diff --git a/flake.lock b/flake.lock index b3bf9e8..daeb771 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1755511413, - "narHash": "sha256-cBBF+nwGrSroN6ZewHPFaSThyCvwBxSZMdYEH8DxDx8=", + "lastModified": 1756741629, + "narHash": "sha256-n+mgH3NoQf8d1jd8cDp/9Mt++hhyuE3LO3ZAxzjWRZw=", "owner": "catppuccin", "repo": "nix", - "rev": "ca11a19d4e1d2ba5e6162f40cb71288551fd51dd", + "rev": "cd22197da06df1eb6fabdaa2fc22c170c4f67382", "type": "github" }, "original": { @@ -56,11 +56,11 @@ ] }, "locked": { - "lastModified": 1754487366, - "narHash": "sha256-pHYj8gUBapuUzKV/kN/tR3Zvqc7o6gdFB9XKXIp1SQ8=", + "lastModified": 1756770412, + "narHash": "sha256-+uWLQZccFHwqpGqr2Yt5VsW/PbeJVTn9Dk6SHWhNRPw=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "af66ad14b28a127c5c0f3bbb298218fc63528a18", + "rev": "4524271976b625a4a605beefd893f270620fd751", "type": "github" }, "original": { @@ -94,11 +94,11 @@ ] }, "locked": { - "lastModified": 1755538029, - "narHash": "sha256-XVsragfuN8A/tMiPToejH7RofH15toeIGhlXraX+yBo=", + "lastModified": 1756842514, + "narHash": "sha256-XbtRMewPGJwTNhBC4pnBu3w/xT1XejvB0HfohC2Kga8=", "owner": "nix-community", "repo": "home-manager", - "rev": "bf450a0844e80e6aa22652d3f3728f20cd974527", + "rev": "30fc1b532645a21e157b6e33e3f8b4c154f86382", "type": "github" }, "original": { @@ -138,11 +138,11 @@ ] }, "locked": { - "lastModified": 1755395461, - "narHash": "sha256-2zsR2QAE7wnDWzzMpVDpV6k+PCrcoVf1+yiNd4dbd08=", + "lastModified": 1756516619, + "narHash": "sha256-iWNyhVIBO/CxQdLeQAfedynD68+SmIq5lj/TJpJyUSA=", "owner": "kaylorben", "repo": "nixcord", - "rev": "b1260171b674953712e093acfd285585f6586a01", + "rev": "eed47b8dc6601e94f0b4ce71bfea349869b541c0", "type": "github" }, "original": { @@ -151,13 +151,28 @@ "type": "github" } }, + "nixos-hardware": { + "locked": { + "lastModified": 1756750488, + "narHash": "sha256-e4ZAu2sjOtGpvbdS5zo+Va5FUUkAnizl4wb0/JlIL2I=", + "owner": "NixOS", + "repo": "nixos-hardware", + "rev": "47eb4856cfd01eaeaa7bb5944a0f27db8fb9b94a", + "type": "github" + }, + "original": { + "owner": "NixOS", + "repo": "nixos-hardware", + "type": "github" + } + }, "nixpkgs": { "locked": { - "lastModified": 1755186698, - "narHash": "sha256-wNO3+Ks2jZJ4nTHMuks+cxAiVBGNuEBXsT29Bz6HASo=", + "lastModified": 1756542300, + "narHash": "sha256-tlOn88coG5fzdyqz6R93SQL5Gpq+m/DsWpekNFhqPQk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "fbcf476f790d8a217c3eab4e12033dc4a0f6d23c", + "rev": "d7600c775f877cd87b4f5a831c28aa94137377aa", "type": "github" }, "original": { @@ -175,6 +190,7 @@ "home-manager": "home-manager", "minegrub-theme": "minegrub-theme", "nixcord": "nixcord", + "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs", "sops-nix": "sops-nix", "vicinae": "vicinae" @@ -223,11 +239,11 @@ ] }, "locked": { - "lastModified": 1756293534, - "narHash": "sha256-O5YINKNzeHUnJ9Ky7Aaeh42NhcmF/La7rb0dddrbjyQ=", + "lastModified": 1756547894, + "narHash": "sha256-iu0pzPv3ArB8m9H4rH7bFMjRspA5thRV6kp9fVLagZc=", "owner": "tomromeo", "repo": "vicinae-nix", - "rev": "9da69cbdecb40e16d37a77e7ba39c9dfbe8f25c5", + "rev": "5eea3c1f5d10abc074b27c65a38b1ca3b9a8adeb", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index d394a30..027d97f 100644 --- a/flake.nix +++ b/flake.nix @@ -21,6 +21,7 @@ inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; easy-hosts.url = "github:tgirlcloud/easy-hosts"; + nixos-hardware.url = "github:NixOS/nixos-hardware"; sops-nix = { url = "github:Mic92/sops-nix"; diff --git a/homes/x86_64-linux/jo/default.nix b/homes/x86_64-linux/jo/default.nix index 1602e38..eff88f9 100644 --- a/homes/x86_64-linux/jo/default.nix +++ b/homes/x86_64-linux/jo/default.nix @@ -28,6 +28,9 @@ }; }; + # Notify on systembus events + services.systembus-notify.enable = true; + sops.secrets.wakatime-cfg = { format = "binary"; sopsFile = ./secrets/wakatime.cfg; diff --git a/modules/nixos/system/nix/default.nix b/modules/nixos/system/nix/default.nix index 