diff --git a/flake.lock b/flake.lock index f1a1ba5..aa90761 100644 --- a/flake.lock +++ b/flake.lock @@ -37,11 +37,11 @@ ] }, "locked": { - "lastModified": 1723399884, - "narHash": "sha256-97wn0ihhGqfMb8WcUgzzkM/TuAxce2Gd20A8oiruju4=", + "lastModified": 1724435763, + "narHash": "sha256-UNky3lJNGQtUEXT2OY8gMxejakSWPTfWKvpFkpFlAfM=", "owner": "nix-community", "repo": "home-manager", - "rev": "086f619dd991a4d355c07837448244029fc2d9ab", + "rev": "c2cd2a52e02f1dfa1c88f95abeb89298d46023be", "type": "github" }, "original": { @@ -72,11 +72,11 @@ ] }, "locked": { - "lastModified": 1722924007, - "narHash": "sha256-+CQDamNwqO33REJLft8c26NbUi2Td083hq6SvAm2xkU=", + "lastModified": 1724561770, + "narHash": "sha256-zv8C9RNa86CIpyHwPIVO/k+5TfM8ZbjGwOOpTe1grls=", "owner": "LnL7", "repo": "nix-darwin", - "rev": "91010a5613ffd7ee23ee9263213157a1c422b705", + "rev": "ac5694a0b855a981e81b4d9f14052e3ff46ca39e", "type": "github" }, "original": { @@ -87,11 +87,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1723362943, - "narHash": "sha256-dFZRVSgmJkyM0bkPpaYRtG/kRMRTorUIDj8BxoOt1T4=", + "lastModified": 1724479785, + "narHash": "sha256-pP3Azj5d6M5nmG68Fu4JqZmdGt4S4vqI5f8te+E/FTw=", "owner": "nixos", "repo": "nixpkgs", - "rev": "a58bc8ad779655e790115244571758e8de055e3d", + "rev": "d0e1602ddde669d5beb01aec49d71a51937ed7be", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index e4a7e03..4cab773 100644 --- a/flake.nix +++ b/flake.nix @@ -103,6 +103,7 @@ # We provide a NixOS module for easy usage within other system flakes. # (Again, we assume a default name of `spotlight` under Linux.) + # TODO(spotlightishere): Have this module accept arguments that we can pass on nixosModules.default = { imports = [ home-manager.nixosModules.home-manager @@ -117,6 +118,25 @@ ]; }; + # We define a NixOS configuration for a PC workstation. + nixosConfigurations.cyclone = nixpkgs.lib.nixosSystem { + modules = [ + ./hosts/cyclone/configuration.nix + ./hosts/cyclone/hardware-configuration.nix + + home-manager.nixosModules.home-manager + { + nixpkgs.overlays = [ self.overlays.default ]; + home-manager = { + useGlobalPkgs = true; + useUserPackages = true; + users.spotlight = import ./home/home.nix; + extraSpecialArgs = { desktop = true; gpg = true; }; + }; + } + ]; + }; + # We define a default Darwin configuration via nix-darwin. darwinConfigurations."spotlights-macbook-air" = nix-darwin.lib.darwinSystem { modules = [ diff --git a/hosts/cyclone/README.md b/hosts/cyclone/README.md new file mode 100644 index 0000000..b9a044c --- /dev/null +++ b/hosts/cyclone/README.md @@ -0,0 +1,4 @@ +# cyclone +`cyclone` is my primary PC workstation. Its name is worryingly appropriate - look at it wrong, and its fans rival the roar of hurricanes. + +It has an AMD Ryzen™ 7 7700X alongside a NVIDIA GeForce RTX 3070 Ti. As such, it requires Nvidia drivers. \ No newline at end of file diff --git a/hosts/cyclone/configuration.nix b/hosts/cyclone/configuration.nix new file mode 100644 index 0000000..923973a --- /dev/null +++ b/hosts/cyclone/configuration.nix @@ -0,0 +1,124 @@ +{ config, lib, pkgs, ... }: + +{ + networking = { + hostName = "cyclone"; + domain = "host.fox-int.cloud"; + hostId = "79696666"; + networkmanager.enable = true; + # useNetworkd = true; + + # Use a set of known-good nameservers. + nameservers = [ + # Quad9 + "2620:fe::fe" + "9.9.9.9" + # Cloudflare + "2606:4700:4700::1111" + "1.1.1.1" + ]; + }; + + nix.settings.experimental-features = [ "flakes" "nix-command" ]; + + # Select internationalisation properties. + time.timeZone = "America/Chicago"; + i18n.defaultLocale = "en_US.UTF-8"; + + # General