Add elara

Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
2024-12-18 20:57:26 +00:00
parent f96a5c7776
commit e23e71560f
48 changed files with 655 additions and 246 deletions
--- a/hosts/elara/README.md
+++ b/hosts/elara/README.md
@@ -0,0 +1,18 @@
+# sas
+
+## Post-Install Checklist
+
+### Networking
+
+- [ ] Add NetworkManager connections
+- [ ] Connect Bluetooth devices
+- [ ] Add printers
+
+### Third-party Services
+
+- [ ] Firefox
+  - [ ] Authenticate
+
+- [ ] Spotify
+  - [ ] Authenticate
+  - [ ] Local Files
--- a/hosts/elara/default.nix
+++ b/hosts/elara/default.nix
@@ -0,0 +1,168 @@
+{
+  inputs,
+  lib,
+  pkgs,
+  ...
+}:
+{
+  imports = [
+    ../../lib
+    inputs.disko.nixosModules.disko
+    (import ./format.nix {
+      device = "/dev/disk/by-id/usb-SanDisk_Ultra_Trek_0501990ddf7236633373ea7dd2e6715f954e2dbb35cadae343333f0562cda6aa7ec80000000000000000000042c100baff1e08109f5581078ea6d9c3-0:0";
+    })
+    ../common/system/configs/bluetooth
+    ../common/system/configs/boot
+    ../common/system/configs/brightnessctl
+    ../common/system/configs/btop
+    ../common/system/configs/btrfs
+    ../common/system/configs/cpu
+    ../common/system/configs/docker
+    ../common/system/configs/fastfetch
+    ../common/system/configs/getty
+    ../common/system/configs/git
+    ../common/system/configs/gpg-agent
+    ../common/system/configs/impermanence
+    ../common/system/configs/libvirt
+    ../common/system/configs/lsof
+    ../common/system/configs/ncdu
+    ../common/system/configs/neovim
+    ../common/system/configs/networking
+    ../common/system/configs/nix
+    ../common/system/configs/nix-cleanup
+    ../common/system/configs/nix-ld
+    ../common/system/configs/nixpkgs
+    ../common/system/configs/ntp
+    ../common/system/configs/pipewire
+    ../common/system/configs/plymouth
+    ../common/system/configs/powertop
+    ../common/system/configs/printing
+    ../common/system/configs/ranger
+    ../common/system/configs/sops
+    ../common/system/configs/ssh
+    ../common/system/configs/system
+    ../common/system/configs/timezone
+    ../common/system/configs/tlp
+    ../common/system/configs/tmux
+    ../common/system/configs/tree
+    ../common/system/configs/users
+    ../common/system/configs/wget
+    ../common/system/configs/zsh
+    ./users/nikara
+  ];
+
+  networking.hostName = "sas";
+  i18n.defaultLocale = "en_US.UTF-8";
+  sops.defaultSopsFile = ./secrets/secrets.yaml;
+
+  # https://github.com/NixOS/nixos-hardware/tree/master/lenovo/legion/16achg6
+  hardware = {
+    enableAllFirmware = true;
+
+    cpu = {
+      cores = 8;
+      threads = 16;
+      amd.updateMicrocode = true;
+    };
+
+    nvidia = {
+      modesetting.enable = true;
+      powerManagement.enable = true;
+      open = false;
+
+      prime = {
+        offload = {
+          enable = true;
+          enableOffloadCmd = true;
+        };
+        nvidiaBusId = "PCI:1:0:0";
+        amdgpuBusId = "PCI:6:0:0";
+      };
+    };
+
+    graphics = {
+      enable32Bit = true;
+      extraPackages = with pkgs; [
+        amdvlk
+        driversi686Linux.amdvlk
+        rocmPackages.clr
+        rocmPackages.clr.icd
+      ];
+    };
+  };
+
+  boot = {
+    kernelParams = [
+      "amd_pstate=active"
+      "video=eDP-1:2560x1600@165"
+    ];
+
+    kernelModules = [ "kvm-amd" ];
+
+    initrd.kernelModules = [
+      "nvme"
+      "ahci"
+      "usbhid"
+      "amdgpu"
+      "xhci_pci"
+      "usb_storage"
+      "sd_mod"
+    ];
+  };
+
+  nixpkgs = {
+    hostPlatform = "x86_64-linux";
+
+    config = {
