Added system3

config/hardware/system3.nix

@@ -0,0 +1,134 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+let
+
+in {
+  imports = [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix> ];
+
+  system.stateVersion = "21.05";
+
+  boot = {
+    loader = {
+      systemd-boot.enable = true;
+      efi.canTouchEfiVariables = true;
+    };
+
+    initrd = {
+      availableKernelModules =
+        [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
+      kernelModules = [ "amdgpu" ];
+    };
+
+    kernelModules = [ "kvm-amd" ];
+    supportedFilesystems = [ "zfs" ];
+    kernelPackages = pkgs.linuxPackages_latest;
+
+    zfs.enableUnstable = true;
+
+    # kernelPatches = [{
+    #   name = "big-navi";
+    #   patch = null;
+    #   extraConfig = ''
+    #     DRM_AMD_DC_DCN3_0 y
+    #     DRM_AMD_DC_DCN y
+    #   '';
+    # }];
+  };
+
+  fileSystems = {
+    "/boot" = {
+      device = "/dev/disk/by-label/SYS3-BOOT";
+      fsType = "vfat";
+      options = [ "noexec" ];
+    };
+
+    "/" = {
+      device = "system3-root";
+      fsType = "tmpfs";
+      options = [ "mode=755" ];
+    };
+
+    "/nix" = {
+      device = "system3/transient/nix";
+      fsType = "zfs";
+    };
+
+    "/var/log" = {
+      device = "system3/transient/logs";
+      fsType = "zfs";
+      neededForBoot = true;
+      options = [ "noexec" ];
+    };
+
+    "/state" = {
+      device = "system3/persistent/state";
+      fsType = "zfs";
+    };
+
+    "/home" = {
+      device = "system3/persistent/home";
+      fsType = "zfs";
+    };
+  };
+
+  swapDevices = [{ device = "/dev/disk/by-label/system3-swap"; }];
+
+  hardware = {
+    bluetooth.enable = true;
+
+    cpu.amd.updateMicrocode = true;
+
+    opengl = {
+      driSupport = true;
+      driSupport32Bit = true;
+      extraPackages = with pkgs; [
+        rocm-opencl-icd
+        rocm-opencl-runtime
+        amdvlk
+        driversi686Linux.amdvlk
+      ];
+      setLdLibraryPath = true;
+    };
+
+    pulseaudio = {
+      support32Bit = true;
+      package = pkgs.pulseaudioFull;
+    };
+
+    enableRedistributableFirmware = true;
+  };
+
+  services = {
+    xserver.videoDrivers = [ "amdgpu" ];
+
+    compton.backend = "xrender";
+  };
+
+  networking = {
+    hostId = substring 0 8 (fileContents /etc/machine-id);
+
+    useDHCP = false;
+
+    macvlans = {
+      intif0 = {
+        interface = "enp6s0";
+        mode = "bridge";
+      };
+    };
+
+    interfaces = {
+      intif0 = {
+        # output of: echo lambda-intif0|md5sum|sed 's/^\(..\)\(..\)\(..\)\(..\)\(..\).*$/02:\1:\2:\3:\4:\5/'
+        macAddress = "02:0d:df:2d:46:90";
+      };
+    };
+  };
+
+  systemd.targets = {
+    sleep.enable = false;
+    suspend.enable = false;
+    hibernate.enable = false;
+    hybrid-sleep.enable = false;
+  };
+}

config/hardware/zbox.nix

@@ -1,9 +1,7 @@
 { config, lib, pkgs, ... }:
 
 {
-  imports =
+  imports = [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix> ];
-    [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
-    ];
 
   boot = {
     loader = {
@@ -18,19 +16,17 @@
     extraModulePackages = [ ];
   };
 
-  fileSystems."/" =
+  fileSystems."/" = {
-    { device = "/dev/disk/by-label/zbox-root";
+    device = "/dev/disk/by-label/zbox-root";
-      fsType = "btrfs";
+    fsType = "btrfs";
-    };
+  };
 
-  fileSystems."/boot" =
+  fileSystems."/boot" = {
-    { device = "/dev/disk/by-label/BOOT";
+    device = "/dev/disk/by-label/BOOT";
-      fsType = "vfat";
+    fsType = "vfat";
-    };
+  };
 
-  swapDevices =
+  swapDevices = [{ device = "/dev/disk/by-label/zbox-swap"; }];
-    [ { device = "/dev/disk/by-label/zbox-swap"; }
-    ];
 
   hardware = {
     bluetooth.enable = true;
@@ -44,7 +40,10 @@
       # extraPackages32 = with pkgs.i686Linux; [ libva ];
     };
 
