multisystem init

2024-12-05 20:09:11 +01:00
3 changed files with 69 additions and 53 deletions
--- a/configuration.nix
+++ b/configuration.nix
@ -30,7 +30,7 @@ in
 		#	"ddcci-driver"	# Brightness Controll (even on OLEDS)
 		#	"i2c-dev"		# Brightness Controll (even on OLEDS)
 		#];
-		kernelParams = [ "module_blacklist=i915" "nvidia_drm.modeset=1" ];
+		#kernelParams = [ "module_blacklist=i915" "nvidia_drm.modeset=1" ];
 		#kernelPatches = [ {
 		#	name = "hdr";
 		#	patch = null;
@ -38,15 +38,21 @@ in
 		#		AMD_PRIVATE_COLOR y
 		#	'';
 		#	} ];
-		extraModprobeConfig = ''
-			options nvidia_drm modes.et=1 fbdev=1
-			options nvidia NVreg_PreserveVideoMemoryAllocations=1
-		'';
+		#extraModprobeConfig = ''
+		#	options nvidia_drm modes.et=1 fbdev=1
+		#	options nvidia NVreg_PreserveVideoMemoryAllocations=1
+		#'';
 		loader = {
 			efi.canTouchEfiVariables = true;
-			systemd-boot = {
-				consoleMode = "max";
-				memtest86.enable = true;
+			efi.efiSysMountPoint = "/boot";
+			#systemd-boot = {
+			#	consoleMode = "max";
+			#	memtest86.enable = true;
+			#};
+			grub =  {
+				enable = true;
+				efiSupport = true;
+				device = "nodev";
 			};
 		};
 		initrd.systemd.enable = true;
@ -55,11 +61,11 @@ in
 	# Filesystems
 	fileSystems =
 	{
-		"/share" = {
-			options = [
-				"nofail"
-			];
-		};
+		#"/share" = {
+		#	options = [
+		#		"nofail"
+		#	];
+		#};
 	};

 	# Graphics 
@ -67,19 +73,26 @@ in
 		graphics = {
 			enable = true;
 			enable32Bit = true;
+			extraPackages = with pkgs; [
+				vpl-gpu-rt	# newer gpus
+				intel-media-sdk	# older gpus
+			];
 		};	
-		nvidia	= {
-			modesetting.enable = true; # required
-			powerManagement.enable = false; # Experimental
-			open = false; # Support limited to Turing and later: https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus
-			nvidiaSettings = true; # accessible via nvidia-settings
-			package = config.boot.kernelPackages.nvidiaPackages.stable;
-		};
+		bluetooth.enable = true;
+		#nvidia	= {
+		#	modesetting.enable = true; # required
+		#	powerManagement.enable = false; # Experimental
+		#	open = false; # Support limited to Turing and later: https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus
+		#	nvidiaSettings = true; # accessible via nvidia-settings
+		#	package = config.boot.kernelPackages.nvidiaPackages.stable;
+		#};
 	};

 networking = 
 {
-	hostName = "Zuse1"; # Define your hostname.
+	hostName = "Zuse2"; # Define your hostname
+	networkmanager.enable = true;
+	wireless.userControlled.enable = true;
 	#nameservers = [
 	#	"127.0.0.1"
 	#	"::1"
@ -117,13 +130,13 @@ networking =
 services.xserver = {
 	enable = true;

-	videoDrivers = [ "nvidia" ];
+	#videoDrivers = [ "nvidia" ];
 	excludePackages = with pkgs; [
 		xterm	# why the fuck is this garbage even shipped?
 	];

 	# Configure keymap in X11
-	xkb.layout = "us";
+	xkb.layout = "de";
 	xkb.options = "eurosign:e,caps:escape";

 	# DWM (minimal Xorg Fallback)
@ -159,6 +172,9 @@ services.gnome.gnome-keyring.enable = true;
 security.pam.services.sddm.enableGnomeKeyring = true;
 security.pam.services.hyprlock.enableGnomeKeyring = true;

+# Bluetooth managment
+services.blueman.enable = true;
+
 # Enable CUPS to print documents.
 services.printing.enable = true;

@ -211,6 +227,7 @@ security.krb5 = {
  # Enable touchpad support (enabled default in most desktopManager).
  # services.libinput.enable = true;

