mirror of
https://github.com/CHN-beta/nixos.git
synced 2024-10-24 04:28:45 +08:00
264 lines
8.5 KiB
Nix
264 lines
8.5 KiB
Nix
inputs:
|
|
{
|
|
options.nixos.system = let inherit (inputs.lib) mkOption types; in
|
|
{
|
|
hostname = mkOption { type = types.nonEmptyStr; };
|
|
march = mkOption { type = types.nullOr types.nonEmptyStr; default = null; };
|
|
extraMarch = mkOption { type = types.listOf types.nonEmptyStr; default = []; };
|
|
gui.enable = mkOption { type = types.bool; default = false; };
|
|
keepOutputs = mkOption { type = types.bool; default = false; };
|
|
};
|
|
config =
|
|
let
|
|
inherit (inputs.lib) mkMerge mkIf mkAfter;
|
|
inherit (inputs.localLib) mkConditional stripeTabs;
|
|
inherit (inputs.config.nixos) system;
|
|
in
|
|
mkMerge
|
|
[
|
|
# generic
|
|
{
|
|
nix =
|
|
{
|
|
settings =
|
|
{
|
|
system-features = [ "big-parallel" "nixos-test" "benchmark" ];
|
|
experimental-features = [ "nix-command" "flakes" ];
|
|
keep-outputs = inputs.config.nixos.system.keepOutputs;
|
|
keep-failed = true;
|
|
auto-optimise-store = true;
|
|
substituters = [ "https://cache.nixos.org/" "https://nix-store.chn.moe" ];
|
|
trusted-public-keys = [ "chn:Cc+nowW1LIpe1kyXOZmNaznFDiH1glXmpb4A+WD/DTE=" ];
|
|
show-trace = true;
|
|
max-jobs = 2;
|
|
cores = 0;
|
|
keep-going = true;
|
|
};
|
|
daemonIOSchedClass = "idle";
|
|
daemonCPUSchedPolicy = "idle";
|
|
registry =
|
|
{
|
|
nixpkgs.flake = inputs.topInputs.nixpkgs;
|
|
nixos-config.flake = inputs.topInputs.self;
|
|
};
|
|
nixPath = [ "nixpkgs=${inputs.topInputs.nixpkgs}" ];
|
|
};
|
|
services =
|
|
{
|
|
udev.extraRules = stripeTabs
|
|
''
|
|
ACTION=="add|change", KERNEL=="[sv]d[a-z]", ATTR{queue/rotational}=="0", ATTR{queue/scheduler}="bfq"
|
|
ACTION=="add|change", KERNEL=="nvme[0-9]n[0-9]", ATTR{queue/rotational}=="0", ATTR{queue/scheduler}="bfq"
|
|
'';
|
|
dbus.implementation = "broker";
|
|
journald.extraConfig = "MaxRetentionSec=7d";
|
|
};
|
|
networking.networkmanager =
|
|
{
|
|
enable = true;
|
|
extraConfig = stripeTabs
|
|
"
|
|
[device]
|
|
keep-configuration=no
|
|
";
|
|
};
|
|
nixpkgs =
|
|
{
|
|
config.allowUnfree = true;
|
|
overlays = [(final: prev: { genericPackages = (inputs.topInputs.nixpkgs.lib.nixosSystem
|
|
{
|
|
system = "x86_64-linux";
|
|
modules = [{ config.nixpkgs.config.allowUnfree = true; }];
|
|
}).pkgs;})];
|
|
};
|
|
time.timeZone = "Asia/Shanghai";
|
|
system =
|
|
{
|
|
stateVersion = "22.11";
|
|
configurationRevision = inputs.topInputs.self.rev or "dirty";
|
|
};
|
|
boot =
|
|
{
|
|
kernel.sysctl =
|
|
{
|
|
"net.core.rmem_max" = 67108864;
|
|
"net.core.wmem_max" = 67108864;
|
|
"net.ipv4.tcp_rmem" = "4096 87380 67108864";
|
|
"net.ipv4.tcp_wmem" = "4096 65536 67108864";
|
|
