Black mesa enable redistributable firmware · bwc9876.dev/nixos-config@15f225e

bwc9876.dev / nixos-config

fork atom

Flake for my NixOS devices

fork atom

Black mesa enable redistributable firmware

bwc9876.dev 4 months ago 15f225e1 e281bd0e

verified

+80 -77

1 changed file

expand all

nixosConfigurations

black-mesa.nix

+80 -77

nixosConfigurations/black-mesa.nix

··· 2 inputs, 3 outputs, 4 ... 5 - }: { 6 system = "x86_64-linux"; 7 8 - modules = 9 - (builtins.attrValues outputs.nixosModules) 10 - ++ [ 11 - inputs.nixos-hardware.nixosModules.common-gpu-amd 12 - inputs.nixos-hardware.nixosModules.common-cpu-amd 13 - { 14 - home-manager.users.bean.home.stateVersion = "25.05"; 15 - system.stateVersion = "25.05"; 16 - networking.hostName = "black-mesa"; 17 18 - powerManagement.cpuFreqGovernor = "performance"; 19 20 - boot.initrd.availableKernelModules = [ 21 - "nvme" 22 - "xhci_pci" 23 - "ahci" 24 - "usbhid" 25 - "usb_storage" 26 - "sd_mod" 27 - ]; 28 - boot.kernelModules = ["kvm-amd"]; 29 - boot.extraModulePackages = []; 30 31 - # Other disks handled by cow.disks 32 - fileSystems."/mnt/storage" = { 33 - device = "/dev/sda1"; 34 - fsType = "btrfs"; 35 - }; 36 37 - users.users = let 38 secureRoot = "/nix/persist/secure"; 39 - in { 40 bean.hashedPasswordFile = "${secureRoot}/hashed-passwd"; 41 root.hashedPasswordFile = "${secureRoot}/hashed-passwd"; 42 }; 43 44 - home-manager.users.bean.cow = { 45 - sync.enable = true; 46 - dev.enable = true; 47 }; 48 49 - cow = { 50 - bean.sudoer = true; 51 - lanzaboote.enable = true; 52 - ssh-server.enable = true; 53 - role-desktop.enable = true; 54 - gaming.enable = true; 55 - imperm.enable = true; 56 - disks = { 57 - enable = true; 58 - partition-prefix = "cow-bm"; 59 - swap = false; 60 - luks = true; 61 - }; 62 - }; 63 - } 64 - { 65 - # Bingus! 66 - imports = [inputs.bingus.nixosModules.default]; 67 - nixpkgs.overlays = [inputs.bingus.overlays.default]; 68 69 - cow.imperm.keep = [ 70 - "/var/lib/private/bingus" 71 ]; 72 - 73 - services.bingus-bot = { 74 - enable = true; 75 - tokenFile = "/nix/persist/secure/bingus-token"; 76 - replyChannels = [ 77 - 1295447496948191262 78 - 1295245646542143489 79 - ]; 80 }; 81 - } 82 - { 83 - # for WOL 84 - systemd.network.links."79-eth-wol" = { 85 - matchConfig = { 86 - Type = "ether"; 87 - Driver = "!veth"; 88 - Virtualization = "false"; 89 - }; 90 - linkConfig = { 91 - WakeOnLan = "magic"; 92 - NamePolicy = "keep kernel database onboard slot path"; 93 - AlternativeNamesPolicy = "database onboard slot path mac"; 94 - MACAddressPolicy = "persistent"; 95 - }; 96 }; 97 - } 98 - ]; 99 }

··· 2 inputs, 3 outputs, 4 ... 5 + }: 6 + { 7 system = "x86_64-linux"; 8 9 + modules = (builtins.attrValues outputs.nixosModules) ++ [ 10 + inputs.nixos-hardware.nixosModules.common-gpu-amd 11 + inputs.nixos-hardware.nixosModules.common-cpu-amd 12 + { 13 + home-manager.users.bean.home.stateVersion = "25.05"; 14 + system.stateVersion = "25.05"; 15 + networking.hostName = "black-mesa"; 16 17 + powerManagement.cpuFreqGovernor = "performance"; 18 19 + boot.initrd.availableKernelModules = [ 20 + "nvme" 21 + "xhci_pci" 22 + "ahci" 23 + "usbhid" 24 + "usb_storage" 25 + "sd_mod" 26 + ]; 27 + boot.kernelModules = [ "kvm-amd" ]; 28 + boot.extraModulePackages = [ ]; 29 + 30 + hardware.enableRedistributableFirmware = true; 31 32 + # Other disks handled by cow.disks 33 + fileSystems."/mnt/storage" = { 34 + device = "/dev/sda1"; 35 + fsType = "btrfs"; 36 + }; 37 38 + users.users = 39 + let 40 secureRoot = "/nix/persist/secure"; 41 + in 42 + { 43 bean.hashedPasswordFile = "${secureRoot}/hashed-passwd"; 44 root.hashedPasswordFile = "${secureRoot}/hashed-passwd"; 45 }; 46 47 + home-manager.users.bean.cow = { 48 + sync.enable = true; 49 + dev.enable = true; 50 + }; 51 + 52 + cow = { 53 + bean.sudoer = true; 54 + lanzaboote.enable = true; 55 + ssh-server.enable = true; 56 + role-desktop.enable = true; 57 + gaming.enable = true; 58 + imperm.enable = true; 59 + disks = { 60 + enable = true; 61 + partition-prefix = "cow-bm"; 62 + swap = false; 63 + luks = true; 64 }; 65 + }; 66 + } 67 + { 68 + # Bingus! 69 + imports = [ inputs.bingus.nixosModules.default ]; 70 + nixpkgs.overlays = [ inputs.bingus.overlays.default ]; 71 72 + cow.imperm.keep = [ 73 + "/var/lib/private/bingus" 74 + ]; 75 76 + services.bingus-bot = { 77 + enable = true; 78 + tokenFile = "/nix/persist/secure/bingus-token"; 79 + replyChannels = [ 80 + 1295447496948191262 81 + 1295245646542143489 82 ]; 83 + }; 84 + } 85 + { 86 + # for WOL 87 + systemd.network.links."79-eth-wol" = { 88 + matchConfig = { 89 + Type = "ether"; 90 + Driver = "!veth"; 91 + Virtualization = "false"; 92 }; 93 + linkConfig = { 94 + WakeOnLan = "magic"; 95 + NamePolicy = "keep kernel database onboard slot path"; 96 + AlternativeNamesPolicy = "database onboard slot path mac"; 97 + MACAddressPolicy = "persistent"; 98 }; 99 + }; 100 + } 101 + ]; 102 }