72 lines
1.8 KiB
Nix
72 lines
1.8 KiB
Nix
{ config, pkgs, ... }:
|
|
{
|
|
networking.hostName = "foureighty";
|
|
nixpkgs.config.packageOverrides = pkgs: {
|
|
linux_latest_hardened = pkgs.linux_latest_hardened.override {
|
|
extraConfig = ''
|
|
IA32_EMULATION y
|
|
KVM m
|
|
KVM_INTEL m
|
|
'';
|
|
features.ia32Emulation = true;
|
|
enableParallelBuilding = true;
|
|
};
|
|
};
|
|
|
|
boot = {
|
|
kernelPackages = pkgs.linuxPackagesFor pkgs.linux_latest_hardened;
|
|
extraModulePackages = with config.boot.kernelPackages; [ wireguard ];
|
|
|
|
initrd.kernelModules = [ "i915" ];
|
|
initrd.availableKernelModules = [
|
|
"aes_x86_64"
|
|
"crypto_simd"
|
|
"aesni_intel"
|
|
"cryptd"
|
|
];
|
|
kernelParams = [
|
|
"mds=full"
|
|
];
|
|
|
|
initrd.luks.devices = [
|
|
{
|
|
name = "root";
|
|
device = "/dev/disk/by-uuid/a9e8a44f-15be-4844-a0a1-46892cc5e44e";
|
|
preLVM = true;
|
|
allowDiscards = true;
|
|
}];
|
|
loader.grub = {
|
|
device = "nodev";
|
|
efiSupport = true;
|
|
};
|
|
loader.efi.canTouchEfiVariables = true;
|
|
|
|
};
|
|
|
|
time.hardwareClockInLocalTime = true;
|
|
time.timeZone = "Europe/London";
|
|
|
|
hardware.trackpoint.enable = true;
|
|
services.hardware.bolt.enable = true;
|
|
services.fprintd = {
|
|
enable = true;
|
|
package = pkgs.fprintd-thinkpad;
|
|
};
|
|
|
|
hardware.nvidiaOptimus.disable = true;
|
|
hardware.opengl.extraPackages = [ pkgs.linuxPackages.nvidia_x11.out ];
|
|
hardware.opengl.extraPackages32 = [ pkgs.linuxPackages.nvidia_x11.lib32 pkgs.pkgsi686Linux.libva ];
|
|
hardware.opengl.driSupport32Bit = true;
|
|
hardware.pulseaudio.support32Bit = true;
|
|
|
|
imports = [
|
|
/etc/nixos/hardware-configuration.nix
|
|
../boot.nix
|
|
../common.nix
|
|
../gfx-intel.nix
|
|
../virtualbox.nix
|
|
../zerotier.nix
|
|
../i3/system.nix
|
|
];
|
|
}
|