diff options
Mora Unie Youer <feat(sapphire): configure basic stuff
| -rw-r--r-- | system-sapphire.nix | 123 |
1 files changed, 122 insertions, 1 deletions
diff --git a/system-sapphire.nix b/system-sapphire.nix index fb987d0..ccf7ef9 100644 --- a/system-sapphire.nix +++ b/system-sapphire.nix @@ -1,5 +1,126 @@ -_: +{ modulesPath, config, lib, pkgs, ... }: { + ### + ### NixOS and Nixpkgs configuration + ### + imports = [(modulesPath + "/installer/scan/not-detected.nix")]; system.stateVersion = "25.05"; + nixpkgs.config.allowUnfree = true; + + ### + ### Filesystems + ### + programs.fuse.userAllowOther = true; + fileSystems = { + "/" = { + device = "/dev/disk/by-uuid/4665ceb6-5e13-48fc-81fc-02a7959cd10a"; + fsType = "btrfs"; + }; + + "/efi" = { + device = "/dev/disk/by-uuid/796C-8DE8"; + fsType = "vfat"; + options = [ "fmask=0022" "dmask=0022" ]; + }; + + "/data" = { + device = "/dev/disk/by-uuid/2874dc1d-f1b5-4200-a5de-8dd555fa58c8"; + fsType = "btrfs"; + }; + }; + + swapDevices = [ + { device = "/dev/disk/by-uuid/37e818f5-1460-4f22-8207-5ad94b5ec8c4"; } + ]; + + + ### + ### Bootloader and Linux kernel + ### + boot.loader.efi.canTouchEfiVariables = true; + boot.loader.efi.efiSysMountPoint = "/efi"; + boot.lanzaboote = { + enable = true; + privateKeyFile = "/etc/secureboot/keys/db/db.key"; + publicKeyFile = "/etc/secureboot/keys/db/db.pem"; + }; + + boot.kernelPackages = pkgs.linuxPackages_cachyos; + services.scx.enable = true; + services.scx.package = pkgs.scx_git.full; + services.scx.scheduler = "scx_lavd"; + services.scx.extraArgs = [ "--performance" ]; + + boot.kernelParams = [ "amdgpu.ppfeaturemask=0xfffd7fff" ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" ]; + + # NOTE: We need to load `i915` before `amdgpu` due to Chromium bugs + # Will be removed when Chromium 131 will be released and Electron will upgrade to it + boot.initrd.kernelModules = [ "i915" "amdgpu" "dm-snapshot" ]; + + + ### + ### Hardware configuration + ### + hardware.enableAllFirmware = true; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + + hardware.graphics.enable = true; + hardware.graphics.enable32Bit = true; + + hardware.bluetooth.enable = true; + + hardware.sane.enable = true; + hardware.sane.extraBackends = [ pkgs.hplip ]; + + hardware.opentabletdriver.enable = true; + + services.fstrim.enable = true; + services.keyd.enable = true; + services.upower.enable = true; + + musnix.enable = true; + musnix.rtcqs.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + jack.enable = true; + pulse.enable = true; + }; + + + ### + ### Timezone and Networking + ### + time.timeZone = "Europe/Moscow"; + networking.hostName = "sapphire"; + networking.useDHCP = lib.mkDefault true; + networking.networkmanager.enable = true; + services.resolved.enable = true; + + services.openssh.enable = true; + services.openssh.settings.PasswordAuthentication = false; + + + ### + ### Software configuration + ### + security.rtkit.enable = true; + + programs.fish.enable = true; + # NOTE: nushell configuration is not available on NixOS + # programs.nushell.enable = true; + + programs.gnupg.agent = { + enable = true; + enableSSHSupport = true; + }; + + programs.dconf.enable = true; + services.dbus.packages = with pkgs; [ dconf gcr ]; + + environment.systemPackages = with pkgs; [ git git-crypt ]; } |