moritz/clan
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: add moritz-laptop

Browse source
This commit is contained in:
Moritz Böhme 2025-04-19 10:29:26 +02:00
parent 086ff8fa1c
commit 9873148fcd
No known key found for this signature in database
GPG key ID: 970C6E89EB0547A9
6 changed files with 4553 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

1
flake.nix
View file

@ -100,6 +100,7 @@
inventory = { inventory = {
machines = { machines = {
moritz-desktop.tags = ["peer"]; moritz-desktop.tags = ["peer"];
moritz-laptop.tags = ["peer"];
moritz-server.tags = []; moritz-server.tags = [];
}; };
services.zerotier.default = { services.zerotier.default = {

245
machines/moritz-laptop/configuration.nix Normal file
View file

@ -0,0 +1,245 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{
pkgs,
inputs,
...
}: {
imports = [
./disko.nix
../../modules/moritz/default.nix
../../modules/shared.nix
];
time.timeZone = "Europe/Berlin";
users.users.root.openssh.authorizedKeys.keys = [
''
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDHlemuKagHwz2T5rEwgJNlVUdUdOXyPtCEzD73CrwY2zmpR4AMj7y9u3Rm7HwHUDjLap1ZFwg+53bAsVP6HFZccCXoIfO/8BL0WDGQJrfgb+A+UiRhSqSvyZ77bGJkadbBkadguz3qR3PHcb41DOlhuqVcHxsY8ceHMxAuyb0pLJVJLeytMD+CHS/r7hoj2hckTNAZ+VhCXBtdZfZ7uPUBxLfluYRNNMmdwCglsg3RUS242nJUzy3A84+CXIGeWmNG9Fu45IDkwMthxSW9klyU9R38R9DBDcugkyb6vz+JKSuRVAa47qh/kmtsYekfL3ul9D2JN32P8S+6ZoXx+gXupGJ0ltwJWAFkhLJ+yeXj9kCOv/mIUmCB14jMGsvKiSwV25O/twyjqe2LEkMVgimgrjEYoHu+ZTyp0iFtUvSrFo4tsAhfWPV9yj4F/hUksW7xKIwq5Niyx7he5M/XddudtnAximyiBDGCdJm1Ejl0UaGa6ZQv7y6VZdx0PyZuraT7l9ub8so6JlE4cVgSSU9vE0IS2QqBuHhsIjh8RVksoTR2NQbeDdGaGpGnq2C8y0rDXwE/EJA4LK45khX/GPn73n8F0kBG8dBrWgRDAEODpmebScO7d5mCeM0z3lPcRmh+3e3DPnVVOl+uR7udlc7NauLzl7q913UtxZaF1PlD7Q== cardno:15_584_308
''
];
# Set this for clan commands use ssh i.e. `clan machines update`
# If you change the hostname, you need to update this line to root@<new-hostname>
# This only works however if you have avahi running on your admin machine else use IP
clan.core.networking.targetHost = "root@moritz-laptop";
my = {
ai.enable = true;
profiles = {
desktop.enable = true;
personal.enable = true;
personal.mail = true;
personal.contacts = true;
personal.calendar = true;
impermanence.enable = true;
};
programs.aider.enable = true;
};
users.users.moritz.packages = with pkgs; [
poetry
wl-clipboard
];
home-manager.users.moritz.services.kanshi.settings = [
{
profile.name = "undocked";
profile.outputs = [
{
criteria = "eDP-1";
scale = 1.0;
}
];
}
{
profile.name = "docked-scads";
profile.outputs = [
{
criteria = "eDP-1";
position = "640,1800"; # NOTE: 2160 / 1.2 = 1800
}
{
criteria = "Dell Inc. DELL P4317Q";
scale = 1.2;
position = "0,0";
}
];
}
];
services.kanata = {
enable = true;
keyboards = {
laptop = {
devices = [
"/dev/input/by-path/platform-i8042-serio-0-event-kbd"
];
config = "
(defsrc
grv 1 2 3 4 5 6 7 8 9 0 - = bspc
tab q w e r t y u i o p [ ] \
caps a s d f g h j k l ; ' ret
lsft z x c v b n m , . / rsft
lctl lmet lalt spc ralt rctl
)
(deflayermap (default)
;; tarmak 1a
j n
n k
k e
;; tarmak 1b
h m
m h
;; tarmak 2a
b z
z x
x c
;; tarmak 2b
e f
f t
t b
;; tarmak 3
c d
d s
s r
;; tarmak 4
r p
p ;
; o
o y
y j
;; tarmak 5
u l
l i
i u
;; caps-word tap-dance
lsft (tap-dance 200 (_ (caps-word 2000) _ _))
;; change ctrl alt and meta
lctl lalt
lmet lctl
lalt (tap-dance 200 (lmet (multi lmet alt) lmet lmet))
;; hjkl layer
ralt (tap-hold 200 200 (layer-switch hjkl) (layer-while-held hjkl)) ;; tap: switch hold: switch while held
;; switch to normal keyboard layout
rctl (layer-switch normal)
)
(deflayermap (normal)
rctl (layer-switch default))
(deflayermap (hjkl)
h left
j down
k up
l right
ralt (layer-switch default))
";
};
};
};
# BOOT
boot = {
supportedFilesystems = ["zfs"];
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true;
initrd.availableKernelModules = ["rtsx_pci_sdmmc"];
};
# SERVICES
services = {
libinput.enable = true;
libinput.touchpad.disableWhileTyping = true;
printing.enable = true;
logind.lidSwitch = "hybrid-sleep";
};
# NETWORKING
networking = {
networkmanager.enable = true;
useDHCP = false;
interfaces.wlp1s0.useDHCP = true;
# interfaces.enp4s0f4u2.useDHCP = true;
};
console.keyMap = "en";
# needed for enabling hibernation
security.protectKernelImage = false;
# Powersaving
services.tlp.enable = true;
powerManagement.enable = true;
powerManagement.powertop.enable = true;
systemd = {
# Hibernare on low battery
timers.hibernate-on-low-battery = {
wantedBy = ["multi-user.target"];
timerConfig = {
OnUnitActiveSec = "120";
OnBootSec = "120";
};
};
services.hibernate-on-low-battery = let
batteryLevelSufficient = let
batteryPath = "/sys/class/power_supply/BATT";
in
pkgs.writeShellScriptBin "battery-level-sufficient" ''
test "$(cat ${batteryPath}/status)" != Discharging \
|| test "$(cat ${batteryPath}/capacity)" -ge 5
'';
in {
serviceConfig.Type = "oneshot";
onFailure = ["hibernate.target"];
script = "${batteryLevelSufficient}/bin/battery-level-sufficient";
};
services.asus-touchpad-numpad = {
description = "Activate Numpad inside the touchpad with top right corner switch";
documentation = ["https://github.com/mohamed-badaoui/asus-touchpad-numpad-driver"];
path = [pkgs.i2c-tools];
script = ''
cd ${inputs.asus-touchpad-numpad-driver}
# In the last argument here you choose your layout.
${
pkgs.python3.withPackages (ps: [ps.libevdev])
}/bin/python asus_touchpad.py m433ia
'';
# Probably needed because it fails on boot seemingly because the driver
# is not ready yet. Alternatively, you can use `sleep 3` or similar in the
# `script`.
serviceConfig = {
RestartSec = "1s";
Restart = "on-failure";
};
wantedBy = ["multi-user.target"];
};
};
# Trackpad
# i2c for https://github.com/mohamed-badaoui/asus-touchpad-numpad-driver
hardware.i2c.enable = true;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.05"; # Did you read the comment?
}

