absolution changes

2025-07-30 14:15:09 +01:00 · 2025-07-30 14:15:09 +01:00 · ca1eeef869
commit ca1eeef869
parent 7721a85ef2
3 changed files with 159 additions and 167 deletions
--- a/base/absolution/configuration.nix
+++ b/base/absolution/configuration.nix
@ -11,19 +11,56 @@
    ];

  nix.package = pkgs.lix;
-
-  systemd.services.setpci = {
-    description = "this runs the command that binds 2 of my usb ports to the EHCI controller";
-    wantedBy = ["multi-user.target"];
-    serviceConfig = {
-      Type = "simple";
-      ExecStart = "${pkgs.pciutils}/bin/setpci -s0:14.0 0xd0.W=0x3f3f";
-    };
-  };
-
  nix.settings.trusted-users = [ "alyx" "root" ];

-  #services.udev.extraRules = builtins.readFile ./udev.rules;
+  services.blueman.enable = true;
+  services.upower.enable = true;
+  hardware.i2c.enable = true;
+  services.pcscd.enable = true;
+  services.tailscale = {
+    enable = true;
+    useRoutingFeatures = "both";
+    openFirewall = true;
+    interfaceName = "userspace-networking";
+  };
+
+  networking.firewall.checkReversePath = "loose";
+
+  networking.useDHCP = false;
+  services.resolved.enable = true;
+  systemd.network.enable = true;
+
+  systemd.network.networks."enp0s25" = {
+    matchConfig.Name = "enp0s25";
+    networkConfig.DHCP = "yes";
+  };
+
+  services.networkd-dispatcher = {
+    enable = true;
+    rules."50-tailscale" = {
+      onState = ["routable"];
+      script = ''
+        "${pkgs.ethtool} NETDEV=$(ip -o route get 8.8.8.8 | cut -f 5 -d " ") | -K enp0s31f6 rx-udp-gro-forwarding on rx-gro-list off"
+      '';
+    };
+  };
+
+  services.monado = {
+    enable = true;
+    defaultRuntime = true;
+  };
+
+  programs.nh = {
+    enable = true;
+    clean.enable = true;
+    clean.extraArgs = "--keep-since 4d --keep 3";
+    flake = "/home/alyx/.config/nixos";
+  };
+  programs.adb.enable = true;
+  programs.steam.extraCompatPackages = with pkgs; [ proton-ge-rtsp-bin ];
+  environment.pathsToLink = [ "/share/xdg-desktop-portal" ];
+  security.sudo.package = pkgs.sudo.override { withInsults = true; };
+
  services.gnome.gnome-keyring.enable = true;
  security.pam.services.greetd.enableGnomeKeyring = true;
  security.pam.services.greetd.gnupg.enable = true;
@ -33,25 +70,17 @@
    gnupg.enable = true;
  };

-  programs.gnupg.agent = {
-    enable = true;
-    enableSSHSupport = true;
-  };
-
-  programs.nh = {
-    enable = true;
-    clean.enable = true;
-    clean.extraArgs = "--keep-since 4d --keep 3";
-    flake = "/home/alyx/.config/nixos";
-  };
-
-  hardware.wooting.enable = true;
-  hardware.openrazer.enable = true;
-
-  environment.pathsToLink = [ "/share/xdg-desktop-portal" ];
-
  systemd = {
-    user.services.polkit-gnome-authentication-agent-1 = {
+    services.setpci = {
+      description = "this runs the command that binds 2 of my usb ports to the EHCI controller";
+      wantedBy = ["multi-user.target"];
+      serviceConfig = {
+        Type = "simple";
+        ExecStart = "${pkgs.pciutils}/bin/setpci -s0:14.0 0xd0.W=0x3f3f";
+      };
+    };
+    user = {
+      services.polkit-gnome-authentication-agent-1 = {
        description = "polkit-gnome-authentication-agent-1";
        wantedBy = [ "graphical-session.target" ];
        wants = [ "graphical-session.target" ];
@ -64,8 +93,43 @@
          TimeoutStopSec = 10;
        };
      };
+      services.monado.environment = {
+        STEAMVR_LH_ENABLE = "1";
+        XRT_COMPOSITOR_COMPUTE = "1";
+        WMR_HANDTRACKING = "0";
+        AMD_VULKAN_ICD="RADV";
+      };
+    };  
  };

+  hardware.wooting.enable = true;
+
+  security.polkit.enable = true;
+  boot.loader.systemd-boot.enable = false;
+  boot.loader.limine = {
+    enable = true;
+    style.wallpapers = [ ];
+    additionalFiles = {
+      "efi/memtest86/memtest86.efi" = "${pkgs.memtest86-efi}/BOOTX64.efi";
+      "efi/shell.efi" = "${pkgs.edk2-uefi-shell}/shell.efi";
+
+    };
+    extraEntries = ''
+    /memtest86
+      protocol: efi
+      path: boot():/limine/efi/memtest86/memtest86.efi
+    /shell
+      protocol: efi
+      path: boot():/limine/efi/shell.efi
+    '';
+
+  };
+  boot.loader.efi.canTouchEfiVariables = true;
+  powerManagement.cpuFreqGovernor = "performance";
+  # Bootloader.
+  programs.virt-manager.enable = true;
+  services.gvfs.enable = true;
+  hardware.keyboard.qmk.enable = true;
  virtualisation = {
    libvirtd = {
      enable = true;
@ -86,140 +150,51 @@
    spiceUSBRedirection.enable = true;
  };

-  security.polkit.enable = true;
-
-  security.sudo.package = pkgs.sudo.override { withInsults = true; };
-
-  programs.steam.extraCompatPackages = with pkgs; [ proton-ge-rtsp-bin ];
-
-  programs.bash.shellAliases = {
-    nano = "nvim";
-  };
-
-  programs = {
-    adb.enable = true;
-    flashrom.enable = true;
-    nix-ld.enable = true;
-    nix-ld.libraries = with pkgs; [xorg.libxcb libao xorg.libX11 libusb1 cargo rustc pkg-config cacert libpulseaudio libsecret file];
-  };
-
-  services.journald.extraConfig = ''
-    SystemMaxUse=2G
-  '';
-
-  services.tailscale = {
-    enable = true;
-    useRoutingFeatures = "both";
-    openFirewall = true;
-    interfaceName = "userspace-networking";
-  };
-
-  networking.firewall.checkReversePath = "loose";
-
-  networking.useDHCP = false;
-
-  services.resolved.enable = true;
-  
-  systemd.network.enable = true;
-  
-  systemd.network.networks."enp0s25" = {
-    matchConfig.Name = "enp0s25";
-    networkConfig.DHCP = "yes";
-  };
-
-  services.networkd-dispatcher = {
-    enable = true;
-    rules."50-tailscale" = {
-      onState = ["routable"];
-      script = ''
-        "${pkgs.ethtool} NETDEV=$(ip -o route get 8.8.8.8 | cut -f 5 -d " ") | -K enp0s25 rx-udp-gro-forwarding on rx-gro-list off"
-      '';
-    };
-  };
-  
-  boot.supportedFilesystems = ["exfat" "ntfs" "xfs"];
-  boot.loader.limine.enable = true;
-  boot.loader.limine.style.wallpapers = [];
-  boot.loader.limine.additionalFiles = {
-    "efi/memtest86.efi" = "${pkgs.memtest86-efi}/BOOTX64.efi";
-    "efi/shell.efi" = "${pkgs.edk2-uefi-shell}/shell.efi";
-  };
-  boot.loader.efi.canTouchEfiVariables = true;
-  boot.initrd.systemd.enable = true;
-  boot.loader.efi.efiSysMountPoint = "/boot/";
-  boot.extraModulePackages = [
-    config.boot.kernelPackages.v4l2loopback.out
-    config.boot.kernelPackages.hid-t150.out
-  ];
-
-  services.monado = {
-    enable = true;
-    defaultRuntime = true;
-  };
- 
-  systemd.user.services.monado.environment = {
-    STEAMVR_LH_ENABLE = "1";
-    XRT_COMPOSITOR_COMPUTE = "1";
-    WMR_HANDTRACKING = "0";
-    AMD_VULKAN_ICD="RADV";
-  };
-
-  programs.virt-manager.enable = true;
  systemd.packages = with pkgs; [lact];
+  services.udev.packages = with pkgs; [xr-hardware];
  systemd.services.lactd.wantedBy = ["multi-user.target"];
  networking.hostName = "absolution"; # Define your hostname.

-  powerManagement.cpuFreqGovernor = "performance";
-
-  # Configure network proxy if necessary
-  # networking.proxy.default = "http://user:password@proxy:port/";
-  # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
-
  # Enable networking
  hardware.graphics = {
    enable = true;
    enable32Bit = true;
+    
    extraPackages = with pkgs; [mesa.opencl libvdpau-va-gl vaapiVdpau vulkan-validation-layers];
    extraPackages32 = with pkgs; [driversi686Linux.amdvlk driversi686Linux.mesa.opencl];
  };
  
-  hardware.bluetooth.enable = true;
-  services.blueman.enable = true;
-
-  #networking.networkmanager = {
-  #  enable = true;
-  #  wifi.backend = "iwd";
-  #};
+  programs.bash.shellAliases = {
+    nano = "nvim";
+  };  

+  programs.gphoto2.enable = true;
  # Set your time zone.
  time.timeZone = "Europe/London";

  # Select internationalisation properties.
-  i18n.defaultLocale = "en_GB.UTF-8";
-
+  i18n.defaultLocale = "en_AU.UTF-8";
+  nix.settings.experimental-features = "nix-command flakes";
  services.udisks2.enable = true;
-
  i18n.extraLocaleSettings = {
-    LC_ADDRESS = "en_GB.UTF-8";
-    LC_IDENTIFICATION = "en_GB.UTF-8";
-    LC_MEASUREMENT = "en_GB.UTF-8";
-    LC_MONETARY = "en_GB.UTF-8";
-    LC_NAME = "en_GB.UTF-8";
-    LC_NUMERIC = "en_GB.UTF-8";
-    LC_PAPER = "en_GB.UTF-8";
-    LC_TELEPHONE = "en_GB.UTF-8";
-    LC_TIME = "en_GB.UTF-8";
+    LC_ADDRESS = "en_AU.UTF-8";
+    LC_IDENTIFICATION = "en_AU.UTF-8";
+    LC_MEASUREMENT = "en_AU.UTF-8";
+    LC_MONETARY = "en_AU.UTF-8";
+    LC_NAME = "en_AU.UTF-8";
+    LC_NUMERIC = "en_AU.UTF-8";
+    LC_PAPER = "en_AU.UTF-8";
+    LC_TELEPHONE = "en_AU.UTF-8";
+    LC_TIME = "en_AU.UTF-8";
  };

-  nix.settings.experimental-features = [ "nix-command" "flakes" ];
-
  # Enable the X11 windowing system.
-  services.xserver.enable = false;
+  services.xserver.enable = true;
  programs.dconf.enable = true;

  # Configure keymap in X11
  services.xserver.xkb = {
-    layout = "gb";
+    layout = "us";
    variant = "";
  };

@ -238,18 +213,14 @@
    })
  ];

-  security = {
-    rtkit.enable = true;
-  };
-
  # Enable sound with pipewire.
  services.pulseaudio.enable = false;
+  security.rtkit.enable = true;
  services.pipewire = {
    enable = true;
    alsa.enable = true;
    alsa.support32Bit = true;
    pulse.enable = true;
-    # If you want to use JACK applications, uncomment this
    jack.enable = true;
    extraConfig.pipewire.noresample = { "context.properties" = { "default.clock.allowed-rates" = [ 44100 48000 192000 ]; }; };
    extraConfig.pipewire."92-low-latency" = {
@ -281,22 +252,19 @@
  };

  # Define a user account. Don't forget to set a password with ‘passwd’.
-  
  users.users.alyx = {
    isNormalUser = true;
    description = "Alyx";
-    extraGroups = [ "openrazer" "pipewire" "gamemode" "inputs" "networkmanager" "wheel" "libvirtd" "camera" "qemu-libvirtd" "lxd" "uinput" "qemu-libvirt" "input" ];
-    packages = with pkgs; [
-    ];
+    extraGroups = [ "networkmanager" "wheel" "libvirtd" "qemu-libvirt" "camera" "input" "adbusers" "inputs" "uinput" "qemu-libvirtd" "lxd" "pipewire" ];
  };

+  # Install firefox.
  services.libinput.enable = true;
-
  # Allow unfree packages
  nixpkgs.config.allowUnfree = true;