service configuration. + services = { + xserver = { + enable = true; + + # GNOME! + desktopManager.gnome.enable = true; + displayManager.gdm.enable = true; + + # Nvidia driver support. + videoDrivers = [ "nvidia" ]; + }; + + # CUPS might be nice. + printing.enable = true; + + # Audio support. + pipewire = { + enable = true; + pulse.enable = true; + }; + + # We'd like SSH available. + openssh = { + enable = true; + settings = { + PasswordAuthentication = false; + PermitRootLogin = "no"; + }; + }; + }; + + hardware = { + # Pipewire conflicts with PulseAudio. + pulseaudio.enable = false; + + # Nvidia + graphics.enable = true; + nvidia = { + modesetting.enable = true; + + # The open source drivers are now recommended. + open = true; + package = config.boot.kernelPackages.nvidiaPackages.beta; + }; + + # AMD + cpu.amd.updateMicrocode = true; + }; + + # Hey, world! + users.users.spotlight = { + isNormalUser = true; + extraGroups = [ "wheel" ]; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPQQO+c8ygVzRt55Z9qekqItSjYiw381cFPOqX+vGAGT MacBook Air 2020 macOS" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ/gyX9b80oml6z3UGOxVMJk/NS8R5w9NEITJcKb0MnU MacBook Air 2020 NixOS" + ]; + shell = pkgs.zsh; + }; + + nixpkgs = { + hostPlatform = lib.mkDefault "x86_64-linux"; + + # Regretfully, we use a few non-free packages: + config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ + # Nvidia + "nvidia-x11" + "nvidia-settings" + "nvidia-persistenced" + # Visual Studio Code + "vscode" + # Discord + "discord" + ]; + }; + + # Standard system utilities. + # The bulk of user-specific packages should go within the home-manager configuration. + environment.systemPackages = with pkgs; [ + discord + htop + git + gnome-tweaks + firefox + tmux + vim + vscode + wget + ]; + + programs.gnupg.agent.enable = true; + programs.zsh.enable = true; + + # Please do not change this without reviewing release notes upstream. + system.stateVersion = "24.11"; +} diff --git a/hosts/cyclone/hardware-configuration.nix b/hosts/cyclone/hardware-configuration.nix new file mode 100644 index 0000000..2b4df30 --- /dev/null +++ b/hosts/cyclone/hardware-configuration.nix @@ -0,0 +1,80 @@ +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot = { + # We'll use systemd-boot. + loader = { + systemd-boot.enable = true; + efi.canTouchEfiVariables = true; + }; + + initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; + # Use the latest kernel. + # As such, we'll also use unstable ZFS. + kernelPackages = pkgs.linuxPackages_latest; + zfs = { + package = pkgs.zfs_unstable; + # For reasons unbeknownst to humanity, this drive + # appears to keep changing identifiers or similar. + # Prefer by-partuuid instead. + # + # (We could also do by-uuid, but it'd be best not + # to have a drive's serial number publicly.) + devNodes = "/dev/disk/by-uuid"; + }; + + kernelModules = [ "kvm-amd" ]; + }; + + # Configured ZFS datasets. + fileSystems = { + "/" = { + device = "rpool/ROOT/nixos"; + fsType = "zfs"; + }; + + "/home" = { + device = "rpool/home"; + fsType = "zfs"; + }; + + "/home/spotlight" = { + device = "rpool/home/spotlight"; + fsType = "zfs"; + }; + + "/root" = { + device = "rpool/root"; + fsType = "zfs"; + }; + + "/var/lib" = { + device = "rpool/var/lib"; + fsType = "zfs"; + }; + + "/var/log" = { + device = "rpool/var/log"; + fsType = "zfs"; + }; + + "/nix" = { + device = "rpool/nix"; + fsType = "zfs"; + }; + + "/boot" = { + device = "/dev/disk/by-uuid/7E20-ABDB"; + fsType = "vfat"; + options = [ "fmask=0022" "dmask=0022" ]; + }; + }; + + # ZFS is not a fan of swap. + swapDevices = [ ]; +}