dotfiles/hosts/tempest/default.nix

# The Tempest
# System configuration for my desktop

{
  inputs,
  globals,
  overlays,
  ...
}:

inputs.nixpkgs.lib.nixosSystem rec {
  system = "x86_64-linux";
  specialArgs = {
    pkgs-stable = import inputs.nixpkgs-stable { inherit system; };
    pkgs-caddy = import inputs.nixpkgs-caddy { inherit system; };
  };
  modules = [
    globals
    inputs.home-manager.nixosModules.home-manager
    ../../modules/common
    ../../modules/nixos
    {
      nixpkgs.overlays = overlays;

      # Hardware
      physical = true;
      networking.hostName = "tempest";

      # Not sure what's necessary but too afraid to remove anything
      boot.initrd.availableKernelModules = [
        "nvme"
        "xhci_pci"
        "ahci"
        "usb_storage"
        "usbhid"
        "sd_mod"
      ];

      # Graphics and VMs
      boot.initrd.kernelModules = [ "amdgpu" ];
      boot.kernelModules = [ "kvm-amd" ];
      services.xserver.videoDrivers = [ "amdgpu" ];

      # Required binary blobs to boot on this machine
      hardware.enableRedistributableFirmware = true;

      # Prioritize performance over efficiency
      powerManagement.cpuFreqGovernor = "performance";

      # Allow firmware updates
      hardware.cpu.amd.updateMicrocode = true;

      # Helps reduce GPU fan noise under idle loads
      hardware.fancontrol.enable = true;
      hardware.fancontrol.config = ''
        # Configuration file generated by pwmconfig, changes will be lost
        INTERVAL=10
        DEVPATH=hwmon0=devices/pci0000:00/0000:00:03.1/0000:06:00.0/0000:07:00.0/0000:08:00.0
        DEVNAME=hwmon0=amdgpu
        FCTEMPS=hwmon0/pwm1=hwmon0/temp1_input
        FCFANS= hwmon0/pwm1=hwmon0/fan1_input
        MINTEMP=hwmon0/pwm1=50
        MAXTEMP=hwmon0/pwm1=70
        MINSTART=hwmon0/pwm1=100
        MINSTOP=hwmon0/pwm1=10
        MINPWM=hwmon0/pwm1=10
        MAXPWM=hwmon0/pwm1=240
      '';

      # File systems must be declared in order to boot

      # This is the root filesystem containing NixOS
      fileSystems."/" = {
        device = "/dev/disk/by-label/nixos";
        fsType = "ext4";
      };

      # This is the boot filesystem for Grub
      fileSystems."/boot" = {
        device = "/dev/disk/by-label/boot";
        fsType = "vfat";
      };

      # Secrets must be prepared ahead before deploying
      passwordHash = inputs.nixpkgs.lib.fileContents ../../misc/password.sha512;

      # Theming

      # Turn on all features related to desktop and graphical applications
      gui.enable = true;

      # Set the system-wide theme, also used for non-graphical programs
      theme = {
        colors = (import ../../colorscheme/gruvbox-dark).dark;
        dark = true;
      };
      wallpaper = "${inputs.wallpapers}/gruvbox/road.jpg";
      gtk.theme.name = inputs.nixpkgs.lib.mkDefault "Adwaita-dark";

      # Programs and services
      atuin.enable = true;
      charm.enable = true;
      neovim.enable = true;
      media.enable = true;
      dotfiles.enable = true;
      firefox.enable = true;
      kitty.enable = true;
      _1password.enable = true;
      discord.enable = true;
      nautilus.enable = true;
      obsidian.enable = true;
      mail.enable = true;
      mail.aerc.enable = true;
      mail.himalaya.enable = true;
      keybase.enable = true;
      mullvad.enable = false;
      rust.enable = true;
      terraform.enable = true;
      wezterm.enable = true;
      yt-dlp.enable = true;
      gaming = {
        dwarf-fortress.enable = true;
        enable = true;
        steam.enable = true;
        moonlight.enable = true;
        legendary.enable = true;
        lutris.enable = true;
        ryujinx.enable = true;
      };
      services.vmagent.enable = true; # Enables Prometheus metrics
      services.openssh.enable = true; # Required for Cloudflare tunnel and identity file

