nixos-config/hosts/miku.nix

375 lines
12 KiB
Nix
Raw Normal View History

2021-08-22 19:58:05 +00:00
{ config, pkgs, modulesPath, lib, fetchGit, ... }:
2021-07-29 20:21:51 +00:00
let
customPkgs = import ../packages/overlay.nix;
2021-07-29 20:21:51 +00:00
in {
imports = [
2021-08-04 19:01:14 +00:00
./generic.nix
2021-08-22 19:58:05 +00:00
../modules/hardware/generic.nix ../modules/hardware/video.nix ../modules/hardware/desktop.nix
../modules/fonts.nix
../modules/users/alexander.nix
../modules/programs/zsh ../modules/programs/git ../modules/programs/mpv ../modules/programs/tmux ../modules/programs/emacs ../modules/programs/firefox ../modules/programs/gnome-terminal ../modules/programs/gnome ../modules/programs/i18n.nix ../modules/programs/gamemode ../modules/programs/nonvm
../modules/programs/distributed-build/builder.nix
2021-08-22 19:58:05 +00:00
../modules/programs/music
2021-07-29 20:21:51 +00:00
];
nixpkgs.overlays = [
(import (builtins.fetchGit {
url = "https://github.com/nix-community/emacs-overlay.git";
ref = "master";
rev = "ce0e9482d53d69bedc8416d8a984d00e17607826";
}))
2021-08-22 19:58:05 +00:00
#(import (builtins.fetchTarball {
# url = "https://github.com/nix-community/NUR/archive/master.tar.gz";
# sha256 = "0r2pcc6sjxmhg1xxk23648wrwccv2c5v44cfwglx35az5y0hmr1f";
#}))
# Steam overlay
2021-08-23 18:28:54 +00:00
# TODO: Replace with the commented out version below
(final: prev: let
buildFHSUserEnvBubblewrap = prev.callPackage ../packages/build-support/build-fhs-userenv-bubblewrap {};
steamPackages = lib.dontRecurseIntoAttrs (prev.callPackage ../packages/games/steam {
buildFHSUserEnv = buildFHSUserEnvBubblewrap;
});
in {
buildFHSUserEnvBubblewrap = buildFHSUserEnvBubblewrap;
steamPackages = steamPackages;
steam = steamPackages.steam-fhsenv.override {
extraPkgs = pkgs: with pkgs; [ gamemode ];
};
})
#(final: prev:
# let
# # NOTE: This is a really messy solution
# buildFHSUserEnvBubblewrap = prev.callPackage ../packages/build-support/build-fhs-userenv-bubblewrap {};
# in {
# steamPackages = prev.steamPackages.override {
# buildFHSUserEnv = buildFHSUserEnvBubblewrap;
# # Include gamemode in the FHS
# #extraPkgs = (pkgs: with pkgs; [ gamemode ]);
# };
2021-08-22 19:58:05 +00:00
2021-08-23 18:28:54 +00:00
# steam = prev.steamPackages.steam-fhsenv.overrideAttrs (old: {
# specifyHomeDirs = true;
# chdirTo = "/home/$USER";
# });
# #steam = final.steamPackages.steam-fhsenv.override {
# # extraPkgs = pkgs: with pkgs; [ gamemode ];
# #};
# steam-run = final.steam.run;
# steam-run-native = (final.steam.override {
# nativeOnly = true;
# });
# steamcmd = final.steamPackages.steamcmd;
# })
2021-08-22 19:58:05 +00:00
# Simple overrides
(final: prev: {
mpv = prev.wrapMpv prev.mpv-unwrapped {
# Prevent the need for prefixing mpv with DRI_PRIME=1
extraMakeWrapperArgs = [
"--set" "DRI_PRIME" "1"
];
};
2021-08-23 18:28:54 +00:00
gajim = prev.gajim.overrideAttrs (old: {
# Enable notification sounds
propagatedBuildInputs = old.propagatedBuildInputs ++ [ prev.gsound ];
});
})