"net.ipv4.tcp_mtu_probing" = true;
|
|
"net.ipv4.tcp_tw_reuse" = true;
|
|
"vm.swappiness" = 10;
|
|
"net.ipv4.tcp_max_syn_backlog" = 8388608;
|
|
"net.core.netdev_max_backlog" = 8388608;
|
|
"net.core.somaxconn" = 8388608;
|
|
"vm.oom_kill_allocating_task" = true;
|
|
"vm.oom_dump_tasks" = false;
|
|
"vm.overcommit_memory" = 1;
|
|
"dev.i915.perf_stream_paranoid" = false;
|
|
"net.ipv4.conf.all.route_localnet" = true;
|
|
"net.ipv4.conf.default.route_localnet" = true;
|
|
"net.ipv4.conf.all.accept_local" = true;
|
|
"net.ipv4.conf.default.accept_local" = true;
|
|
"net.ipv4.ip_forward" = true;
|
|
"net.ipv4.ip_nonlocal_bind" = true;
|
|
"net.bridge.bridge-nf-call-iptables" = false;
|
|
"net.bridge.bridge-nf-call-ip6tables" = false;
|
|
"net.bridge.bridge-nf-call-arptables" = false;
|
|
};
|
|
supportedFilesystems = [ "ntfs" ];
|
|
consoleLogLevel = 7;
|
|
};
|
|
hardware.enableAllFirmware = true;
|
|
systemd =
|
|
{
|
|
extraConfig = stripeTabs
|
|
"
|
|
DefaultTimeoutStopSec=10s
|
|
DefaultLimitNOFILE=1048576:1048576
|
|
";
|
|
user.extraConfig = "DefaultTimeoutStopSec=10s";
|
|
services =
|
|
{
|
|
nix-daemon =
|
|
{
|
|
serviceConfig = { CacheDirectory = "nix"; Slice = "-.slice"; Nice = "19"; };
|
|
environment = { TMPDIR = "/var/cache/nix"; };
|
|
};
|
|
systemd-tmpfiles-setup = { environment = { SYSTEMD_TMPFILES_FORCE_SUBVOL = "0"; }; };
|
|
};
|
|
timers.systemd-tmpfiles-clean.enable = false;
|
|
};
|
|
environment =
|
|
{
|
|
etc."channels/nixpkgs".source = inputs.topInputs.nixpkgs.outPath;
|
|
etc."nixos".source = inputs.topInputs.self.outPath;
|
|
sessionVariables = rec
|
|
{
|
|
XDG_CACHE_HOME = "$HOME/.cache";
|
|
XDG_CONFIG_HOME = "$HOME/.config";
|
|
XDG_DATA_HOME = "$HOME/.local/share";
|
|
XDG_STATE_HOME = "$HOME/.local/state";
|
|
# ANDROID_HOME = "${XDG_DATA_HOME}/android";
|
|
HISTFILE= "${XDG_STATE_HOME}/bash/history";
|
|
CUDA_CACHE_PATH = "${XDG_CACHE_HOME}/nv";
|
|
DOCKER_CONFIG = "${XDG_CONFIG_HOME}/docker";
|
|
GNUPGHOME = "${XDG_DATA_HOME}/gnupg";
|
|
GTK2_RC_FILES = "${XDG_CONFIG_HOME}/gtk-2.0/gtkrc";
|
|
XCOMPOSECACHE = "${XDG_CACHE_HOME}/X11/xcompose";
|
|
MATHEMATICA_USERBASE = "${XDG_CONFIG_HOME}/mathematica";
|
|
_JAVA_OPTIONS = "-Djava.util.prefs.userRoot=${XDG_CONFIG_HOME}/java";
|
|
};
|
|
};
|
|
i18n =
|
|
{
|
|
defaultLocale = "zh_CN.UTF-8";
|
|
supportedLocales = ["zh_CN.UTF-8/UTF-8" "en_US.UTF-8/UTF-8" "C.UTF-8/UTF-8"];
|
|
};
|
|
# environment.pathsToLink = [ "/include" ];
|
|
# environment.variables.CPATH = "/run/current-system/sw/include";
|
|
# environment.variables.LIBRARY_PATH = "/run/current-system/sw/lib";
|
|
security.pam =
|
|
{
|
|
u2f =
|
|
{
|
|
enable = true;
|
|
cue = true;
|
|
appId = "pam://chn.moe";
|
|
origin = "pam://chn.moe";
|
|
