diff --git a/config/hypr/hyprland.conf b/config/hypr/hyprland.conf index 13f8995..56ae6a2 100644 --- a/config/hypr/hyprland.conf +++ b/config/hypr/hyprland.conf @@ -17,9 +17,11 @@ ################ # See https://wiki.hypr.land/Configuring/Monitors/ -monitor=eDP-2,2560x1600@165.0,1920x80,1.6 -monitor=DP-5,1920x1080@60.0,0x0,1.0 +monitor=eDP-1,2560x1600@165.0,1920x0,1.6 +monitor=DP-4,1920x1080@60.0,0x0,1.0 +monitor=eDP-2,2560x1600@165.0,1920x0,1.6 +monitor=DP-5,1920x1080@60.0,0x0,1.0 ################### ### MY PROGRAMS ### diff --git a/config/hypr/hyprpaper.conf b/config/hypr/hyprpaper.conf index 667afa2..53bec8b 100644 --- a/config/hypr/hyprpaper.conf +++ b/config/hypr/hyprpaper.conf @@ -1,6 +1,16 @@ preload = /home/xory/wallpaper.png wallpaper = ,/home/xory/wallpaper.png +wallpaper { + monitor = eDP-1 + path = ~/wallpaper.png +} + +wallpaper { + monitor = DP-4 + path = ~/wallpaper.png +} + wallpaper { monitor = eDP-2 path = ~/wallpaper.png diff --git a/configuration.nix b/configuration.nix index eee6997..e1e0ac7 100644 --- a/configuration.nix +++ b/configuration.nix @@ -99,7 +99,7 @@ users.users.xory = { isNormalUser = true; description = "xory"; - extraGroups = [ "networkmanager" "wheel" "docker" "libvirt" "dialout" ]; + extraGroups = [ "networkmanager" "wheel" "docker" "libvirtd" "qemu-libvirtd" "kvm" "dialout" ]; shell = pkgs.zsh; initialHashedPassword = "$6$JXLpG5JYMJgZndm9$0sC8uPJ99cYL.hNv3DFQ20ky8tiZoxioe9GlMEanTwAD99LJ175/bHtN6Bm6bYsQG1BVGRdmphnXEcWS9ApoK0"; # this is defined declaratively, i don't use passwd. }; @@ -149,8 +149,8 @@ "--env=GTK_THEME=Adwaita:dark" ]; }; - signal-desktop-bin = { - executable = "${pkgs.signal-desktop-bin}/bin/signal-desktop"; + signal-desktop = { + executable = "${pkgs.signal-desktop}/bin/signal-desktop"; profile = "${pkgs.firejail}/etc/firejail/signal-desktop.profile"; extraArgs = [ "--env=GTK_THEME=Adwaita:dark" diff --git a/flake.lock b/flake.lock index d08d2e3..7503acf 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1771469470, - "narHash": "sha256-GnqdqhrguKNN3HtVfl6z+zbV9R9jhHFm3Z8nu7R6ml0=", + "lastModified": 1772420042, + "narHash": "sha256-naZz40TUFMa0E0CutvwWsSPhgD5JldyTUDEgP9ADpfU=", "owner": "nix-community", "repo": "disko", - "rev": "4707eec8d1d2db5182ea06ed48c820a86a42dc13", + "rev": "5af7af10f14706e4095bd6bc0d9373eb097283c6", "type": "github" }, "original": { @@ -45,11 +45,11 @@ ] }, "locked": { - "lastModified": 1771756436, - "narHash": "sha256-Tl2I0YXdhSTufGqAaD1ySh8x+cvVsEI1mJyJg12lxhI=", + "lastModified": 1772633064, + "narHash": "sha256-hawTxa3ciuUGOVla1dgyvjQffiPQtC2kqHfrpdBfMtk=", "owner": "nix-community", "repo": "home-manager", - "rev": "5bd3589390b431a63072868a90c0f24771ff4cbb", + "rev": "ef26422ded4cc4cdbf8ae1f81447877aea3bf252", "type": "github" }, "original": { @@ -107,11 +107,11 @@ "nvchad-starter": "nvchad-starter" }, "locked": { - "lastModified": 1771479716, - "narHash": "sha256-px2OOCb6VDEGNSVpFEbVLnocz34qrfAarx28lTzrWsw=", + "lastModified": 1772606251, + "narHash": "sha256-xueeMDt9GljPu0VjmQ/veepdcjO0cN1h+s+lkCgjq6k=", "owner": "nix-community", "repo": "nix4nvchad", - "rev": "5098052557a36a148c84740733c4ac5b1bc566a5", + "rev": "981382044fab8448a53707f5754558a13eacafa4", "type": "github" }, "original": { @@ -122,11 +122,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1771423359, - "narHash": "sha256-yRKJ7gpVmXbX2ZcA8nFi6CMPkJXZGjie2unsiMzj3Ig=", + "lastModified": 