# Unstable, NUR, ...
(final: prev: {
unstable = (import ../modules/unstable.nix config);
nur = (import ../modules/nur.nix pkgs);
})
2021-07-29 20:21:51 +00:00
customPkgs
];
2021-08-22 19:58:05 +00:00
2021-08-23 18:28:54 +00:00
security = {
pam.loginLimits = [
{
domain = "@gamemode";
item = "-";
type = "nice";
value = "-10";
}
];
wrappers = {
gamemoded = {
source = "${pkgs.gamemode}/bin/gamemoded";
capabilities = "cap_sys_nice+ep";
};
};
};
2021-08-04 17:07:42 +00:00
2021-07-29 20:21:51 +00:00
environment = {
systemPackages = with pkgs; [
emacsPgtkGcc
unstable.firmwareLinuxNonfree
gajim
2021-08-22 19:58:05 +00:00
libvirt virt-manager qemu scream
2021-07-29 20:21:51 +00:00
gamemode # Custom package
key-mapper # Custom package
2021-08-07 15:26:11 +00:00
replaysorcery # Custom package
2021-08-22 19:58:05 +00:00
evdev-proxy # Custom package
vfio-isolate # Custom Package
steam
2021-07-29 20:21:51 +00:00
];
sessionVariables = {
# Prevent us from having to always type it out
2021-08-23 12:36:00 +00:00
NIXOS_CONFIG = "/home/${config.system.singleUser}/Development/Personal/nixos-config/hosts/miku.nix";
};
etc = {
"evdev-proxy/config.toml".source = pkgs.writeText "config.toml" ''
log_level = "INFO"
[[device]]
[device.Simple]
name = "EvdevProxyMouse"
vendor = 0x1337
model = 0x1337
class = "Mouse"
[[device.Simple.selector]]
USBIDClass = {vendor=0x046d, model=0xc531, class="Mouse"}
[[device.Simple.selector]]
USBIDClass = {vendor=0x046d, model=0xc07c, class="Mouse"}
[[device]]
[device.Simple]
name = "EvdevProxyTartarus"
vendor = 0x1337
model = 0x1338
2021-08-23 12:36:00 +00:00
class = "Keyboard"
# This is to give a deterministic /dev/input/by-id/ path to
# the mapped version of the Tartarus evdev node.
# (Useful for qemu)
[[device.Simple.selector]]
EVDEVClass = {phys="\"key-mapper\""}
'';
2021-08-22 19:58:05 +00:00
"libvirt/hooks/qemu".source = let
vfio-isolate-state = "/tmp/vfio-isolate-state";
in pkgs.writeScript "qemu" ''
#!${pkgs.stdenv.shell}
guest=$1
action=$2
phase=$3
extra=$4
if [[ "$guest" = "win10" ]]; then
case "$action" in
prepare)
# Only do this while in preparation
[[ ! "$phase" = "prepare" ]] && exit 0
sudo -u alexander systemctl --user start evdev-proxy.service
sudo -u alexander systemctl --user start scream.service
sleep 2
${pkgs.vfio-isolate}/bin/vfio-isolate \
-u ${vfio-isolate-state} \
cpu-governor performance "$GUEST_CORES" \
cpuset-create --cpus "$GUEST_CORES" /guest.slice \
cpuset-create --cpus C0,4 /host.slice \
move-tasks / /host.slice \
irq-affinity mask "$GUEST_CORES"
;;
stopped)
# Only run when the VM is fully stopped
[[ ! "$phase" = "end" ]] && exit 0
sudo -u alexander systemctl --user stop evdev-proxy.service
sudo -u alexander systemctl --user stop scream.service
${pkgs.vfio-isolate}/bin/vfio-isolate \
restore ${vfio-isolate-state}
esac
fi
'';
};
2021-07-29 20:21:51 +00:00
};
networking = {
interfaces.enp6s0.useDHCP = false;
hostName = "miku";
# Nix otherwise has a conflict with this option
wireless.enable = lib.mkForce false;
2021-07-29 20:52:07 +00:00
# Allow scream to connect to this host
firewall.allowedUDPPorts = [ 4010 ];
2021-07-29 20:21:51 +00:00
};
boot = {
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
extraModprobeConfig = ''
options kvm_amd nested=1
options vfio-pci ids=1002:67df,1002:aaf0
'';
initrd = {
availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "sd_mod" "amdgpu" "vendor-reset" ];
kernelModules = [
"amdgpu" # GPU (duh)
"kvm-amd" "vfio_virqfd" "vfio_pci" "vfio_iommu_type1" "vfio" # Virt
"uinput" # key-mapper
"vendor-reset"
];
};
kernelParams = [
"amd_iommu=on"
"iommu=pt"
"sysrq_always_enabled=1"
"kvm.ignore_msrs=1"
"kvm.report_ignored_msrs=N"
"fbcon=rotate:1"
"quiet"
];
kernelModules = [];
2021-08-22 19:58:05 +00:00
extraModulePackages = [ pkgs.linuxPackages.vendor-reset ];
