-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathflake.nix
120 lines (100 loc) · 3.69 KB
/
flake.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
{
description = "Base nixos configuration";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05";
# To successfully flash the firmware of the onboard fingerprint reader on
# Ryzen 7040 framework laptops, we need version 1.9.7 of fwupd. See
# https://knowledgebase.frame.work/en_us/updating-fingerprint-reader-firmware-on-linux-for-13th-gen-and-amd-ryzen-7040-series-laptops-HJrvxv_za
# for more info.
nixpkgs-old-fwupd.url =
"github:NixOS/nixpkgs/a845c1b2d62614f80de711d7cecbd0688c53429e";
home-manager = {
url = "github:nix-community/home-manager/release-24.05";
# The `follows` keyword in inputs is used for inheritance.
# Here, `inputs.nixpkgs` of home-manager is kept consistent with
# the `inputs.nixpkgs` of the current flake,
# to avoid problems caused by different versions of nixpkgs.
inputs.nixpkgs.follows = "nixpkgs";
};
# Hardware quirks
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
};
outputs = { self, nixpkgs, ... }@inputs: {
nixosModules.default = { lib, pkgs, ... }:
let
fwupd-old =
(import inputs.nixpkgs-old-fwupd { system = pkgs.system; }).fwupd;
awsudo = pkgs.writeShellScriptBin "awsudo" ''
exec ${pkgs.aws-vault}/bin/aws-vault exec \
--duration="''${SUDO_DURATION:-1h}" "''${SUDO_ROLE:-sudo}" -- "$@"
'';
in {
# Default settings
boot.loader.systemd-boot.enable = true;
boot.loader.systemd-boot.memtest86.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
networking.networkmanager.enable = true;
# Bit of an assumption, but overridable
i18n.defaultLocale = lib.mkDefault "en_US.UTF-8";
# Enable firmware upgrade and fingerprint services
services.fwupd = {
enable = true;
package = fwupd-old;
};
services.fprintd.enable = true;
# We want graphics!
services.xserver = {
enable = true;
layout = lib.mkDefault "us";
xkbVariant = lib.mkDefault "";
videoDrivers = [ "amdgpu" ];
};
# Try the amdvlk driver
hardware.opengl.extraPackages = [ pkgs.amdvlk ];
# Setup gnome, may want to make this configurable
services.xserver.displayManager.gdm.enable = true;
services.xserver.desktopManager.gnome.enable = true;
# Printing is always nice
services.printing.enable = true;
# Sound, too
# sound.enable = true;
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
};
environment.systemPackages = with pkgs; [
# General tooling
git
vim # I mean, it's better than nano
# Nix related tools
nixfmt
niv
nix-tree
comma
cachix
# AWS related tooling
awscli2
aws-vault
awsudo
];
# We use tailscale!
services.tailscale = {
enable = true;
useRoutingFeatures = "client";
};
nix.settings = {
experimental-features = [ "nix-command" "flakes" ];
substituters = [ "https://cache.nixos.org" "https://nri.cachix.org" ];
trusted-public-keys =
[ "nri.cachix.org-1:9/BMj3Obc+uio3O5rYGT+egHzkBzDunAzlZZfhCGj6o=" ];
};
};
# Module for 13-inch Ryzen 7040 framework hardware quirks
nixosModules.framework-13-7040-amd =
inputs.nixos-hardware.nixosModules.framework-13-7040-amd;
};
}