]> Git — Sourcephile - julm/julm-nix.git/blob - hosts/patate/hardware.nix
sshd: start only after wg-intra
[julm/julm-nix.git] / hosts / patate / hardware.nix
1 { config, lib, pkgs, hostName, ... }:
2 {
3 hardware.cpu.intel.updateMicrocode = true;
4 hardware.opengl.extraPackages = [
5 pkgs.intel-media-driver # LIBVA_DRIVER_NAME=iHD
6 pkgs.vaapiIntel # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium)
7 pkgs.vaapiVdpau
8 pkgs.libvdpau-va-gl
9 ];
10 powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
11 services.thinkfan = {
12 enable = true;
13 levels = [
14 [0 0 57]
15 [1 56 62]
16 [2 61 65]
17 [3 64 66]
18 [4 65 68]
19 [5 67 71]
20 [6 70 76]
21 [7 75 81]
22 [127 80 32767]
23 ];
24 };
25
26 # https://bugzilla.kernel.org/show_bug.cgi?id=110941
27 boot.kernelParams = [ "intel_pstate=no_hwp" ];
28 boot.kernelModules = [ "kvm-intel" ];
29 boot.cleanTmpDir = true;
30 boot.tmpOnTmpfs = true;
31 boot.extraModulePackages = [
32 #config.boot.kernelPackages.exfat-nofuse
33 ];
34 boot.loader.grub = {
35 enable = true;
36 version = 2;
37 device = "/dev/disk/by-id/ata-CT250MX500SSD1_2004E2849DD1";
38 configurationLimit = 3;
39 #zfsSupport = true;
40 /*
41 efiSupport = true;
42 efi = {
43 canTouchEfiVariables = false;
44 efiSysMountPoint = "/boot/efi";
45 };
46 */
47 #enableCryptodisk = true;
48 };
49 services.acpid = {
50 enable = true;
51 handlers = {
52 brightnessDown = {
53 event = "video/brightnessdown.*";
54 action = "${pkgs.acpilight}/bin/xbacklight -dec 10";
55 };
56 brightnessUp = {
57 event = "video/brightnessup.*";
58 action = "${pkgs.acpilight}/bin/xbacklight -inc 10";
59 };
60 acAdapter = {
61 event = "ac_adapter/*";
62 action = ''
63 vals=($1)
64 case ''${vals[3]} in
65 00000000) # unplugged
66 ${pkgs.linuxPackages.cpupower}/bin/cpupower frequency-set -g powersave;;
67 00000001) # plugged in
68 ${pkgs.linuxPackages.cpupower}/bin/cpupower frequency-set -g ondemand;;
69 esac
70 '';
71 };
72 };
73 };
74
75 fileSystems."/boot" =
76 { device = "/dev/disk/by-partlabel/${hostName}_ssd_boot";
77 fsType = "ext2";
78 };
79 fileSystems."/boot/efi" =
80 { device = "/dev/disk/by-partlabel/${hostName}_ssd_efi";
81 fsType = "vfat";
82 };
83 swapDevices = [
84 { device = "/dev/disk/by-partlabel/${hostName}_ssd_swap";
85 randomEncryption = {
86 enable = true;
87 cipher = "aes-xts-plain64";
88 source = "/dev/urandom";
89 };
90 }
91 ];
92 zramSwap = {
93 enable = true;
94 algorithm = lib.mkDefault "zstd";
95 # There is little point creating a zram of greater
96 # than twice the size of memory
97 # since we expect a 2:1 compression ratio.
98 # Note that zram uses about 0.1% of the size of the disk
99 # when not in use so a huge zram is wasteful.
100 memoryPercent = lib.mkDefault 150;
101 # Linux supports multithreaded compression for 1 device since 3.15.
102 # See https://lkml.org/lkml/2014/2/28/404 for details.
103 swapDevices = lib.mkDefault 1;
104 };
105 boot.kernel.sysctl = {
106 # Increase cache pressure, which increases the tendency of the kernel to
107 # reclaim memory used for caching of directory and inode objects. You will use
108 # less memory over a longer period of time. The performance hit is negated by
109 # the downside of swapping sooner.
110 "vm.vfs_cache_pressure" = lib.mkDefault 500;
111
112 # Increasing how aggressively the kernel will swap memory pages since we are
113 # using ZRAM first.
114 "vm.swappiness" = lib.mkDefault 100;
115
116 # Background processes will start writing right away when it hits the 1% limit
117 "vm.dirty_background_ratio" = lib.mkDefault 1;
118
119 # The system won’t force synchronous I/O until it gets to 50% dirty_ratio.
120 "vm.dirty_ratio" = lib.mkDefault 50;
121 };
122
123 # The 32-bit host id of the host, formatted as 8 hexadecimal characters.
124 # You should try to make this id unique among your hosts.
125 # Manually generated with : head -c4 /dev/urandom | od -A none -t x4 | cut -d ' ' -f 2
126 networking.hostId = "ec2adb40";
127
128 # none is the recommended elevator with ZFS (which has its own I/O scheduler)
129 # and/or for SSD, whereas HDD could use mq-deadline.
130 services.udev.extraRules = ''
131 # set none scheduler for non-rotating disks
132 ACTION=="add|change", KERNEL=="sd[a-z]", ATTR{queue/rotational}=="0", ATTR{queue/scheduler}="none"
133 '';
134
135 boot.supportedFilesystems = [ "ntfs" "vfat" "zfs" ];
136 boot.initrd.supportedFilesystems = [ "zfs" ];
137 boot.initrd.availableKernelModules = [
138 "ahci"
139 "drbg"
140 "ehci_pci"
141 "gf128mul"
142 "hmac"
143 "sd_mod"
144 ];
145
146 boot.zfs.forceImportAll = false;
147 boot.zfs.forceImportRoot = false;
148 boot.zfs.enableUnstable = false;
149 boot.zfs.requestEncryptionCredentials = [ hostName ];
150 services.zfs.autoScrub.enable = true;
151
152 fileSystems."/" =
153 { device = "${hostName}/root";
154 fsType = "zfs";
155 };
156 fileSystems."/nix" =
157 { device = "${hostName}/nix";
158 fsType = "zfs";
159 };
160 fileSystems."/home/sevy" =
161 { device = "${hostName}/home";
162 fsType = "zfs";
163 };
164 fileSystems."/home/sevy/Documents" =
165 { device = "${hostName}/home/Documents";
166 fsType = "zfs";
167 };
168 fileSystems."/home/sevy/Images" =
169 { device = "${hostName}/home/Images";
170 fsType = "zfs";
171 };
172 fileSystems."/home/sevy/Téléchargements" =
173 { device = "${hostName}/home/Downloads";
174 fsType = "zfs";
175 };
176 fileSystems."/home/sevy/.thunderbird" =
177 { device = "${hostName}/home/Mails";
178 fsType = "zfs";
179 };
180 fileSystems."/home/sevy/Vidéos" =
181 { device = "${hostName}/home/Videos";
182 fsType = "zfs";
183 };
184 fileSystems."/var" =
185 { device = "${hostName}/var";
186 fsType = "zfs";
187 };
188 fileSystems."/var/cache" =
189 { device = "${hostName}/var/cache";
190 fsType = "zfs";
191 };
192 fileSystems."/var/log" =
193 { device = "${hostName}/var/log";
194 fsType = "zfs";
195 };
196 fileSystems."/var/tmp" =
197 { device = "${hostName}/var/tmp";
198 fsType = "zfs";
199 };
200
201 }