# NOTE: A regression appears to have happend between 5.10 and 5.12
# which leads to the RX590 to have the fence fallback timer on
# sdma0 time out (whatever this means). Maybe bisect?
#kernelPackages = pkgs.linuxPackages_zen;
2021-07-29 20:21:51 +00:00
};
services = {
# NOTE: key-mapper has a dbus policy file that we need to include
dbus.packages = [ pkgs.key-mapper ];
emacs.package = pkgs.emacsPgtkGcc;
flatpak.enable = true;
xserver.videoDrivers = [ "amdgpu" ];
udev.extraRules = ''
KERNEL=="uinput", GROUP="input"
# This rule allows the input group to access /dev/uinput device to create virtual input devices
KERNEL=="uinput", SUBSYSTEM=="misc", GROUP="input", MODE="660"
# Create rules for your virtual devices to get persistent names
KERNEL=="event*", SUBSYSTEM=="input", ATTRS{name}=="EvdevProxy*", SYMLINK+="input/by-id/virtual-event-$attr{name}"
2021-07-29 20:21:51 +00:00
'';
sshd.enable = true;
};
virtualisation.libvirtd = {
enable = true;
qemuOvmf = true;
#qemuRunAsRoot = false;
qemuPackage = pkgs.unstable.qemu;
2021-07-29 20:21:51 +00:00
qemuVerbatimConfig = ''
seccomp_sandbox = 0
2021-07-29 20:21:51 +00:00
cgroup_device_acl = [
"/dev/null", "/dev/full", "/dev/zero",
"/dev/random", "/dev/urandom",
"/dev/ptmx", "/dev/kvm", "/dev/kqemu",
"/dev/rtc","/dev/hpet",
"/dev/input/by-id/usb-Logitech_USB_Receiver-if02-event-mouse",
"/dev/input/by-id/usb-Razer_Razer_Tartarus_V2-event-kbd",
2021-08-22 19:58:05 +00:00
"/dev/input/by-id/virtual-event-EvdevProxyMouse",
2021-08-23 12:36:00 +00:00
"/dev/input/by-id/virtual-event-EvdevProxyTartarus",
2021-08-22 19:58:05 +00:00
"/dev/input/by-id/usb-Razer_Razer_BlackWidow_Ultimate-event-kbd"
2021-07-29 20:21:51 +00:00
]
'';
};
2021-08-22 19:58:05 +00:00
# NOTE: Workaround for libvirt's SYSCONFDIR being set to /var/lib
# (See https://github.com/NixOS/nixpkgs/issues/51152#issuecomment-899374407)
system.activationScripts.libvirt-hooks.text = ''
ln -Tfs /etc/libvirt/hooks /var/lib/libvirt/hooks
'';
2021-07-29 20:21:51 +00:00
systemd = {
2021-08-22 19:58:05 +00:00
services = {
NetworkManager-wait-online.enable = false;
libvirtd.path = with pkgs; [ vfio-isolate systemd ];
};
2021-07-29 20:21:51 +00:00
user.services = {
scream = {
description = "Audio receiver for the Scream virtual network sound card";
2021-08-07 15:26:11 +00:00
#wantedBy = [ "default.target" ];
2021-07-29 20:21:51 +00:00
serviceConfig = {
Type = "simple";
ExecStart = "${pkgs.scream}/bin/scream -i virbr0 -o pulse";
2021-08-07 15:26:11 +00:00
Restart = "always";
};
};
replaysorcery-kms = {
description = "An open-source, instant-replay solution for Linux; KMS service";
#wantedBy = [ "default.target" ];
serviceConfig = {
Type = "simple";
ExecStart = "${pkgs.replaysorcery}/bin/replay-sorcery kms-service";
Restart = "always";
};
};
key-mapper = {
description = "A tool to change the mapping of your input device buttons";
wantedBy = [ "default.target" ];
serviceConfig = {
Type = "simple";
ExecStart = "${pkgs.key-mapper}/bin/key-mapper-service";
Restart = "always";
2021-08-22 19:58:05 +00:00
# NOTE: The Tartarus may not be connected, so don't fail if we cannot set the preset
ExecPostStart = "${pkgs.key-mapper}/bin/key-mapper --command start --preset NOOP --device \"Razer Razer Tartarus V2\"; exit 0";
};
};
2021-08-07 15:26:11 +00:00
replaysorcery = {
description = "An open-source, instant-replay solution for Linux";
#wantedBy = [ "default.target" ];
requires = [ "replaysorcery-kms.service" ];
serviceConfig = {
Type = "simple";
ExecStart = "${pkgs.replaysorcery}/bin/replay-sorcery";
Restart = "always";
2021-07-29 20:21:51 +00:00
};
};
evdev-proxy = {
description = "Creates virtual device to proxy evdev devices events";
#wantedBy = [ "default.target" ];
serviceConfig = {
Type = "simple";
ExecStart = "${pkgs.evdev-proxy}/bin/evdev-proxy";
Restart = "always";
};
};
2021-08-23 18:28:54 +00:00
# TODO: Remove once in stable or I decide to use unstable
2021-07-29 20:21:51 +00:00
gamemode = {
description = "A daemon/lib combo for Linux that allows games to request a set of optimisations be temporarily applied to the host OS.";
2021-08-07 15:26:11 +00:00
wantedBy = [ "default.target" ];
2021-08-23 18:28:54 +00:00
environment.PATH = lib.mkForce (pkgs.linkFarm "pkexec" [
{
name = "pkexec";
path = "${config.security.wrapperDir}/pkexec";
}
]);
2021-07-29 20:21:51 +00:00
serviceConfig = {
Type = "simple";
2021-08-23 18:28:54 +00:00
#ExecStart = "${pkgs.gamemode}/bin/gamemoded";
ExecStart = "${config.security.wrapperDir}/gamemoded";
2021-07-29 20:21:51 +00:00
Restart = "always";
};
};
};
};
fileSystems = {
"/" = {
device = "/dev/disk/by-label/root";
fsType = "btrfs";
};
"/boot" = {
device = "/dev/disk/by-label/boot";
fsType = "vfat";
};
"/mnt/Storage" = {
device = "/dev/disk/by-label/storage";
fsType = "ext4";
};
};
swapDevices = [ ];
}