-  services.gvfs.enable = true;
- 
+  # List packages installed in system profile. To search, run:
+  # $ nix search wget
  environment.systemPackages = with pkgs; [
    hyprlock
    file
@ -334,6 +302,15 @@
    (pkgs.python3.withPackages (ps: with ps; [tkinter]))
  ];

-  system.stateVersion = "24.11"; # Did you read the comment?
+   programs.gnupg.agent = {
+     enable = true;
+     enableSSHSupport = true;
+   };
+
+   systemd.tmpfiles.rules = [
+     "f /dev/shm/looking-glass 0660 alyx qemu-libvirtd -"
+   ];
+
+  system.stateVersion = "24.11";

 }
--- a/base/absolution/default.nix
+++ b/base/absolution/default.nix
@ -3,10 +3,10 @@
    ./configuration.nix
    ../overrides.nix
    ../ssh.nix
+    ../firewall.nix
    ../substituters.nix
    ../fonts.nix
-    ../greetd.nix
-    #../virtualisation/virtualisation.nix
    ../udev.nix
+    ../greetd.nix
  ];
 }
--- a/base/absolution/hardware-configuration.nix
+++ b/base/absolution/hardware-configuration.nix
@ -8,20 +8,32 @@
    [ (modulesPath + "/installer/scan/not-detected.nix")
    ];

-  boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "ehci_pci" "nvme" "usb_storage" "sd_mod" "sr_mod" ];
+  hardware.bluetooth = {
+    enable = true;
+    powerOnBoot = true;
+    settings = {
+      General.Experimental = true;
+    };
+    input = { 
+      General.ClassicBondedOnly = false;
+      General.UserspaceHID = true;
+    };
+  };
+
+  boot.supportedFilesystems = ["exfat" "ntfs" "xfs"];
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
  boot.initrd.kernelModules = [ "vfio_pci" "vfio" "vfio_iommu_type1" "vendor-reset" ];
  boot.kernelModules = [ "kvm-intel" "vfio_virqfd" "vhost-net" "v4l2loopback" "12c-dev" ];
  boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback vendor-reset hid-t150 ];
-  boot.kernelPackages = pkgs.linuxKernel.packages.linux_xanmod_latest;
-  boot.kernel.sysctl = {
-    "vm.max_map_count" = 2147483642;
-  };
  boot.extraModprobeConfig = ''
-    options vfio-pci ids=1002:67df,1002:aaf0,1b21:2142,8086:8d26,8086:8d2d
+    options vfio-pci ids=1002:6fdf,1002:aaf0,1b21:1242,1002:67df
    options v4l2loopback devices=2 video_nr=1,2 card_label="Lenovo Camera" exclusive_caps=1
  '';
+  boot.blacklistedKernelModules = ["nouveau"];
+  boot.kernelParams = [ "amdgpu.ppfeaturemask=0xffffffff" "intel_iommu=on" "iommu=pt" "preempt=voluntary" "module_blacklist=nouveau" ];
+  #boot.kernelPackages = pkgs.linuxKernel.packages.linux_xanmod_latest;
+

-  boot.kernelParams = [ "amdgpu.ppfeaturemask=0xffffffff" "intel_iommu=on" "iommu=pt" "preempt=voluntary" ];

  fileSystems."/" =
    { device = "/dev/disk/by-uuid/9d711676-b74f-4b8e-a5bb-d8e4864966e1";
@ -31,17 +43,19 @@
  fileSystems."/boot" =
    { device = "/dev/disk/by-uuid/A4B4-1762";
      fsType = "vfat";
-      options = [ "fmask=0022" "dmask=0022" ];
+      options = [ "fmask=0077" "dmask=0077" ];
    };

  fileSystems."/500G" = 
    { device = "/dev/disk/by-uuid/88c7ab87-3bec-4f52-ab4f-c1a081df191f";
      fsType = "xfs";
+      options = [ "x-gvfs-show" ];
    };

  fileSystems."/250G" = 
    { device = "/dev/disk/by-uuid/1375e97d-e67b-43b7-827c-c1b984e0f42f";
      fsType = "xfs";
+      options = [ "x-gvfs-show" ];
    };

  swapDevices =
@ -53,7 +67,8 @@
  # still possible to use this option, but it's recommended to use it in conjunction
  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
  networking.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp0s25.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp7s0.useDHCP = lib.mkDefault true;

  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;