      # Allows private remote access over the internet
      cloudflareTunnel = {
        enable = true;
        id = "ac133a82-31fb-480c-942a-cdbcd4c58173";
        credentialsFile = ../../private/cloudflared-tempest.age;
        ca = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPY6C0HmdFCaxYtJxFr3qV4/1X4Q8KrYQ1hlme3u1hJXK+xW+lc9Y9glWHrhiTKilB7carYTB80US0O47gI5yU4= open-ssh-ca@cloudflareaccess.org";
      };

      # Allows requests to force machine to wake up
      # This network interface might change, needs to be set specifically for each machine.
      # Or set usePredictableInterfaceNames = false
      networking.interfaces.enp5s0.wakeOnLan.enable = true;
    }
  ];
}
change hostname theme 2023-02-11 14:35:38 +00:00			`# The Tempest`
			`# System configuration for my desktop`

apply new nix fmt specification 2024-04-13 09:03:44 -04:00			`{`
			`inputs,`
			`globals,`
			`overlays,`
			`...`
			`}:`
clean up flake inputs and allow standalone home-manager closes #11 2022-10-30 20:14:41 -04:00
fix: vmagent 102 doesn't work, resort to nixpkgs-stable 2024-08-18 22:23:13 +00:00			`inputs.nixpkgs.lib.nixosSystem rec {`
move system to hosts directory 2022-05-08 16:02:13 -04:00			`system = "x86_64-linux";`
fix: vmagent 102 doesn't work, resort to nixpkgs-stable 2024-08-18 22:23:13 +00:00			`specialArgs = {`
			`pkgs-stable = import inputs.nixpkgs-stable { inherit system; };`
			`pkgs-caddy = import inputs.nixpkgs-caddy { inherit system; };`
			`};`
move system to hosts directory 2022-05-08 16:02:13 -04:00			`modules = [`
			`globals`
clean up flake and reset neovim plugin versions 2023-07-01 20:22:03 -06:00			`inputs.home-manager.nixosModules.home-manager`
split wsl, consolidate hardware 2023-04-15 20:55:56 -04:00			`../../modules/common`
			`../../modules/nixos`
move system to hosts directory 2022-05-08 16:02:13 -04:00			`{`
clean up flake and reset neovim plugin versions 2023-07-01 20:22:03 -06:00			`nixpkgs.overlays = overlays;`
split wsl, consolidate hardware 2023-04-15 20:55:56 -04:00
			`# Hardware`
convert to proper module layout 2022-12-21 14:18:03 -07:00			`physical = true;`
change hostname theme 2023-02-11 14:35:38 +00:00			`networking.hostName = "tempest";`
split wsl, consolidate hardware 2023-04-15 20:55:56 -04:00
improve hosts documentation 2023-08-05 17:14:26 -04:00			`# Not sure what's necessary but too afraid to remove anything`
apply new nix fmt specification 2024-04-13 09:03:44 -04:00			`boot.initrd.availableKernelModules = [`
			`"nvme"`
			`"xhci_pci"`
			`"ahci"`
			`"usb_storage"`
			`"usbhid"`
			`"sd_mod"`
			`];`
improve hosts documentation 2023-08-05 17:14:26 -04:00
			`# Graphics and VMs`
split wsl, consolidate hardware 2023-04-15 20:55:56 -04:00			`boot.initrd.kernelModules = [ "amdgpu" ];`
			`boot.kernelModules = [ "kvm-amd" ];`
			`services.xserver.videoDrivers = [ "amdgpu" ];`
improve hosts documentation 2023-08-05 17:14:26 -04:00
			`# Required binary blobs to boot on this machine`
fix: won't boot on amdgpu must be required linux firmware blobs 2023-04-16 19:04:57 -04:00			`hardware.enableRedistributableFirmware = true;`
improve hosts documentation 2023-08-05 17:14:26 -04:00
			`# Prioritize performance over efficiency`
split wsl, consolidate hardware 2023-04-15 20:55:56 -04:00			`powerManagement.cpuFreqGovernor = "performance";`
improve hosts documentation 2023-08-05 17:14:26 -04:00
			`# Allow firmware updates`
split wsl, consolidate hardware 2023-04-15 20:55:56 -04:00			`hardware.cpu.amd.updateMicrocode = true;`
improve hosts documentation 2023-08-05 17:14:26 -04:00
			`# Helps reduce GPU fan noise under idle loads`
split wsl, consolidate hardware 2023-04-15 20:55:56 -04:00			`hardware.fancontrol.enable = true;`
			`hardware.fancontrol.config = ''`
			`# Configuration file generated by pwmconfig, changes will be lost`
			`INTERVAL=10`
			`DEVPATH=hwmon0=devices/pci0000:00/0000:00:03.1/0000:06:00.0/0000:07:00.0/0000:08:00.0`
			`DEVNAME=hwmon0=amdgpu`
			`FCTEMPS=hwmon0/pwm1=hwmon0/temp1_input`
			`FCFANS= hwmon0/pwm1=hwmon0/fan1_input`
			`MINTEMP=hwmon0/pwm1=50`
			`MAXTEMP=hwmon0/pwm1=70`
			`MINSTART=hwmon0/pwm1=100`
			`MINSTOP=hwmon0/pwm1=10`
			`MINPWM=hwmon0/pwm1=10`
			`MAXPWM=hwmon0/pwm1=240`
			`'';`

improve hosts documentation 2023-08-05 17:14:26 -04:00			`# File systems must be declared in order to boot`

			`# This is the root filesystem containing NixOS`
split wsl, consolidate hardware 2023-04-15 20:55:56 -04:00			`fileSystems."/" = {`
			`device = "/dev/disk/by-label/nixos";`
			`fsType = "ext4";`
			`};`

improve hosts documentation 2023-08-05 17:14:26 -04:00			`# This is the boot filesystem for Grub`
split wsl, consolidate hardware 2023-04-15 20:55:56 -04:00			`fileSystems."/boot" = {`
			`device = "/dev/disk/by-label/boot";`
			`fsType = "vfat";`
			`};`
clean up host settings and start removing if statements 2023-04-15 12:58:37 -04:00
improve hosts documentation 2023-08-05 17:14:26 -04:00			`# Secrets must be prepared ahead before deploying`
save ratbag profile to text move misc data files to misc directory 2023-08-05 16:55:37 -04:00			`passwordHash = inputs.nixpkgs.lib.fileContents ../../misc/password.sha512;`
clean up host settings and start removing if statements 2023-04-15 12:58:37 -04:00
			`# Theming`
improve hosts documentation 2023-08-05 17:14:26 -04:00
			`# Turn on all features related to desktop and graphical applications`
split wsl, consolidate hardware 2023-04-15 20:55:56 -04:00			`gui.enable = true;`
improve hosts documentation 2023-08-05 17:14:26 -04:00
			`# Set the system-wide theme, also used for non-graphical programs`
refactor colors and options preparing for light mode, even though specializations aren't working 2022-11-02 21:29:14 -04:00			`theme = {`
refactor neovim colors using base16 color plugin instead of homemade 2023-04-15 18:38:03 -04:00			`colors = (import ../../colorscheme/gruvbox-dark).dark;`
set back to dark mode default 2022-11-05 19:38:43 -04:00			`dark = true;`
more darwin cleanup 2022-06-19 23:44:29 -04:00			`};`
clean up flake and reset neovim plugin versions 2023-07-01 20:22:03 -06:00			`wallpaper = "${inputs.wallpapers}/gruvbox/road.jpg";`
			`gtk.theme.name = inputs.nixpkgs.lib.mkDefault "Adwaita-dark";`
convert to proper module layout 2022-12-21 14:18:03 -07:00
clean up host settings and start removing if statements 2023-04-15 12:58:37 -04:00			`# Programs and services`
setup atuin synced shell history for user and root 2024-01-21 09:42:46 -05:00			`atuin.enable = true;`
enable charm 2023-02-20 22:42:22 -05:00			`charm.enable = true;`
fix desktop to work with refactor 2023-01-21 09:29:03 -05:00			`neovim.enable = true;`
convert to proper module layout 2022-12-21 14:18:03 -07:00			`media.enable = true;`
clean up host settings and start removing if statements 2023-04-15 12:58:37 -04:00			`dotfiles.enable = true;`
convert to proper module layout 2022-12-21 14:18:03 -07:00			`firefox.enable = true;`
			`kitty.enable = true;`
rename 1password module with underscore 2023-02-20 17:49:00 -05:00			`_1password.enable = true;`