72680b5..7baf094 100644 --- a/modules/nixos/system/nix/default.nix +++ b/modules/nixos/system/nix/default.nix @@ -24,8 +24,12 @@ in config = mkIf cfg.enable { nix = { + optimise = { + automatic = true; + dates = [ "03:45" ]; + }; + settings = { - auto-optimise-store = true; builders-use-substitutes = true; experimental-features = [ "nix-command" @@ -35,7 +39,8 @@ in keep-derivations = true; keep-outputs = true; - max-jobs = "auto"; + cores = 2; + max-jobs = 8; warn-dirty = false; trusted-users = cfg.trusted-users; @@ -44,7 +49,7 @@ in # Garbage collection configuration. gc = { automatic = true; - dates = "daily"; + dates = "weekly"; options = "--delete-older-than 3d"; }; diff --git a/systems/x86_64-nixos/puzzlevision/default.nix b/systems/x86_64-nixos/puzzlevision/default.nix index 3c3f243..e974274 100644 --- a/systems/x86_64-nixos/puzzlevision/default.nix +++ b/systems/x86_64-nixos/puzzlevision/default.nix @@ -1,7 +1,8 @@ -{ config, ... }: +{ ... }: { imports = [ ./hardware.nix + ./hardware-generated.nix ]; # Todo: automate this globally for all workstation and server archetypes! @@ -32,30 +33,25 @@ }; archetypes.laptop.enable = true; - - system.kernel.version = "linuxPackages_6_15"; + system.kernel.version = "linuxPackages_zen"; }; - # Configure 8GB SWAP partition - swapDevices = [ - { - device = "/swapfile"; - size = 8 * 1024; - } - ]; + # Configure some last-resort aggressive nix-daemon OOM protection + systemd = { + # Create a separate slice for nix-daemon that is + # memory-managed by the userspace systemd-oomd killer + slices."nix-daemon".sliceConfig = { + ManagedOOMMemoryPressure = "kill"; + ManagedOOMMemoryPressureLimit = "50%"; + }; + services."nix-daemon".serviceConfig.Slice = "nix-daemon.slice"; + + # If a kernel-level OOM event does occur anyway, + # strongly prefer killing nix-daemon child processes + services."nix-daemon".serviceConfig.OOMScoreAdjust = 1000; + }; boot = { - kernelModules = [ "8821ce" ]; - - # Configure additional kernel modules. - extraModulePackages = with config.boot.kernelPackages; [ - rtl8821ce - ]; - - blacklistedKernelModules = [ - "rtw88_8821ce" # Block the default network-card driver. - ]; - # Grub configuration loader.grub = { # Minecraft bootloader theme diff --git a/systems/x86_64-nixos/puzzlevision/hardware-generated.nix b/systems/x86_64-nixos/puzzlevision/hardware-generated.nix new file mode 100644 index 0000000..581f52d --- /dev/null +++ b/systems/x86_64-nixos/puzzlevision/hardware-generated.nix @@ -0,0 +1,67 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + modulesPath, + ... +}: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ + "xhci_pci" + "vmd" + "nvme" + "usbhid" + "rtsx_pci_sdmmc" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/864b1287-89fd-4cc0-98a5-40a3caf804c6"; + fsType = "btrfs"; + options = [ "subvol=@" ]; + }; + + boot.initrd.luks.devices."luks-5fd4fc76-d5c5-46c3-b952-1a7a7ff3a1fc".device = + "/dev/disk/by-uuid/5fd4fc76-d5c5-46c3-b952-1a7a7ff3a1fc"; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/2429-4141"; + fsType = "vfat"; + options = [ + "fmask=0022" + "dmask=0022" + ]; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.br-01571e4eda2f.useDHCP = lib.mkDefault true; + # networking.interfaces.br-20785fae249b.useDHCP = lib.mkDefault true; + # networking.interfaces.br-64a49a5722c1.useDHCP = lib.mkDefault true; + # networking.interfaces.br-71e5fc5962fc.useDHCP = lib.mkDefault true; + # networking.interfaces.br-7df9905783da.useDHCP = lib.mkDefault true; + # networking.interfaces.br-9b746f4e7e2f.useDHCP = lib.mkDefault true; + # networking.interfaces.br-e2f470a56dfe.useDHCP = lib.mkDefault true; + # networking.interfaces.docker0.useDHCP = lib.mkDefault true; + # networking.interfaces.enp0s13f0u4u4.useDHCP = lib.mkDefault true; + # networking.interfaces.veth4e96b46.useDHCP = lib.mkDefault true; + # networking.interfaces.veth96a5ccd.useDHCP = lib.mkDefault true; + # networking.interfaces.wlo1.