notgne2/nixfiles
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
38abb9b673
nixfiles/modules/workstation.nix
notgne2 38abb9b673
add user to kvm group
2022-05-15 05:18:21 -07:00

258 lines
6.8 KiB
Nix
Raw Blame History

{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.workstation;
in
{
options.workstation = {
enable = mkEnableOption "make my computer work";
user = mkOption {
type = types.str;
description = "The main user of this PC";
};
battery = mkOption {
type = types.bool;
default = false;
description = "If this device has a battery";
};
};
config = mkIf cfg.enable {
services.avahi = {
enable = lib.mkDefault true;
nssmdns = lib.mkDefault true;
};
services.flatpak.enable = lib.mkDefault true;
services.ezpw.enable = lib.mkDefault true;
security.pam.services = {
swaylock.text = ''
auth include login
'';
};
services.thermald.enable = lib.mkDefault true;
boot.kernelParams = lib.optionals cfg.battery [ "iwlwifi.uapsd_disable=0" "iwlmvm.power_scheme=3" "iwldvm.force_cam=0" "snd_hda_intel.power_save=1" "snd_ac97_codec.power_save=1" ];
# Don't kill the battery
services.upower = {
enable = lib.mkDefault true;
percentageLow = lib.mkDefault 15;
percentageCritical = lib.mkDefault 10;
percentageAction = lib.mkDefault 5;
};
# Make battery usage sane
services.tlp = {
enable = lib.mkDefault cfg.battery;
settings = {
PCIE_ASPM_ON_BAT = lib.mkDefault "powersupersave";
PCIE_ASPM_ON_AC = lib.mkDefault "default";
PLATFORM_PROFILE_ON_BAT = lib.mkDefault "low-power";
PLATFORM_PROFILE_ON_AC = lib.mkDefault "performance";
CPU_SCALING_GOVERNOR_ON_BAT = lib.mkOverride 900 "powersave";
CPU_SCALING_GOVERNOR_ON_AC = lib.mkOverride 900 "performance";
CPU_ENERGY_PERF_POLICY_ON_BAT = lib.mkDefault "power";
CPU_ENERGY_PERF_POLICY_ON_AC = lib.mkDefault "performance";
CPU_BOOST_ON_BAT = lib.mkDefault 0;
CPU_BOOST_ON_AC = lib.mkDefault 1;
CPU_HWP_DYN_BOOST_ON_BAT = lib.mkDefault 0;
CPU_HWP_DYN_BOOST_ON_AC = lib.mkDefault 1;
SCHED_POWERSAVE_ON_BAT = lib.mkDefault 1;
SCHED_POWERSAVE_ON_AC = lib.mkDefault 0;
CPU_MAX_PERF_ON_BAT = lib.mkDefault 30;
CPU_MAX_PERF_ON_AC = lib.mkDefault 100;
CPU_SCALING_MIN_FREQ_ON_BAT = lib.mkDefault 0;
CPU_SCALING_MIN_FREQ_ON_AC = lib.mkDefault 0;
CPU_SCALING_MAX_FREQ_ON_BAT = lib.mkDefault 9999999;
CPU_SCALING_MAX_FREQ_ON_AC = lib.mkDefault 9999999;
};
};
# Video support
hardware.opengl = {
enable = lib.mkDefault true;
# Fix steam
driSupport32Bit = lib.mkDefault true;
# Other drivers
extraPackages = with pkgs; [
intel-media-driver
vaapiIntel
vaapiVdpau
libvdpau-va-gl
libGL
mesa
];
setLdLibraryPath = lib.mkDefault true;
};
# Support for steam hardware
hardware.steam-hardware.enable = lib.mkDefault true;
# Needed for lots of controller stuff
hardware.uinput.enable = lib.mkDefault true;
# Allows realtime stuff, useful for games, audio etc
services.udev.extraRules = ''
KERNEL=="rtc0", GROUP="users"
KERNEL=="hpet", GROUP="users"
'';
# Allows more open files, useful for sync software and some other stuff
systemd.extraConfig = "DefaultLimitNOFILE=1048576";
security.pam.loginLimits = [
# Allows more open files, useful for sync software and some other stuff
{
domain = "*";
type = "soft";
item = "nofile";
value = "1048576";
}
{
domain = "*";
type = "hard";
item = "nofile";
value = "1048576";
}
# Allows more locked memory, useful for emulators, some games, etc
{
domain = "@users";
type = "-";
item = "memlock";
value = "unlimited";
}
# Allows greater realtime priority, useful for audio, emulators, games, etc
{
domain = "@users";
type = "-";
item = "rtprio";
value = "90";
}
# Allow becoming less nice, useful for audio, emulators, games, etc
{
domain = "@users";
type = "-";
item = "nice";
value = "-15";
}
];
# the user should have some basic permissions lol
users.users."${cfg.user}" = {
extraGroups = [ "adbusers" "audio" "video" "libvirtd" "kvm" "sway" "wheel" "networkmanager" "docker" "input" "uinput" ];
subUidRanges = [
{
startUid = 100000;
count = 65536;
}
];
subGidRanges = [
{
startGid = 100000;
count = 65536;
}
];
};
# brightness
programs.light.enable = lib.mkDefault true;
# make fonts not fucked up
fonts.fontconfig.enable = lib.mkDefault true;
fonts.enableDefaultFonts = lib.mkDefault true;
# Important for steam
fonts.fontconfig.cache32Bit = lib.mkDefault true;
services.xserver = {
libinput = {
enable = lib.mkDefault true;
mouse.accelProfile = lib.mkDefault "flat";
touchpad.accelProfile = lib.mkDefault "flat";
};
dpi = lib.mkDefault 96;
layout = lib.mkDefault "us";
};
# this helps with some compatibility
hardware.pulseaudio.daemon.config = {
"default-sample-rate" = lib.mkDefault "48000";
};
networking.networkmanager.wifi.macAddress = lib.mkDefault "random";
networking.networkmanager.wifi.scanRandMacAddress = lib.mkDefault true;
networking.firewall.allowedUDPPortRanges = [
# Used for chromecast bullshit
{
from = 32768;
to = 60999;
}
# Steam remote play
{
from = 27031;
to = 27036;
}
];
networking.firewall.allowedTCPPorts = [
# Steam remote play
27036
# Sunshine/moonlight streaming
47984
47989
48010
];
networking.firewall.allowedUDPPorts = [
# Used for upnp or something?
1900
# Sunshine/moonlight streaming
47998
47999
48000
48002
48010
];
# Shit breaks without this lol
programs.dconf.enable = lib.mkDefault true;
services.dbus.packages = with pkgs; [ dconf ];
# better default swap
boot.kernel.sysctl = { "vm.swappiness" = lib.mkDefault 45; };
# self explanatory
fuckingprint.enable = lib.mkDefault true;
# Pulseaudio is off by defaultm but if you want it, make it work right
hardware.pulseaudio.support32Bit = lib.mkDefault true;
hardware.pulseaudio.zeroconf.discovery.enable = lib.mkDefault true;
hardware.pulseaudio.package = lib.mkDefault pkgs.pulseaudioFull;
hardware.pulseaudio.extraModules = [ pkgs.pulseaudio-modules-bt ];
hardware.pulseaudio.extraConfig = ''
load-module module-dbus-protocol
'';
# bluetooth
hardware.bluetooth.enable = lib.mkDefault true;
hardware.bluetooth.settings.General.Enable = lib.mkDefault "Source,Sink,Media,Socket";
};
}
Reference in New Issue View Git Blame Copy Permalink