+      cudaSupport = true;
+      rocmSupport = true;
+    };
+  };
+
+  powerManagement.enable = true;
+
+  systemd.services.powertop.postStart = builtins.readFile ./system/scripts/mouse.sh;
+
+  services = {
+    xserver.videoDrivers = [ "nvidia" ];
+    fstrim.enable = true;
+    tlp.settings.DISK_DEVICES = "nvme0n1 nvme1n1";
+  };
+
+  home-manager.sharedModules = [
+    {
+      wayland.windowManager.hyprland.settings = {
+        monitor = "eDP-1, 2560x1600@165, 0x0, 1.25";
+        env = [ "WLR_DRM_DEVICES,$HOME/.config/hypr/card" ];
+        device = [
+          {
+            name = "syna2ba6:00-06cb:ce44-touchpad";
+            sensitivity = 0.5;
+          }
+        ];
+        gestures.workspace_swipe_distance = 600;
+      };
+
+      programs = {
+        zsh.loginExtra = lib.mkBefore (builtins.readFile ./system/scripts/card.sh);
+
+        # VSCode does not play well with fractional scaling
+        vscode.userSettings."window.zoomLevel" = (1.25 - 1) / 0.2;
+
+        obs-studio.resolution = {
+          base = {
+            x = 4096;
+            y = 2560;
+          };
+
+          output = {
+            x = 2048;
+            y = 1280;
+          };
+        };
+      };
+
+      theme.cursor.size = 24;
+    }
+  ];
+}
--- a/hosts/elara/format.nix
+++ b/hosts/elara/format.nix
@@ -0,0 +1,74 @@
+{
+  device ? throw "device argument is required",
+  ...
+}:
+{
+  disko.devices = {
+    disk.main = {
+      inherit device;
+      type = "disk";
+      content = {
+        type = "gpt";
+        partitions = {
+          boot = {
+            name = "boot";
+            size = "1M";
+            type = "EF02";
+          };
+          esp = {
+            name = "esp";
+            size = "512M";
+            type = "EF00";
+            content = {
+              type = "filesystem";
+              format = "vfat";
+              mountpoint = "/boot";
+              mountOptions = [ "umask=0077" ];
+            };
+          };
+          root = {
+            name = "root";
+            size = "100%";
+            content = {
+              name = "luks";
+              type = "luks";
+              settings = {
+                allowDiscards = true;
+              };
+              content = {
+                type = "btrfs";
+                extraArgs = [ "-f" ];
+                subvolumes = {
+                  "@" = {
+                    mountpoint = "/";
+                  };
+                  "@persist" = {
+                    mountpoint = "/persist";
+                    mountOptions = [
+                      "compress=zstd"
+                      "noatime"
+                    ];
+                  };
+                  "@nix" = {
+                    mountpoint = "/nix";
+                    mountOptions = [
+                      "compress=zstd"
+                      "noatime"
+                    ];
+                  };
+                  "@cache" = {
+                    mountpoint = "/cache";
+                    mountOptions = [
+                      "compress=zstd"
+                      "noatime"
+                    ];
+                  };
+                };
+              };
+            };
+          };
+        };
+      };
+    };
+  };
+}
--- a/hosts/elara/secrets/ssh_host_ed25519_key.pub
+++ b/hosts/elara/secrets/ssh_host_ed25519_key.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB2sVagJ2CqpitBK4izlfKWIe2n2xkfV95F0VNkAc3FD nick@eirene
--- a/hosts/elara/system/scripts/card.sh
+++ b/hosts/elara/system/scripts/card.sh
@@ -0,0 +1,10 @@
+AMD=/dev/dri/by-path/pci-0000:06:00.0-card