+
 # /share
 users.groups.share = {};

@ -247,6 +264,13 @@ systemd.tmpfiles.rules = [
 	shell = pkgs.zsh;
  };

+  users.users.kiosk = {
+  	isNormalUser = true;
+	home = "/var/kiosk";
+	homeMode = "700";
+	extraGroups = ["audio"];
+  };
+
 # Font Config
 fonts =  {
 	enableDefaultPackages = true;
@ -315,6 +339,7 @@ environment.etc.crypttab = {
      		#backgroundbin = "$XDG_PICTURES_DIR/Wallpapers/current";
      		loginBackground = true;
      		})
+		networkmanagerapplet # Network Manager GUI
 	];
 	
 	programs = {
@ -358,7 +383,9 @@ programs.gnupg.agent = {
 	enableSSHSupport = true;
 };

-security.polkit.extraConfig = ''
+security.polkit = {
+	enable = true;
+	extraConfig = ''
    polkit.addRule(function(action, subject) {
      if (
        subject.isInGroup("users")
@ -374,23 +401,7 @@ security.polkit.extraConfig = ''
      }
    })
  '';
-
-systemd.user.services =
-{
-	polkit-gnome-authentication-agent-1 = {
-			description = "polkit-gnome-authentication-agent-1";
-			wantedBy = [ "graphical-session.target" ];
-			wants = [ "graphical-session.target" ];
-			after = [ "graphical-session.target" ];
-			serviceConfig = {
-			Type = "simple";
-			ExecStart = "${pkgs.polkit_gnome}/libexec/polkit-gnome-authentication-agent-1";
-			Restart = "on-failure";
-			RestartSec = 1;
-			TimeoutStopSec = 10;
-		};
-	};
-};
+  };

 system.userActivationScripts.linktosharedfolder.text = ''
  if [[ ! -h "$XDG_MUSIC_DIR" ]]; then
--- a/flake.nix
+++ b/flake.nix
@ -38,6 +38,12 @@
          })
        ];
      };
+      Zuse2 = nixpkgs.lib.nixosSystem {
+        system = "x86_64-linux";
+      	modules = [
+		./configuration.nix
+	];
+      };
    };
  };
 }
--- a/hardware-configuration.nix
+++ b/hardware-configuration.nix
@ -8,33 +8,30 @@
    [ (modulesPath + "/installer/scan/not-detected.nix")
    ];

-  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
+  boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "rtsx_pci_sdmmc" ];
  boot.initrd.kernelModules = [ ];
  boot.kernelModules = [ "kvm-intel" ];
  boot.extraModulePackages = [ ];

  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/2ba31f86-69eb-448c-a224-7bb228803f95";
+    { device = "/dev/disk/by-uuid/445ce2b5-db78-48b5-bde7-1aa3057bafae";
      fsType = "btrfs";
    };

-  boot.initrd.luks.devices."root".device = "/dev/disk/by-uuid/b9457757-75bc-494e-adaa-87d772b93cbd";
+  fileSystems."/var/lib/docker/btrfs" =
+    { device = "/var/lib/docker/btrfs";
+      fsType = "none";
+      options = [ "bind" ];
+    };

  fileSystems."/boot" =
-    { device = "/dev/disk/by-uuid/12CE-A600";
+    { device = "/dev/disk/by-uuid/3139-13CA";
      fsType = "vfat";
      options = [ "fmask=0022" "dmask=0022" ];
    };

-  fileSystems."/share" =
-    { device = "/dev/disk/by-uuid/61d599a8-170a-4e97-abb3-cd0cb32edac2";
-      fsType = "btrfs";
-    };
-
-  boot.initrd.luks.devices."share".device = "/dev/disk/by-uuid/87aa812d-b5dd-44b7-bb4d-303d6ac7c11a";
-
  swapDevices =
-    [ { device = "/dev/disk/by-uuid/a07a0f5b-012b-4b37-b052-8e2da8615413"; }
+    [ { device = "/dev/disk/by-uuid/4fc7c055-f053-4bfa-a609-58ad9444450f"; }
    ];

  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
@ -42,7 +39,9 @@
  # still possible to use this option, but it's recommended to use it in conjunction
  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.docker0.useDHCP = lib.mkDefault true;
  # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true;

  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;