{ config, lib, pkgs, ... }: with lib; { imports = attrValues (modulesIn ./.); nixfiles.modules = { ark.enable = true; wireguard.client.enable = true; syncthing.enable = true; openssh.server = { enable = true; port = 22; }; android.enable = true; beets.enable = true; bluetooth.enable = true; incus.enable = true; ipfs.enable = true; libvirtd.enable = true; mpd.enable = true; qutebrowser.enable = true; }; hm = { home.packages = with pkgs; [ calibre krita qolibri radeontop vial wacomtablet ]; programs = { beets.settings.directory = mkForce "/mnt/udata/music"; mpv = { profiles = let mapShaders = map (args: toString (pkgs.fetchurl args)); cfl-prediction = mapShaders [ { url = "https://raw.githubusercontent.com/Artoriuz/glsl-chroma-from-luma-prediction/471c65dd3915d39e7ef69957ab63e006125fbb88/CfL_Prediction.glsl"; sha256 = "sha256-Mgb1KqF1EPPzR3SCVr9S4XzVmZkYEEFIHSp59RZ9wq8="; } ]; ravu-lite-ar-r4 = mapShaders [ { url = "https://raw.githubusercontent.com/bjin/mpv-prescalers/b3f0a59d68f33b7162051ea5970a5169558f0ea2/compute/ravu-lite-ar-r4.hook"; sha256 = "sha256-gyBAv/Sf75CobVUugeTOhy54B9z8iIoJSJgnLopfMsY="; } ]; ssimdownscaler = mapShaders [ { url = "https://gist.githubusercontent.com/igv/36508af3ffc84410fe39761d6969be10/raw/575d13567bbe3caa778310bd3b2a4c516c445039/SSimDownscaler.glsl"; sha256 = "sha256-AEq2wv/Nxo9g6Y5e4I9aIin0plTcMqBG43FuOxbnR1w="; } ]; in { # TODO Fix profile conditionals. "qhd-downscale" = { dscale = "lanczos"; linear-downscaling = false; glsl-shaders-append = ssimdownscaler; }; "qhd-upscale" = { glsl-shaders-append = cfl-prediction ++ ravu-lite-ar-r4; }; }; config = { profile = "gpu-hq"; vo = "gpu-next"; gpu-api = "vulkan"; hwdec = "auto"; deband = true; deband-iterations = 4; deband-threshold = 35; deband-range = 16; deband-grain = 5; temporal-dither = true; dither-depth = "auto"; dither = "fruit"; interpolation = true; video-sync = "display-resample"; tscale = "oversample"; target-prim = "auto"; target-trc = "auto"; vf = "format=colorlevels=full:colormatrix=auto"; video-output-levels = "full"; glsl-shaders-append = map (text: toString (pkgs.writeText "shader.hook" text)) [ '' //!HOOK LUMA //!BIND HOOKED #define STRENGTH 48.0 float mod289(float x) { return x - floor(x / 289.0) * 289.0; } float permute(float x) { return mod289((34.0*x + 1.0) * x); } float rand(float x) { return fract(x / 41.0); } vec4 hook() { vec3 _m = vec3(HOOKED_pos, 1.0) + vec3(1.0); float h = permute(permute(permute(_m.x)+_m.y)+_m.z); vec4 noise; noise.x = rand(h); return HOOKED_tex(HOOKED_pos) + vec4(STRENGTH/8192.0) * (noise - 0.5); } '' '' //!HOOK CHROMA //!BIND HOOKED #define STRENGTH 48.0 float mod289(float x) { return x - floor(x / 289.0) * 289.0; } float permute(float x) { return mod289((34.0*x + 1.0) * x); } float rand(float x) { return fract(x / 41.0); } vec4 hook() { vec3 _m = vec3(HOOKED_pos, 0.5) + vec3(1.0); float h = permute(permute(permute(_m.x)+_m.y)+_m.z); vec4 noise; noise.x = rand(h); h = permute(h); noise.y = rand(h); return HOOKED_tex(HOOKED_pos) + vec4(STRENGTH/8192.0) * (noise - 0.5); } '' ]; }; }; }; services = { mpd.musicDirectory = mkForce "/mnt/udata/music"; xsettingsd.settings."Xft/DPI" = "93"; }; }; services = { smartd = { enable = true; notifications.mail = { enable = true; sender = "admin+smartd@${my.domain.shire}"; recipient = "admin+smartd@${my.domain.shire}"; }; }; openssh.settings = { KbdInteractiveAuthentication = mkForce true; PasswordAuthentication = mkForce true; }; udev.packages = with pkgs; [ vial ]; xserver.wacom.enable = true; }; nix.settings = { max-jobs = 8; cores = 30; }; # Required[1] for using ZFS kernel modules with "unsupported" kernels. # # [1]: https://github.com/NixOS/nixpkgs/pull/121113#issuecomment-830003344 # [1]: https://github.com/NixOS/nixpkgs/pull/230498#issuecomment-1551328615 nixpkgs.config.allowBroken = true; boot = { kernelPackages = pkgs.linuxPackages_xanmod_latest; kernelParams = [ # Silence benign MCE errors: # ``` # mce: [Hardware Error]: CPU 1: Machine Check: 0 Bank 29: ffffffffffffffff # mce: [Hardware Error]: TSC 0 MISC ff1fffffffffffff SYND ffffffffffffffff IPID ffffffffffffffff # mce: [Hardware Error]: PROCESSOR 2:a60f12 TIME 1669988017 SOCKET 0 APIC 2 microcode a601201 # ``` "mce=nobootlog" # This disables[1] User Mode Instruction Protection (UMIP)[2]. This is # required for some games to run via Wine. # # [1]: https://docs.kernel.org/x86/cpuinfo.html # [2]: https://en.wikichip.org/wiki/x86/umip "clearcpuid=514" ]; # https://wiki.archlinux.org/title/improving_performance#Watchdogs blacklistedKernelModules = [ "sp5100_tco" ]; # The boot drive is Samsung SSD 980 PRO 2TB. initrd.kernelModules = [ "nvme" ]; # These pools were configured manually with a specific mountpoint. zfs.extraPools = [ "udata" "vdata" ]; }; # Filesystem creation: # ``` # mkfs.vfat -F 32 -l nixos-boot /dev/nvmeXnYpZ # # zpool create # -o ashift=12 # -o autotrim=on # -O acltype=posixacl # -O xattr=sa # -O compression=zstd # -O mountpoint=none # nixos # /dev/nvmeXnYpZ # # zfs create # nixos/root # # zfs create # -o encryption=aes-256-gcm # -o keyformat=passphrase # -o mountpoint=legacy # nixos/root/ark # # zfs create # -o mountpoint=legacy # nixos/root/nix # ``` # # physical structure (backside): # [ 1 ] [ 2 ] [ 3 ] # 1: disk/by-id/ata-WDC_WD20SPZX-22UA7T0_WD-WXP2E3163YW6 # 2: disk/by-id/ata-WDC_WD20SPZX-22UA7T0_WD-WXN2E312R5HP # 3: disk/by-id/ata-WDC_WD20SPZX-22UA7T0_WD-WXP2E311E6P2 # # physical structure (mobo M.2): # [ 1 ] # [ 2 ] # 1: disk/by-id/nvme-Samsung_SSD_980_PRO_2TB_S69ENF0R872526A # 2: disk/by-id/nvme-Samsung_SSD_980_PRO_2TB_S69ENX0T807723X fileSystems = { "/" = { device = "none"; fsType = "tmpfs"; options = [ "size=8G" "mode=755" ]; }; "/boot" = { device = "/dev/disk/by-uuid/1363-02E6"; fsType = "vfat"; }; "/nix" = { device = "nixos/root/nix"; fsType = "zfs"; options = [ "noatime" ]; }; ${config.ark.path} = { device = "nixos/root/ark"; fsType = "zfs"; neededForBoot = true; # Required by impermanence. }; # Required[1] when using impermanence with agenix. Filesystem itself is # defined as an `ark.directory` in `nixos/common/users.nix`. # # [1]: https://github.com/ryantm/agenix/issues/45#issuecomment-847852593 # [1]: https://github.com/nix-community/impermanence/issues/22 # [1]: https://github.com/NixOS/nixpkgs/pull/86967#pullrequestreview-667929259 "/home/${my.username}".neededForBoot = true; }; zramSwap = { enable = true; memoryPercent = 25; }; users = { users.builder = { isSystemUser = true; group = "builder"; openssh.authorizedKeys.keys = [ "ssh-ed25519 @PUBLIC_KEY@ root@ilmare" ]; useDefaultShell = true; }; groups.builder = { }; }; nix.settings.trusted-users = [ "builder" ]; }