-    pulseaudio.support32Bit = true;
+    pulseaudio = {
+      support32Bit = true;
+      package = pkgs.pulseaudioFull;
+    };
   };
 
   networking = {

config/host-config/system3.nix

@@ -0,0 +1,68 @@
+{ config, lib, pkgs, ... }:
+
+let state-dir = "/state";
+in {
+  fudo.slynk.enable = true;
+
+  environment.systemPackages = with pkgs; [ opencv-java ];
+
+  networking = { interfaces = { intif0 = { useDHCP = true; }; }; };
+
+  systemd.tmpfiles.rules = [
+    "L /root/.gnupg           - - - - ${state-dir}/user/root/gnupg"
+    "L /root/.ssh/id_rsa      - - - - ${state-dir}/user/root/ssh/id_rsa"
+    "L /root/.ssh/id_rsa.pub  - - - - ${state-dir}/user/root/ssh/id_rsa.pub"
+    "L /root/.ssh/known_hosts - - - - ${state-dir}/user/root/ssh/known_hosts"
+    "L /var/lib/flatpak       - - - - ${state-dir}/lib/flatpak"
+  ];
+
+  services.openssh.hostKeys = [
+    {
+      path = "${state-dir}/ssh/ssh_host_rsa_key";
+      type = "rsa";
+      bits = 4096;
+    }
+    {
+      path = "${state-dir}/ssh/ssh_host_ed25519_key";
+      type = "ed25519";
+      bits = 4096;
+    }
+  ];
+
+  environment.etc = {
+    "ssh/ssh_host_rsa_key" = {
+      source = "${state-dir}/ssh/ssh_host_rsa_key";
+      user = "root";
+      group = "root";
+      mode = "0400";
+    };
+    "ssh/ssh_host_rsa_key.pub" = {
+      source = "${state-dir}/ssh/ssh_host_rsa_key.pub";
+      user = "root";
+      group = "root";
+      mode = "0444";
+    };
+    "ssh/ssh_host_ed25519_key" = {
+      source = "${state-dir}/ssh/ssh_host_ed25519_key";
+      user = "root";
+      group = "root";
+      mode = "0400";
+    };
+    "ssh/ssh_host_ed25519_key.pub" = {
+      source = "${state-dir}/ssh/ssh_host_ed25519_key.pub";
+      user = "root";
+      group = "root";
+      mode = "0444";
+    };
+    nixos.source = "/etc/nixos-live";
+    "machine-id".source = "${state-dir}/host/machine-id";
+    "host-config.nix".source = "${state-dir}/host/host-config.nix";
+    adjtime.source = "${state-dir}/host/adjtime";
+    NIXOS.source = "${state-dir}/host/NIXOS";
+  };
+
+  security.sudo.extraConfig = ''
+    # Due to rollback, sudo will lecture after every reboot
+    Defaults lecture = never
+  '';
+}

config/hosts/system3.nix

@@ -0,0 +1,17 @@
+{
+  description = "Niten's gaming desktop.";
+  ssh-fingerprints = [
+    "1 1 c1bec5217880c0567f23414663d59804cf5c0fe4"
+    "1 2 bb4e479f14591dc230141e0d87b1a0fd1bdee52ad369a83188714100476c26f6"
+    "4 1 c1c2c74c3e2bb214f59b51a6a02452fe2e1658ea"
+    "4 2 897793ada12accb15231732a4c6e4ea34f1cd88d13ee9f3fc0b74a40d588b36c"
+  ];
+  rp = "niten";
+  admin-email = "niten@fudo.org";
+  enable-gui = true;
+  ssh-pubkey =
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEb/+VMOdBavfZxZOto/qa7Xy0T1nJdd7X52nPJdfB1k";
+  profile = "desktop";
+  domain = "sea.fudo.org";
+  site = "seattle";
+}

config/networks/sea.fudo.org.nix

@@ -139,6 +139,10 @@ in {
       ipv4-address = "10.0.0.110";
       mac-address = "02:DD:80:52:83:9B";
     };
+    system3 = {
+      ipv4-address = "10.0.0.111";
+      mac-address = "02:0d:df:2d:46:90";
+    };
     ubiquiti-wifi = {
       ipv4-address = "10.0.0.126";
       mac-address = "04:18:d6:20:48:fb";

flake.nix

@@ -12,20 +12,22 @@ in {
 
   outputs = { nixpkgs, home-manager, ... }:
     let
+      hosts-path = ./config/hosts;
       lib = nixpkgs.lib;
       is-nix-file = filename: type: (builtins.match ".+.nix$" filename) != null;
       is-regular-file = filename: type: type == "regular" || type == "link";
       hostname-from-file = filename:
         builtins.replaceStrings [ ".nix" ] [ "" ] filename;
       hosts = map hostname-from-file (lib.attrNames (lib.filterAttrs is-nix-file
-        (lib.filterAttrs is-regular-file (builtins.readDir ./config/hosts))));
+        (lib.filterAttrs is-regular-file (builtins.readDir hosts-path))));
 
       pkgs = import nixpkgs { };
 
     in {
-      nixConfigurations = lib.mapAttrs (hostname: hostOpts:
+      nixConfigurations = lib.mapAttrs (hostname:
-        lib.nixosSystem {
+        let hostOpts = import hosts-path + "/${hostname}.nix";
-          system = hostOpts.architecture;
+        in lib.nixosSystem {
+          system = hostOpts.platform;
           modules = [
             (import ./initialize.nix {
               hostname = hostname;

home-manager/niten.nix

@@ -5,36 +5,36 @@ let
   name = "Niten";
   email = "niten@fudo.org";
 