+NVIDIA=/dev/dri/by-path/pci-0000:01:00.0-card
+
+if [[ -e "${AMD}" ]]; then
+  CARD=${AMD}
+else
+  CARD=${NVIDIA}
+fi
+
+ln -sf "${CARD}" "${HOME}"/.config/hypr/card
--- a/hosts/elara/system/scripts/mouse.sh
+++ b/hosts/elara/system/scripts/mouse.sh
@@ -0,0 +1,14 @@
+SEARCH_STRINGS=(
+  "Mouse"
+  "Razer DeathAdder Elite"
+  "Razer DeathAdder V3 HyperSpeed"
+)
+
+for search_string in "${SEARCH_STRINGS[@]}"; do
+  echo "Searching for devices matching: ${search_string}"
+
+  for f in $(grep -l "${search_string}" /sys/bus/usb/devices/*/product 2>/dev/null | sed "s/product/power\\/control/"); do
+    echo "Setting power control to 'on' for: ${f}"
+    echo on >| "${f}"
+  done
+done
--- a/hosts/elara/users/nikara/default.nix
+++ b/hosts/elara/users/nikara/default.nix
@@ -0,0 +1,116 @@
+{ config, lib, ... }:
+let
+  # FIXME: https://github.com/NixOS/nixpkgs/issues/24570
+  # FIXME: https://github.com/NixOS/nixpkgs/issues/305643
+  user = "nikara";
+  home = "/home/nikara";
+in
+{
+  imports = [
+    ../../../common/user/configs/options.nix
+    (import ../../../common/user/configs/console/bashmount { inherit user home; })
+    (import ../../../common/user/configs/console/bluetooth { inherit user home; })
+    (import ../../../common/user/configs/console/brightnessctl { inherit user home; })
+    (import ../../../common/user/configs/console/btop { inherit user home; })
+    (import ../../../common/user/configs/console/docker { inherit user home; })
+    (import ../../../common/user/configs/console/fastfetch { inherit user home; })
+    (import ../../../common/user/configs/console/git { inherit user home; })
+    (import ../../../common/user/configs/console/gpg-agent { inherit user home; })
+    (import ../../../common/user/configs/console/home-manager { inherit user home; })
+    (import ../../../common/user/configs/console/imagemagick { inherit user home; })
+    (import ../../../common/user/configs/console/libvirt { inherit user home; })
+    (import ../../../common/user/configs/console/ncdu { inherit user home; })
+    (import ../../../common/user/configs/console/neovim { inherit user home; })
+    (import ../../../common/user/configs/console/nix-develop { inherit user home; })
+    (import ../../../common/user/configs/console/nix-direnv { inherit user home; })
+    (import ../../../common/user/configs/console/nixpkgs { inherit user home; })
+    (import ../../../common/user/configs/console/pipewire { inherit user home; })
+    (import ../../../common/user/configs/console/ranger { inherit user home; })
+    (import ../../../common/user/configs/console/sops { inherit user home; })
+    (import ../../../common/user/configs/console/tmux { inherit user home; })
+    (import ../../../common/user/configs/console/tree { inherit user home; })
+    (import ../../../common/user/configs/console/wget { inherit user home; })
+    (import ../../../common/user/configs/console/xdg { inherit user home; })
+    (import ../../../common/user/configs/console/zsh { inherit user home; })
+    (import ../../../common/user/configs/gui/astal { inherit user home; })
+    (import ../../../common/user/configs/gui/bluetooth { inherit user home; })
+    (import ../../../common/user/configs/gui/brightnessctl { inherit user home; })
+    (import ../../../common/user/configs/gui/btop { inherit user home; })
+    (import ../../../common/user/configs/gui/chromium { inherit user home; })
+    (import ../../../common/user/configs/gui/cliphist { inherit user home; })
+    (import ../../../common/user/configs/gui/emoji { inherit user home; })