# generate using `pamu2fcfg -u chn -o pam://chn.moe -i pam://chn.moe`
|
|
authFile = inputs.pkgs.writeText "yubikey_mappings" (builtins.concatStringsSep "\n"
|
|
[
|
|
(builtins.concatStringsSep ":"
|
|
[
|
|
"chn"
|
|
(builtins.concatStringsSep ","
|
|
[
|
|
"83Y3cLxhcmwbDOH1h67SQ1xy0dFBcoKYM0VO/YVq+9lpOpdPdmFaB7BNngO3xCmAxJeO/Fg9jNmEF9vMJEmAaw=="
|
|
"9bSjr+12JVwtHlyoa70J7w3bEQff+MwLxg5elzdP1OGHcfWGkolRvS+luAgcWjKn1g0swaYdnklCYWYOoCAJbA=="
|
|
"es256"
|
|
"+presence"
|
|
])
|
|
(builtins.concatStringsSep ","
|
|
[
|
|
"WgLCnlQcGP4uVHI8OZrJWoLK6ezHtl404NVGsfH2LXsq0TNVZ7l2OidGpbYqIJwTn5yKu6t0MI7KdHYD18T/HA=="
|
|
"GVPuwp38yb+A1Uur22hywW7mQJPOxuLXXKLlM9FU2bvVhpwdjWDvg+BB5YFAL9NjTW22V7Hy/a9UuSmZejs7dw=="
|
|
"es256"
|
|
"+presence"
|
|
])
|
|
])
|
|
]);
|
|
};
|
|
yubico =
|
|
{
|
|
enable = true;
|
|
id = "91291";
|
|
authFile = inputs.pkgs.writeText "yubikey_mappings" "chn:cccccbgrhnub";
|
|
};
|
|
};
|
|
virtualisation.oci-containers.backend = "docker";
|
|
}
|
|
# hostname
|
|
{ networking.hostName = system.hostname; }
|
|
# march
|
|
(
|
|
mkConditional (system.march != null)
|
|
{
|
|
nixpkgs =
|
|
{
|
|
hostPlatform = { system = "x86_64-linux"; gcc = { arch = system.march; tune = system.march; }; };
|
|
config.qchem-config.optArch = system.march;
|
|
};
|
|
nix.settings.system-features = [ "gccarch-${system.march}" ];
|
|
boot.kernelPatches =
|
|
[{
|
|
name = "native kernel";
|
|
patch = null;
|
|
extraStructuredConfig =
|
|
let
|
|
kernelConfig =
|
|
{
|
|
alderlake = "MALDERLAKE";
|
|
sandybridge = "MSANDYBRIDGE";
|
|
silvermont = "MSILVERMONT";
|
|
broadwell = "MBROADWELL";
|
|
znver2 = "MZEN2";
|
|
znver3 = "MZEN3";
|
|
};
|
|
in
|
|
{
|
|
GENERIC_CPU = inputs.lib.kernel.no;
|
|
${kernelConfig.${system.march}} = inputs.lib.kernel.yes;
|
|
};
|
|
}];
|
|
}
|
|
{ nixpkgs.hostPlatform = inputs.lib.mkDefault "x86_64-linux"; }
|
|
)
|
|
# extraMarch
|
|
{ nix.settings.system-features = map (march: "gccarch-${march}") system.extraMarch; }
|
|
# gui.enable
|
|
(mkIf inputs.config.nixos.system.gui.enable
|
|
{
|
|
services.xserver =
|
|
{
|
|
enable = true;
|
|
displayManager = { sddm.enable = true; defaultSession = "plasmawayland"; };
|
|
desktopManager.plasma5.enable = true;
|
|
videoDrivers = inputs.config.nixos.hardware.gpus;
|
|
};
|
|
systemd.services.display-manager.after = [ "network-online.target" ];
|
|
environment.sessionVariables."GTK_USE_PORTAL" = "1";
|
|
xdg.portal.extraPortals = with inputs.pkgs; [ xdg-desktop-portal-gtk xdg-desktop-portal-wlr ];
|
|
i18n.inputMethod =
|
|
{
|
|
enabled = "fcitx5";
|
|
fcitx5.addons = with inputs.pkgs; [ fcitx5-rime fcitx5-chinese-addons fcitx5-mozc ];
|
|
};
|
|
programs =
|
|
{
|
|
dconf.enable = true;
|
|
xwayland.enable = true;
|
|
};
|
|
})
|
|
];
|
|
}
|