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkForce "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/systems/x86_64-nixos/puzzlevision/hardware.nix b/systems/x86_64-nixos/puzzlevision/hardware.nix index 581f52d..bc96b37 100644 --- a/systems/x86_64-nixos/puzzlevision/hardware.nix +++ b/systems/x86_64-nixos/puzzlevision/hardware.nix @@ -1,67 +1,92 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. { + pkgs, + inputs, config, - lib, - modulesPath, ... }: - { imports = [ - (modulesPath + "/installer/scan/not-detected.nix") + inputs.nixos-hardware.nixosModules.common-pc-laptop-ssd + inputs.nixos-hardware.nixosModules.common-pc-laptop + inputs.nixos-hardware.nixosModules.common-cpu-intel ]; - boot.initrd.availableKernelModules = [ - "xhci_pci" - "vmd" - "nvme" - "usbhid" - "rtsx_pci_sdmmc" - ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; + # Some boot settings for intel CPU's + boot = { + initrd.kernelModules = [ "i915" ]; + kernelModules = [ + "kvm-intel" + "8821ce" + ]; - fileSystems."/" = { - device = "/dev/disk/by-uuid/864b1287-89fd-4cc0-98a5-40a3caf804c6"; - fsType = "btrfs"; - options = [ "subvol=@" ]; - }; + extraModulePackages = with config.boot.kernelPackages; [ + rtl8821ce # Install community maintained network driver + ]; - boot.initrd.luks.devices."luks-5fd4fc76-d5c5-46c3-b952-1a7a7ff3a1fc".device = - "/dev/disk/by-uuid/5fd4fc76-d5c5-46c3-b952-1a7a7ff3a1fc"; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/2429-4141"; - fsType = "vfat"; - options = [ - "fmask=0022" - "dmask=0022" + blacklistedKernelModules = [ + "rtw88_8821ce" # Block the default network-card driver. ]; }; + # Enable OpenGL and install additional drivers for intel video acceleration + hardware = { + graphics = { + enable = true; + extraPackages = with pkgs; [ + intel-ocl + intel-media-driver + vaapiVdpau + libvdpau-va-gl + ]; + }; + + # Broader firmware and hardware support + enableAllFirmware = true; + enableAllHardware = true; + }; + + environment.sessionVariables = { + LIBVA_DRIVER_NAME = "iHD"; + }; + + # Enable ZRAM and disable standard SWAP + zramSwap.enable = true; swapDevices = [ ]; - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.br-01571e4eda2f.useDHCP = lib.mkDefault true; - # networking.interfaces.br-20785fae249b.useDHCP = lib.mkDefault true; - # networking.interfaces.br-64a49a5722c1.useDHCP = lib.mkDefault true; - # networking.interfaces.br-71e5fc5962fc.useDHCP = lib.mkDefault true; - # networking.interfaces.br-7df9905783da.useDHCP = lib.mkDefault true; - # networking.interfaces.br-9b746f4e7e2f.useDHCP = lib.mkDefault true; - # networking.interfaces.br-e2f470a56dfe.useDHCP = lib.mkDefault true; - # networking.interfaces.docker0.useDHCP = lib.mkDefault true; - # networking.interfaces.enp0s13f0u4u4.useDHCP = lib.mkDefault true; - # networking.interfaces.veth4e96b46.useDHCP = lib.mkDefault true; - # networking.interfaces.veth96a5ccd.useDHCP = lib.mkDefault true; - # networking.interfaces.wlo1.useDHCP = lib.mkDefault true; + services = { + # Enable TLP for power management profiles on AC and Battery + tlp = { + enable = true; + settings = { + CPU_SCALING_GOVERNOR_ON_AC = "performance"; + CPU_SCALING_GOVERNOR_ON_BAT = "powersave"; - nixpkgs.hostPlatform = lib.mkForce "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + CPU_ENERGY_PERF_POLICY_ON_AC = "performance"; + CPU_ENERGY_PERF_POLICY_ON_BAT = "power"; + + CPU_MIN_PERF_ON_AC = 0; + CPU_MAX_PERF_ON_AC = 100; + CPU_MIN_PERF_ON_BAT = 0; + CPU_MAX_PERF_ON_BAT = 30; + }; + }; + + # Disable power-profiles-daemon in favor of TLP :3 + power-profiles-daemon.enable = false; + + # Kill processes before they can cause an OOM exception + earlyoom = { + enable = true; + enableNotifications = true; + }; + + # Enable Thermald for improved overheating protection + thermald.enable = true; + + # Instruct XServer to use the correct video drivers + xserver.videoDrivers = [ + "i915" + "intel" + ]; + }; }