1771969195, + "narHash": "sha256-qwcDBtrRvJbrrnv1lf/pREQi8t2hWZxVAyeMo7/E9sw=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "740a22363033e9f1bb6270fbfb5a9574067af15b", + "rev": "41c6b421bdc301b2624486e11905c9af7b8ec68e", "type": "github" }, "original": { @@ -153,11 +153,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1771714954, - "narHash": "sha256-nhZJPnBavtu40/L2aqpljrfUNb2rxmWTmSjK2c9UKds=", + "lastModified": 1772598333, + "narHash": "sha256-YaHht/C35INEX3DeJQNWjNaTcPjYmBwwjFJ2jdtr+5U=", "owner": "nixos", "repo": "nixpkgs", - "rev": "afbbf774e2087c3d734266c22f96fca2e78d3620", + "rev": "fabb8c9deee281e50b1065002c9828f2cf7b2239", "type": "github" }, "original": { @@ -169,11 +169,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1771369470, - "narHash": "sha256-0NBlEBKkN3lufyvFegY4TYv5mCNHbi5OmBDrzihbBMQ=", + "lastModified": 1772542754, + "narHash": "sha256-WGV2hy+VIeQsYXpsLjdr4GvHv5eECMISX1zKLTedhdg=", "owner": "nixos", "repo": "nixpkgs", - "rev": "0182a361324364ae3f436a63005877674cf45efb", + "rev": "8c809a146a140c5c8806f13399592dbcb1bb5dc4", "type": "github" }, "original": { @@ -185,18 +185,15 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1771369470, - "narHash": "sha256-0NBlEBKkN3lufyvFegY4TYv5mCNHbi5OmBDrzihbBMQ=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "0182a361324364ae3f436a63005877674cf45efb", - "type": "github" + "lastModified": 1772198003, + "narHash": "sha256-UCaQQ8zmHUocQIgCl+53Jj6NuwqrVKtmv7obE9r6wnw=", + "rev": "dd9b079222d43e1943b6ebd802f04fd959dc8e61", + "type": "tarball", + "url": "https://releases.nixos.org/nixos/unstable/nixos-26.05pre955442.dd9b079222d4/nixexprs.tar.xz" }, "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" + "type": "tarball", + "url": "https://channels.nixos.org/nixos-unstable/nixexprs.tar.xz" } }, "nvchad-starter": { @@ -234,11 +231,11 @@ "systems": "systems_2" }, "locked": { - "lastModified": 1771737804, - "narHash": "sha256-7wn9qbzIQQgH8tnq4VwzuWEqEWpekuymlLyhY3vM/j8=", + "lastModified": 1772494187, + "narHash": "sha256-6ksgNAFXVK+Cg/6ww7bB2nJUPZlnS75UwZC7G+L03EE=", "owner": "Gerg-L", "repo": "spicetify-nix", - "rev": "6dd43010ac2458cc56a6ac5250349b9217a7a2ae", + "rev": "915ab06b046d05613041780c575c62a32fe67cea", "type": "github" }, "original": { diff --git a/hosts/nullstar/config.nix b/hosts/nullstar/config.nix index 6e5a043..8ff8f7e 100644 --- a/hosts/nullstar/config.nix +++ b/hosts/nullstar/config.nix @@ -8,6 +8,10 @@ (inputs.nixos-hardware.nixosModules.framework-16-7040-amd) ]; + specialisation."VFIO".configuration = { + imports = [ ./vfio.nix ]; + }; + services.fwupd.enable = true; networking.hostName = "nullstar"; diff --git a/hosts/nullstar/vfio.nix b/hosts/nullstar/vfio.nix new file mode 100644 index 0000000..451b3c0 --- /dev/null +++ b/hosts/nullstar/vfio.nix @@ -0,0 +1,23 @@ +{ config, pkgs, ... }: + +{ + boot.kernelParams = [ + "amd_iommu=on" + "iommu=pt" + "vfio-pci.ids=1002:7480,1002:ab30" + ]; + + boot.initrd.kernelModules = [ + "vfio" + "vfio_pci" + "vfio_iommu_type1" + ]; + + systemd.tmpfiles.rules = [ + "f /dev/shm/looking-glass 0660 xory qemu-libvirtd -" + ]; + + environment.systemPackages = with pkgs; [ + looking-glass-client + ]; +} diff --git a/hosts/testbed-vm/config.nix b/hosts/testbed-vm/config.nix new file mode 100644 index 0000000..40bf772 --- /dev/null +++ b/hosts/testbed-vm/config.nix @@ -0,0 +1,11 @@ +{ config, pkgs, pkgs-stable, lib, inputs, ... }: + +{ + imports = + [ + ./hardware/disko.nix + ]; + + networking.hostName = "nixos-testbed"; + networking.hostId = "6c3b53a1"; +} diff --git a/hosts/voidspear/hardware/disko.nix b/hosts/testbed-vm/hardware/disko.nix similarity index 70% rename from hosts/voidspear/hardware/disko.nix rename to hosts/testbed-vm/hardware/disko.nix index fc8c217..2273261 100644 --- a/hosts/voidspear/hardware/disko.nix +++ b/hosts/testbed-vm/hardware/disko.nix @@ -3,7 +3,7 @@ disk = { main = { type = "disk"; - device = "/dev/nvme0n1"; + device = "/dev/vda"; content = { type = "gpt"; partitions = { @@ -22,8 +22,11 @@ content = { type = "luks"; name = "crypted"; - # Critical for Samsung NVMe longevity/performance + # Disable this if you do not want to allow TRIM requests to pass through LUKS + # (Security vs SSD longevity trade-off) settings.allowDiscards = true; + # Uncomment if you want to use a keyfile during install: + # settings.keyFile = "/tmp/secret.key"; content = { type = "zfs"; pool = "zroot"; @@ -49,10 +52,12 @@ normalization = "formD"; relatime = "on"; canmount = "off"; + # Prevent auto-snapshotting by default (enable explicitly on datasets that need it) "com.sun:auto-snapshot" = "false"; }; datasets = { - # Ephemeral root (rolls back to blank on boot) + # The ephemeral root dataset. + # We create a blank snapshot immediately so you can rollback to it on boot. "root" = { type = "zfs_fs"; mountpoint = "/"; @@ -60,7 +65,7 @@ postCreateHook = "zfs snapshot zroot/root@blank"; }; - # Nix store + # The Nix Store (reproducible, doesn't need backing up usually) "nix" = { type = "zfs_fs"; mountpoint = "/nix"; @@ -68,11 +73,13 @@ options."com.sun:auto-snapshot" = "false"; }; - # Persistent data + # Persisted state (for impermanence) "persist" = { type = "zfs_fs"; mountpoint = "/persist"; options.mountpoint = "legacy"; + # Enable snapshots for data safety if using sanoid/syncoid + # options."com.sun:auto-snapshot" = "true"; }; # Home directories @@ -80,6 +87,7 @@ type = "zfs_fs"; mountpoint = "/home"; options.mountpoint = "legacy"; + # options."com.sun:auto-snapshot" = "true"; }; }; }; diff --git a/hosts/voidspear/config.nix b/hosts/voidspear/config.nix deleted file mode 100644 index 31173ec..0000000 --- a/hosts/voidspear/config.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ config, pkgs, lib, inputs, ... }: - -{ - imports = [ - ./hardware/hardware-configuration.nix - ./hardware/disko.nix - ]; - - networking.hostName = "voidspear"; - networking.hostID = "ec82a76e"; - - - # nVidia drivers. - hardware.graphics.extraPackages = with pkgs; [ - libvdpau-va-gl - ]; - services.xserver.videoDrivers = [ "nvidia"]; - hardware.nvidia = { - modesetting.enable = true; - powerManagement.enable = false; - open = false; - nvidiaSettings = true; - package = config.boot.kernelPackages.nvidiaPackages.stable; - }; - boot.blacklistedKernelModules = [ "nouveau" ]; - - services.ollama.package = pkgs.ollama-cuda; -} diff --git a/hosts/voidspear/hardware/hardware-configuration.nix b/hosts/voidspear/hardware/hardware-configuration.nix deleted file mode 100644 index 53f8354..0000000 --- a/hosts/voidspear/hardware/hardware-configuration.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-amd" ]; - boot.extraModulePackages = [ ]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp42s0.useDHCP = lib.mkDefault true; - # networking.interfaces.wlo1.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -}