Commit `efe661cfda26`

Vincent Demeester <vincent@sbr.pm>

2020-10-16 14:10:59

systems: reinstall naruhodo on NixOS

Signed-off-by: Vincent Demeester <vincent@sbr.pm>

main

1 parent 1554e95

Changed files (2)

systems

hardware

thinkpad-t480s.nix

naruhodo.nix

@@ -0,0 +1,54 @@
+{ config, pkgs, ... }:
+let
+  sources = import ../../nix/sources.nix;
+in
+{
+  imports = [
+    (sources.nixos-hardware + "/lenovo/thinkpad/t480s")
+    (sources.nixos-hardware + "/common/pc/ssd")
+    ./thinkpad.nix
+  ];
+  boot = {
+    initrd.availableKernelModules = [ "nvme" "rtsx_pci_sdmmc" ];
+  };
+  hardware = {
+    enableAllFirmware = true;
+    bluetooth = {
+      enable = true;
+      powerOnBoot = true;
+    };
+  };
+  nix.maxJobs = 12;
+  services = {
+    tlp = {
+      extraConfig = ''
+        # CPU optimizations
+        CPU_SCALING_GOVERNOR_ON_AC=performance
+        CPU_SCALING_GOVERNOR_ON_BAT=powersave
+        CPU_MIN_PERF_ON_AC=0
+        CPU_MAX_PERF_ON_AC=100
+        CPU_MIN_PERF_ON_BAT=0
+        CPU_MAX_PERF_ON_BAT=50
+        # DEVICES (wifi, ..)
+        DEVICES_TO_DISABLE_ON_STARTUP=""
+        DEVICES_TO_ENABLE_ON_AC="bluetooth wifi wwan"
+        DEVICES_TO_DISABLE_ON_BAT=""
+        # Network management
+        DEVICES_TO_DISABLE_ON_LAN_CONNECT=""
+        DEVICES_TO_DISABLE_ON_WIFI_CONNECT=""
+        DEVICES_TO_DISABLE_ON_WWAN_CONNECT=""
+        DEVICES_TO_ENABLE_ON_LAN_DISCONNECT=""
+        DEVICES_TO_ENABLE_ON_WIFI_DISCONNECT=""
+        DEVICES_TO_ENABLE_ON_WWAN_DISCONNECT=""
+        # Docking
+        DEVICES_TO_DISABLE_ON_DOCK="wifi"
+        DEVICES_TO_ENABLE_ON_UNDOCK="wifi"
+        # Make sure it uses the right hard drive
+        DISK_DEVICES="nvme0n1p3"
+      '';
+    };
+    xserver = {
+      dpi = 128;
+    };
+  };
+}

@@ -2,7 +2,7 @@
 
 with lib;
 let
-  hostname = "hokkaido";
+  hostname = "naruhodo";
   secretPath = ../secrets/machines.nix;
   secretCondition = (builtins.pathExists secretPath);
 
@@ -14,21 +14,34 @@ let
 in
 {
   imports = [
-    ./hardware/thinkpad-x220.nix
+    ./hardware/thinkpad-t480s.nix
     ./modules
     (import ../users).vincent
     (import ../users).root
   ];
 
-  fileSystems."/" = {
-    device = "/dev/disk/by-uuid/884a3d57-f652-49b2-9c8b-f6eebd5edbeb";
-    fsType = "ext4";
+  fileSystems."/" =
+    { device = "/dev/mapper/root";
+      fsType = "ext4";
+      options = ["noatime" "discard"];
+    };
+
+  boot.initrd.luks.devices = {
+    root = {
+      device = "/dev/disk/by-uuid/50d7faba-8923-4b30-88f7-40df26e02def";
+      preLVM = true;
+      allowDiscards = true;
+    };
   };
-  fileSystems."/boot" = {
-    device = "/dev/disk/by-uuid/C036-34B9";
-    fsType = "vfat";
-  };
-  swapDevices = [{ device = "/dev/disk/by-uuid/e1833693-77ac-4d52-bcc7-54d082788639"; }];
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/0101-68DE";
+      fsType = "vfat";
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/aff86817-55ae-47ed-876a-e5a027b560ba"; }
+    ];
 
   networking = {
     hostName = hostname;
@@ -39,75 +52,22 @@ in
     plymouth.enable = true;
   };
 
-  hardware.bluetooth.enable = true;
+  services.hardware.bolt.enable = true;
   profiles = {
-    syncthing.enable = true;
-    home = true;
+    desktop.gnome.enable = true;
     laptop.enable = true;
-    desktop.enable = lib.mkForce false;
-    avahi.enable = true;
-    git.enable = true;
+    home = true;
     ssh.enable = true;
     dev.enable = true;
     yubikey.enable = true;
     virtualization = { enable = true; nested = true; };
+    docker.enable = true;
+    redhat.enable = true;
   };
   environment.systemPackages = with pkgs; [ virtmanager ];
 
-  networking.networkmanager = {
-    enable = true;
-    unmanaged = [
-      "interface-name:ve-*"
-      "interface-name:veth*"
-      "interface-name:wg0"
-      "interface-name:docker0"
-      "interface-name:virbr*"
-    ];
-    packages = with pkgs; [ networkmanager-openvpn ];
-  };
-
-  services.xserver.enable = true;
-  services.xserver.layout = "fr";
-  services.xserver.xkbVariant = "bepo";
-  services.xserver.xkbOptions = "grp:menu_toggle,grp_led:caps,compose:caps";
-  services.xserver.displayManager.gdm.enable = true;
-  services.xserver.desktopManager.gnome3.enable = true;
-  services.gnome3.chrome-gnome-shell.enable = true;
-  services.gnome3.core-shell.enable = true;
-  services.gnome3.core-os-services.enable = true;
-  services.gnome3.core-utilities.enable = true;
-
-  fonts = {
-    enableFontDir = true;
-    enableGhostscriptFonts = true;
-    fonts = with pkgs; [
-      corefonts
-      dejavu_fonts
-      emojione
-      feh
-      fira
-      fira-code
-      fira-code-symbols
-      fira-mono
-      hasklig
-      inconsolata
-      iosevka
-      noto-fonts
-      noto-fonts-cjk
-      noto-fonts-emoji
-      noto-fonts-extra
-      overpass
-      symbola
-      source-code-pro
-      twemoji-color-font
-      ubuntu_font_family
-      unifont
-    ];
-  };
-
   services = {
-    fprintd.enable = true;
-    # FIXME re-generate hokkaido key
+    # FIXME re-generate naruhodo key
     /*
     wireguard = {
       enable = true;
@@ -119,6 +79,7 @@ in
     */
   };
 
+  virtualisation.podman.enable = true;
   virtualisation.containers = {
     enable = true;
     registries = {

Commit efe661cfda26

Commit `efe661cfda26`