convert to proper module layout 2022-12-21 14:18:03 -07:00			`discord.enable = true;`
			`nautilus.enable = true;`
			`obsidian.enable = true;`
fix: bad references for server linux 2022-12-22 00:31:25 +00:00			`mail.enable = true;`
convert to proper module layout 2022-12-21 14:18:03 -07:00			`mail.aerc.enable = true;`
			`mail.himalaya.enable = true;`
			`keybase.enable = true;`
clean up host settings and start removing if statements 2023-04-15 12:58:37 -04:00			`mullvad.enable = false;`
add rust programming tooling 2023-11-01 22:13:49 -04:00			`rust.enable = true;`
fix: tf formatting 2024-03-24 13:59:36 -04:00			`terraform.enable = true;`
replace kitty with wezterm on linux (tempest) 2024-06-23 08:54:30 -04:00			`wezterm.enable = true;`
move yt-dlp to separate file 2023-03-08 22:56:07 -05:00			`yt-dlp.enable = true;`
fix steam games not launching 2023-02-05 17:16:20 -05:00			`gaming = {`
enable classic dwarf fortress 2023-04-19 19:50:10 -04:00			`dwarf-fortress.enable = true;`
fix steam games not launching 2023-02-05 17:16:20 -05:00			`enable = true;`
			`steam.enable = true;`
add moonlight for game streaming 2024-08-07 22:58:58 -04:00			`moonlight.enable = true;`
reenable legendary and heroic games 2024-01-07 18:48:40 -05:00			`legendary.enable = true;`
fix steam games not launching 2023-02-05 17:16:20 -05:00			`lutris.enable = true;`
enable ryujinx 2023-06-01 22:39:05 -04:00			`ryujinx.enable = true;`
fix steam games not launching 2023-02-05 17:16:20 -05:00			`};`
improve hosts documentation 2023-08-05 17:14:26 -04:00			`services.vmagent.enable = true; # Enables Prometheus metrics`
apply new nix fmt specification 2024-04-13 09:03:44 -04:00			`services.openssh.enable = true; # Required for Cloudflare tunnel and identity file`
improve hosts documentation 2023-08-05 17:14:26 -04:00
			`# Allows private remote access over the internet`
add cloudflare tunnel to tempest 2023-07-05 14:18:59 -06:00			`cloudflareTunnel = {`
			`enable = true;`
			`id = "ac133a82-31fb-480c-942a-cdbcd4c58173";`
			`credentialsFile = ../../private/cloudflared-tempest.age;`
apply new nix fmt specification 2024-04-13 09:03:44 -04:00			`ca = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPY6C0HmdFCaxYtJxFr3qV4/1X4Q8KrYQ1hlme3u1hJXK+xW+lc9Y9glWHrhiTKilB7carYTB80US0O47gI5yU4= open-ssh-ca@cloudflareaccess.org";`
add cloudflare tunnel to tempest 2023-07-05 14:18:59 -06:00			`};`

enable wakeonlan for tempest 2023-07-20 21:06:44 -04:00			`# Allows requests to force machine to wake up`
improve hosts documentation 2023-08-05 17:14:26 -04:00			`# This network interface might change, needs to be set specifically for each machine.`
			`# Or set usePredictableInterfaceNames = false`
enable wakeonlan for tempest 2023-07-20 21:06:44 -04:00			`networking.interfaces.enp5s0.wakeOnLan.enable = true;`
move system to hosts directory 2022-05-08 16:02:13 -04:00			`}`
			`];`
			`}`