+    (import ../../../common/user/configs/gui/firefox { inherit user home; })
+    (import ../../../common/user/configs/gui/gtk { inherit user home; })
+    (import ../../../common/user/configs/gui/hyprland { inherit user home; })
+    (import ../../../common/user/configs/gui/hyprshot { inherit user home; })
+    (import ../../../common/user/configs/gui/kitty { inherit user home; })
+    (import ../../../common/user/configs/gui/libreoffice { inherit user home; })
+    (import ../../../common/user/configs/gui/networking { inherit user home; })
+    (import ../../../common/user/configs/gui/obs { inherit user home; })
+    (import ../../../common/user/configs/gui/obsidian { inherit user home; })
+    (import ../../../common/user/configs/gui/pipewire { inherit user home; })
+    (import ../../../common/user/configs/gui/qalculate { inherit user home; })
+    (import ../../../common/user/configs/gui/qt { inherit user home; })
+    (import ../../../common/user/configs/gui/rofi { inherit user home; })
+    (import ../../../common/user/configs/gui/spicetify { inherit user home; })
+    (import ../../../common/user/configs/gui/swww { inherit user home; })
+    (import ../../../common/user/configs/gui/theme { inherit user home; })
+    (import ../../../common/user/configs/gui/vscode { inherit user home; })
+    (import ../../../common/user/configs/gui/wev { inherit user home; })
+    (import ../../../common/user/configs/gui/x11 { inherit user home; })
+    (import ../../../common/user/configs/gui/xdg { inherit user home; })
+    (import ../../user/configs/console/globalprotect-remote-connect { inherit user home; })
+  ];
+
+  # echo "password" | mkpasswd -s
+  sops.secrets."${user}-password" = {
+    sopsFile = ../../../../secrets/sas/secrets.yaml;
+    key = "password";
+    neededForUsers = true;
+  };
+
+  users.users.${user} = {
+    inherit home;
+    isNormalUser = true;
+    email = "Nick.Karaolidis@sas.com";
+    fullName = "Nick Karaolidis";
+    description = "Nick Karaolidis";
+    hashedPasswordFile = config.sops.secrets."${user}-password".path;
+    extraGroups = [ "wheel" ];
+    linger = true;
+    uid = lib.strings.toInt (builtins.readFile ./uid);
+  };
+
+  services.getty.autologinUser = user;
+
+  home-manager.users.${user} = {
+    home = {
+      username = user;
+      homeDirectory = home;
+    };
+
+    sops.secrets = {
+      # Personal
+      "git/credentials" = {
+        sopsFile = ../../../../secrets/personal/secrets.yaml;
+        path = "${home}/.config/git/credentials";
+      };
+      "git/cookies" = {
+        sopsFile = ../../../../secrets/personal/secrets.yaml;
+        path = "${home}/.config/git/cookies";
+      };
+      "gpg-agent/personal/key".sopsFile = ../../../../secrets/personal/secrets.yaml;
+      "gpg-agent/personal/pass".sopsFile = ../../../../secrets/personal/secrets.yaml;
+
+      # SAS
+      "globalprotect/server".sopsFile = ../../../../secrets/sas/secrets.yaml;
+      "globalprotect/email".sopsFile = ../../../../secrets/sas/secrets.yaml;
+      "globalprotect/password".sopsFile = ../../../../secrets/sas/secrets.yaml;
+      "globalprotect/gateway".sopsFile = ../../../../secrets/sas/secrets.yaml;
+    };
+
+    theme.wallpaper = ../../../../static/wallpapers/clouds.png;
+
+    programs.obsidian.vaults."Documents/Obsidian/master".enable = true;
+  };
+}
--- a/hosts/elara/users/nikara/uid
+++ b/hosts/elara/users/nikara/uid
@@ -0,0 +1 @@
+1000
				`@@ -0,0 +1 @@`
				`ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB2sVagJ2CqpitBK4izlfKWIe2n2xkfV95F0VNkAc3FD nick@eirene`