kookienomicon - My personal project and infrastructure archive

/* TOP LEVEL DEVICE CONFIGURATION FOR
 * 
 *    tempest (AMD workstation)
 *
 *
 * This file is part of LIBKOOKIE, a collection of nix expressions.
 * LIBKOOKIE is licensed under the GPL-3.0 (or later) -- see LICENSE
 */

{ lib, config, pkgs, ... } @ args:

let klib = (import <modules/harness/lib.nix>) args;
in
{


  ###################################################################
  #                    libkookie configuration
  #
  #
  #


  imports = with klib; [
    # Load base modules required to bootstrap libkookie
    <home-manager/nixos> <modules> <configuration/nix>

    
    #################################################################
    # Modules that require NixOS integration
    #
    <configuration/workstation/fonts>
    <configuration/workstation/printing>
    <configuration/workstation/xkblayout>
    
    <configuration/workstation/yubikey>
    <configuration/workstation/gpg>

    # TODO: build a beter loader
    <configuration/workstation/net/tempest.nix>
    <configuration/workstation/time/local.nix>

    
    #################################################################
    # home-manager modules that exist entirely in userspace
    #
    (loadModule <configuration/base> "default")

    # Set of base tools and system settings
    (loadModule <configuration/workstation/i3> "tempest")
    (loadModule <configuration/workstation/audio> "default")
    (loadModule <configuration/workstation/kitty> "default")
    (loadModule <configuration/workstation/office> "default")
    (loadModule <configuration/workstation/mail> "default")
    (loadModule <configuration/workstation/firefox> "default")
    (loadModule <configuration/workstation/redshift> "default")
    
    (loadModule <configuration/workstation/devel> "default")

    # Various other graphical tools
    (loadModule <configuration/workstation/pass> "default")
    (loadModule <configuration/workstation/chat> "default")
    (loadModule <configuration/workstation/music> "default")
    (loadModule <configuration/workstation/games> "default")
    (loadModule <configuration/workstation/creative> "default")
  ];

  # Configure i3 with the amdgpu driver
  libkookie.ui.i3 = { enable = true; videoDrivers = [ "amdgpu" ]; };

  # Configure audio
  libkookie.audio = { enable = true; discovery = true; jack = true; };
  
  # Enable fish shell handling on the system
  libkookie.base.fish.enable = true;

  # Configure mail handling
  libkookie.workstation.mail = {
    enable = true;
    configPath = ../ext/mail;
    mailArchive = "/home/Office/mail";
    access = { user = "spacekookie"; group = "spacekookie"; };
  };
  
  # Enable desired users
  libkookie.activeUsers = [ (klib.load <configuration/users/spacekookie>) ];


  #
  #
  #
  #
  ###################################################################

  ###################################################################
  #                    NixOS base system options
  #
  #
  #


  
  # Use the GRUB 2 boot loader.
  boot.loader.grub = {
    enable = true;
    device = "/dev/disk/by-id/nvme-Samsung_SSD_970_EVO_Plus_2TB_S4J4NG0M920511P";
    enableCryptodisk = true;
    zfsSupport = true;
    version = 2;
  };

  hardware.cpu.amd.updateMicrocode = true;
  hardware.enableRedistributableFirmware = true;

  boot.initrd.availableKernelModules =
    [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" "nvme" "nvme_core" ];
  boot.initrd.kernelModules = [ "dm-snapshot" ];
  boot.kernelModules = [ "kvm-amd" ];
  boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];

  services.zfs.autoSnapshot.enable = true;
  
  fileSystems."/" = {
    device = "zroot";
    fsType = "zfs";

    encrypted = {
      enable = true;
      label = "lvm";
      blkDev = "/dev/disk/by-uuid/e01e1473-ea51-4ec7-a5a9-44d673396644";
    };
  };

  fileSystems."/boot" = {
    device = "/dev/disk/by-uuid/0583b1a0-88c1-4e1c-855e-2df948272cbf";
    options = [ "defaults" "discard" ];
    fsType = "ext4";
  };

  swapDevices = [];
  nix.maxJobs = 16;
  

  # networking.firewall.allowedTCPPorts = [ 9000 ]; ?????
  
  networking.useDHCP = false;
  #networking.interfaces.enp8s0.useDHCP = true;
  networking.interfaces.eth0.useDHCP = true;
  
  # Select internationalisation properties.
  i18n.defaultLocale = "en_GB.UTF-8";

  # Set your time zone.
  time.timeZone = "Europe/Berlin";
  
  programs.mtr.enable = true;
  programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
  services.openssh.enable = true;

  #
  #
  #
  #
  ###################################################################

  # This setting is not really relevant on this desktop machine, so
  # just update it when new stable NixOS releases are branched off
  system.stateVersion = "20.09";
  
  # Set a static password for this user
  users.users.spacekookie.hashedPassword = "$6$rounds=1000000$IncTbazL/YhUV5$brzwb3Xa0cmmazpxJGPPo93wfs6jAomL1NYJ7Amw3WSyTjXGXGbedIMmm06nkeCnJfJzoZ.Jd47q88ot3USZi/";
}