104
machines/moritz-laptop/disko.nix Normal file
View file

@ -0,0 +1,104 @@
{pkgs, ...}: {
# needed for zfs pool
networking.hostId = "9c85d185";
disko.devices = {
disk = {
main = {
type = "disk";
device = "/dev/nvme0n1";
content = {
type = "gpt";
partitions = {
ESP = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
zfs = {
size = "100%";
content = {
type = "zfs";
pool = "zroot";
};
};
};
};
};
};
zpool = {
zroot = {
type = "zpool";
rootFsOptions = {
compression = "zstd";
"com.sun:auto-snapshot" = "false";
"acltype" = "posixacl"; # NOTE: needed for systemd https://github.com/NixOS/nixpkgs/issues/16954
};
mountpoint = null;
datasets = {
encrypted = {
type = "zfs_fs";
options = {
mountpoint = "none";
encryption = "aes-256-gcm";
keyformat = "passphrase";
};
# use this to read the key during boot
postCreateHook = ''
zfs set keylocation="prompt" "zroot/$name";
'';
};
"encrypted/root" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/";
postCreateHook = "zfs snapshot zroot/encrypted/root@blank";
};
"encrypted/nix" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/nix";
};
"encrypted/persist" = {
type = "zfs_fs";
options.mountpoint = "legacy";
mountpoint = "/persist";
options."com.sun:auto-snapshot" = "true";
};
};
};
};
};
# rollback to blank
boot.initrd.systemd.services.rollback = {
description = "Rollback ZFS datasets to a pristine state";
wantedBy = [
"initrd.target"
];
after = [
"zfs-import-zroot.service"
];
before = [
"sysroot.mount"
];
path = with pkgs; [
zfs
];
unitConfig.DefaultDependencies = "no";
serviceConfig.Type = "oneshot";
script = ''
zfs rollback -r zroot/encrypted/root@blank && echo "rollback complete"
'';
};
boot.initrd.systemd.enable = true;
fileSystems."/persist".neededForBoot = true;
services.zfs = {
autoScrub.enable = true;
trim.enable = true;
autoSnapshot.enable = true;
};
}

4201
machines/moritz-laptop/facter.json Normal file
View file

File diff suppressed because it is too large Load diff

2
modules/moritz/profiles/personal_contacts.nix
View file

@ -47,7 +47,7 @@ in {
prompts.password.type = "hidden"; prompts.password.type = "hidden";
prompts.password.persist = true; prompts.password.persist = true;
share = true; share = true;
files.password.owner = "moritz"; files.password.owner = lib.mkForce "moritz";
}; };
}; };
} }

2
modules/moritz/profiles/personal_mail.nix
View file

@ -69,7 +69,7 @@ in {
prompts.password.type = "hidden"; prompts.password.type = "hidden";
prompts.password.persist = true; prompts.password.persist = true;
share = true; share = true;
files.password.owner = "moritz"; files.password.owner = lib.mkForce "moritz";
}; };
}; };
} }