blob: d6b70d834fab6858fc5d46d470cdccdf897e06d9 (
plain) (
tree)
|
|
{ depot, modulesPath, config, lib, pkgs, ... }:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
(depot.third_party.agenix.src + "/modules/age.nix")
../modules/common.nix
../modules/xserver.nix
../modules/fonts.nix
../modules/sound.nix
../modules/tvl.nix
../modules/development.nix
../modules/wireshark.nix
];
networking.hostName = "ogopogo";
system.stateVersion = "22.11";
boot = {
initrd = {
availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
kernelModules = [ ];
};
kernelModules = [ "kvm-amd" ];
blacklistedKernelModules = [ ];
extraModulePackages = [ ];
kernel.sysctl = {
"kernel.perf_event_paranoid" = -1;
};
};
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/d67506cf-7039-484d-97c0-00321a7858dc";
fsType = "ext4";
};
"/boot" = {
device = "/dev/disk/by-uuid/AE73-03A3";
fsType = "vfat";
};
"/data" = {
device = "/dev/disk/by-uuid/03e0f4dc-9778-42e2-a59e-45522610e509";
fsType = "ext4";
};
};
swapDevices = [{
device = "/dev/disk/by-uuid/8bdae7c8-5160-491f-8cd0-4f0a79acadf9";
}];
services.earlyoom = {
enable = true;
freeMemThreshold = 5;
};
hardware.enableAllFirmware = true;
hardware.pulseaudio.extraConfig = ''
load-module module-remap-source source_name=KompleteAudio6_1 source_properties=device.description=KompleteAudio6Input1 master=alsa_input.usb-Native_Instruments_Komplete_Audio_6_458E0FFD-00.multichannel-input remix=no channels=1 master_channel_map=front-left channel_map=mono
load-module module-remap-source source_name=KompleteAudio6_2 source_properties=device.description=KompleteAudio6Input2 master=alsa_input.usb-Native_Instruments_Komplete_Audio_6_458E0FFD-00.multichannel-input remix=no channels=1 master_channel_map=front-right channel_map=mono
load-module module-remap-sink sink_name=KompleteAudio6_12 sink_properties=device.description=KompleteAudio6_12 remix=no master=alsa_output.usb-Native_Instruments_Komplete_Audio_6_458E0FFD-00.analog-surround-21 channels=2 master_channel_map=front-left,front-right channel_map=front-left,front-right
'';
services.fwupd.enable = true;
services.tailscale.enable = true;
hardware.keyboard.zsa.enable = true;
# Nvidia
services.xserver = {
videoDrivers = [ "nvidia" ];
dpi = 100;
};
hardware.opengl.enable = true;
services.picom = {
enable = true;
vSync = true;
};
hardware.opengl.driSupport32Bit = true;
services.postgresql = {
enable = true;
enableTCPIP = true;
authentication = "host all all 0.0.0.0/0 md5";
dataDir = "/data/postgresql";
package = pkgs.postgresql_15;
port = 5431;
settings = {
wal_level = "logical";
};
};
services.buildkite-agents.ogopogo-1 = rec {
enable = true;
tokenPath = config.age.secretsDir + "/buildkite-token";
privateSshKeyPath = config.age.secretsDir + "/buildkite-ssh-key";
runtimePackages = with pkgs; [
docker
nix
gnutar
gzip
bash
];
tags = {
queue = "ogopogo";
};
dataDir = "/home/grfn/buildkite-agent";
hooks.environment = ''
export BUILDKITE_AGENT_HOME=${dataDir}
'';
};
systemd.services.buildkite-agent-ogopogo-1.serviceConfig.User =
lib.mkForce "grfn";
users.users.grfn.extraGroups = [ "keys" ];
age.secrets =
let
secret = name: depot.users.grfn.secrets."${name}.age";
in
{
buildkite-ssh-key = {
file = secret "buildkite-ssh-key";
group = "keys";
mode = "0440";
};
buildkite-token = {
file = secret "buildkite-token";
group = "keys";
mode = "0440";
};
};
}
|