-  # doom-emacs-config = pkgs.fetchgit {
+  doom-emacs-config = pkgs.fetchgit {
-  #   url = "https://git.fudo.org/niten/doom-emacs.git";
+    url = "https://git.fudo.org/niten/doom-emacs.git";
-  #   rev = "6fdc2b5d0d97e49b59e1fc06cf7930b4e488e70b";
+    rev = "0ab1532c856ccdb6ce46c5948054279f439eb1f2";
-  #   sha256 = "06zj8r000m8bjfpgwljaz5s563xg6cfva85i75ianh97209p1j0a";
+    sha256 = "06mh74i5hmb15xid7w31wjc4v339cgddd667bpaphqnw666sm08h";
-  # };
+  };
 
-  # doom-emacs = pkgs.callPackage (pkgs.fetchgit {
+  doom-emacs = pkgs.callPackage (pkgs.fetchgit {
-  #   url = "https://github.com/vlaci/nix-doom-emacs.git";
+    url = "https://github.com/vlaci/nix-doom-emacs.git";
-  #   rev = "fee14d217b7a911aad507679dafbeaa8c1ebf5ff";
+    rev = "fee14d217b7a911aad507679dafbeaa8c1ebf5ff";
-  #   sha256 = "1g0izscjh5nv4n0n1m58jc6z27i9pkbxs17mnb05a83ffdbmmva6";
+    sha256 = "1g0izscjh5nv4n0n1m58jc6z27i9pkbxs17mnb05a83ffdbmmva6";
-  # }) {
+  }) {
-  #   doomPrivateDir = "${pkgs.doom-emacs-config}";
+    doomPrivateDir = "${pkgs.doom-emacs-config}";
-  #   extraPackages = with pkgs.emacsPackages; [ elpher use-package ];
+    extraPackages = with pkgs.emacsPackages; [ elpher use-package ];
-  #   emacsPackagesOverlay = self: super: {
+    emacsPackagesOverlay = self: super: {
-  #     irony = super.irony.overrideAttrs (esuper: {
+      irony = super.irony.overrideAttrs (esuper: {
-  #       buildInputs = esuper.buildInputs
+        buildInputs = esuper.buildInputs
-  #         ++ [ pkgs.cmake pkgs.libclang pkgs.clang ];
+          ++ [ pkgs.cmake pkgs.libclang pkgs.clang ];
-  #     });
+      });
-  #     spinner = let version = "1.7.4";
+      spinner = let version = "1.7.4";
-  #     in pkgs.emacsPackages.trivialBuild {
+      in pkgs.emacsPackages.trivialBuild {
-  #       inherit version;
+        inherit version;
-  #       pname = "spinner";
+        pname = "spinner";
-  #       src = builtins.fetchTarball {
+        src = builtins.fetchTarball {
-  #         url = "https://elpa.gnu.org/packages/spinner-${version}.tar";
+          url = "https://elpa.gnu.org/packages/spinner-${version}.tar";
-  #         sha256 = "1jj40d68lmz91ynzwqg0jqdjpa9cn5md1hmvjfhy0cr3l16qpfw5";
+          sha256 = "1jj40d68lmz91ynzwqg0jqdjpa9cn5md1hmvjfhy0cr3l16qpfw5";
-  #       };
+        };
-  #       buildPhase = ":";
+        buildPhase = ":";
-  #     };
+      };
-  #   };
+    };
-  # };
+  };
 
   gui-packages = with pkgs;
     let
@@ -51,6 +51,9 @@ let
       spotify
       # steam-with-pipewire
       # steam-with-pipewire.run
+      # steamPackages.steamcmd
+      # steamPackages.steam-fonts
+      # steamPackages.steam-runtime
       xclip
     ];
 
@@ -68,7 +71,7 @@ let
     clj2nix
     cmake
     curl
-    # doom-emacs
+    doom-emacs
     # doom-emacs-config
     # doomEmacsInit
     enca
@@ -155,7 +158,7 @@ in {
   services = {
     emacs = {
       enable = true;
-      # package = doom-emacs;
+      package = doom-emacs;
       client = {
         enable = true;
         arguments = [ "-t" ];
@@ -203,6 +206,8 @@ in {
       # EDITOR = "${doom-emacs}/bin/emacsclient -t";
       ALTERNATE_EDITOR = "";
 
+      DOOM_EMACS_SITE_PATH = "${doom-emacs-config}/site.d";
+
       HISTCONTROL = "ignoredups:ignorespace";
     };
   };

nixops/seattle.nix

@@ -11,10 +11,11 @@ in {
     enableRollback = true;
   };
 
-  limina = define-host "10.0.0.1" "limina";
   lambda = define-host "10.0.0.11" "lambda";
+  limina = define-host "10.0.0.1" "limina";
   nostromo = define-host "10.0.0.10" "nostromo";
   plato = define-host "10.0.0.21" "plato";
   spark = define-host "10.0.0.108" "spark";
+  system3 = define-host "10.0.0.111" "system3";
   zbox = define-host "10.0.0.110" "zbox";
 }