptions;`
temp 2020-11-22 18:34:10 +03:00			`};`
fix gnome stuffs 2022-05-21 14:17:48 +03:00			`/*`
			`fileSystems."/media/archive" = {`
			`device = "/dev/disk/by-uuid/f9b5f7f3-51e8-4357-8518-986b16311c71";`
			`fsType = "btrfs";`
			`options = btrfsOptions;`
			`};`
			`*/`
stuff 2020-11-21 23:54:07 +03:00			`fileSystems."/nix" = {`
			`device = btrfsPartPath;`
			`fsType = "btrfs";`
stuff 2022-02-18 20:31:01 +03:00			`options = ["subvol=nix"] ++ btrfsOptions;`
stuff 2020-11-21 23:54:07 +03:00			`};`
			`fileSystems."/persist" = {`
			`device = btrfsPartPath;`
			`fsType = "btrfs";`
stuff 2022-02-18 20:31:01 +03:00			`options = ["subvol=persist"] ++ btrfsOptions;`
stuff 2020-11-21 23:54:07 +03:00			`neededForBoot = true;`
			`};`
			`fileSystems."/boot" = {`
			`device = "/dev/disk/by-uuid/5784-BBB1";`
			`fsType = "vfat";`
			`};`
drop fup 2022-04-09 21:33:13 +03:00
stuff 2022-02-18 20:31:01 +03:00			`swapDevices = [];`
stuff 2020-11-21 23:54:07 +03:00			`zramSwap = {`
			`enable = true;`
			`algorithm = "zstd";`
			`};`
drop fup 2022-04-09 21:33:13 +03:00
			`nix.maxJobs = lib.mkDefault 4;`
stuff 2020-11-21 23:54:07 +03:00			`security = {`
drop fup 2022-04-09 21:33:13 +03:00			`pam.loginLimits = [`
			`{`
			`domain = "*";`
			`type = "soft";`
			`item = "nofile";`
			`value = "524288";`
			`}`
			`{`
			`domain = "*";`
			`type = "hard";`
			`item = "nofile";`
			`value = "524288";`
			`}`
			`];`
stuff 2020-11-21 23:54:07 +03:00			`allowSimultaneousMultithreading = false;`
			`# Deleting root subvolume makes sudo show lecture every boot`
ayo 2022-03-09 23:55:02 +03:00			`sudo.extraConfig = ''`
			`Defaults lecture = never`
			`'';`
chore(deps): update flake deps 2021-05-14 22:10:53 +03:00			`rtkit.enable = true;`
stuff 2020-11-21 23:54:07 +03:00			`};`
drop fup 2022-04-09 21:33:13 +03:00
chore(deps): update flake deps 2021-05-14 22:10:53 +03:00			`sound.enable = false;`
			`services.pipewire = {`
			`enable = true;`
			`alsa.enable = true;`
			`alsa.support32Bit = true;`
			`pulse.enable = true;`
			`};`
stuff 2020-11-21 23:54:07 +03:00			`hardware = {`
			`opengl = {`
			`driSupport = true;`
			`driSupport32Bit = true;`
			`enable = true;`
stuff 2022-02-18 20:31:01 +03:00			`extraPackages = with pkgs; [amdvlk libvdpau-va-gl vaapiVdpau libva vulkan-loader pipewire];`
ayo 2022-03-09 23:55:02 +03:00			`extraPackages32 = with pkgs.pkgsi686Linux;`
stuff 2022-02-18 20:31:01 +03:00			`[libvdpau-va-gl vaapiVdpau libva vulkan-loader pipewire] ++ [pkgs.driversi686Linux.amdvlk];`
stuff 2020-11-21 23:54:07 +03:00			`};`
			`pulseaudio = {`
chore(deps): update flake deps 2021-05-14 22:10:53 +03:00			`enable = false;`
stuff 2020-11-21 23:54:07 +03:00			`support32Bit = true;`
			`};`
			`};`
drop fup 2022-04-09 21:33:13 +03:00
fonts 2021-07-24 16:37:53 +03:00			`fonts = {`
			`enableDefaultFonts = true;`
fix 2021-07-24 16:51:53 +03:00			`fontconfig.enable = true;`
stuff 2022-02-18 20:31:01 +03:00			`fonts = [pkgs.dejavu_fonts];`
fonts 2021-07-24 16:37:53 +03:00			`};`
drop fup 2022-04-09 21:33:13 +03:00
stuff 2020-11-21 23:54:07 +03:00			`environment = {`
stuff 2022-04-10 05:48:34 +03:00			`systemPackages = [btrfsDiff pkgs.ntfs3g];`
stuff 2022-02-18 20:31:01 +03:00			`pathsToLink = ["/share/zsh"];`
stuff 2020-11-21 23:54:07 +03:00			`persistence."/persist" = {`
stuff 2022-02-18 20:31:01 +03:00			`directories = ["/etc/nixos"];`
			`files = ["/etc/machine-id"];`
stuff 2020-11-21 23:54:07 +03:00			`};`
			`};`
drop fup 2022-04-09 21:33:13 +03:00
fix gnome stuffs 2022-05-21 14:17:48 +03:00			`networking.firewall.checkReversePath = "loose";`
stuff 2020-11-21 23:54:07 +03:00			`networking.interfaces.enp6s0.useDHCP = true;`
feat: enable flatpak 2021-02-13 20:30:31 +03:00			`services = {`
fix gnome stuffs 2022-05-21 14:17:48 +03:00			`haveged.enable = true;`
			`tailscale.enable = true;`
drop fup 2022-04-09 21:33:13 +03:00			`earlyoom.enable = true;`
too lazy 2021-04-03 11:25:07 +03:00			`ipfs = {`
disable ipfs 2021-04-15 16:54:00 +03:00			`enable = false;`
too lazy 2021-04-03 11:25:07 +03:00			`enableGC = true;`
			`autoMount = true;`
			`};`
fix gnome stuffs 2022-05-21 14:17:48 +03:00			`flatpak.enable = false;`
drop fup 2022-04-09 21:33:13 +03:00			`xserver.videoDrivers = ["amdgpu"];`
more stuff 2020-12-23 19:54:51 +03:00			`};`
drop fup 2022-04-09 21:33:13 +03:00
feat: switch to sway, qt theme, hydrus 2021-03-26 21:03:40 +03:00			`virtualisation = {`
ayo 2022-03-09 23:55:02 +03:00			`podman.enable = true;`
disable libvirtd 2021-05-25 03:24:39 +03:00			`libvirtd.enable = false;`
feat: switch to sway, qt theme, hydrus 2021-03-26 21:03:40 +03:00			`};`
drop fup 2022-04-09 21:33:13 +03:00
stuff 2020-11-21 23:54:07 +03:00			`system.stateVersion = "20.09";`
			`}`