# SPDX-FileCopyrightText: 2020 Luke Granger-Brown # # SPDX-License-Identifier: Apache-2.0 { depot, lib, pkgs, rebuilder, config, ... }: let inherit (depot.ops) secrets; in { imports = [ ../lib/client.nix ]; boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" ]; boot.kernelModules = lib.mkAfter [ "kvm-intel" ]; boot.kernelParams = [ "mitigations=off" ]; fileSystems = let zfs = device: { device = device; fsType = "zfs"; }; in { "/" = zfs "zboot/safe/root"; "/nix" = zfs "zboot/local/nix"; "/home" = zfs "tank/safe/home"; "/export" = zfs "tank/safe/export"; "/boot" = { device = "/dev/disk/by-uuid/D178-4E19"; fsType = "vfat"; }; }; # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; nix.maxJobs = lib.mkDefault 8; powerManagement.cpuFreqGovernor = lib.mkDefault "performance"; # Networking! networking = { hostName = "totoro"; # Define your hostname. domain = "lukegb.xyz"; hostId = "676c08c4"; useDHCP = false; interfaces.br-ext.useDHCP = true; bridges.br-ext.interfaces = [ "enp0s31f6" ]; }; # Virtualisation virtualisation.libvirtd = { enable = true; allowedBridges = [ "virbr0" "br-ext" ]; }; users.users.lukegb = { extraGroups = lib.mkAfter [ "libvirtd" ]; }; # NFS services.nfs.server = { enable = true; exports = '' /export 192.168.1.0/24(rw,sync,nohide,no_subtree_check,no_root_squash,wdelay,fsid=0,insecure,crossmnt) ''; }; networking.firewall.allowedTCPPorts = [ 111 2049 ]; networking.firewall.allowedUDPPorts = [ 111 2049 ]; # Distributed builds! nix.buildMachines = [ { hostName = "whitby"; system = "x86_64-linux"; maxJobs = 64; speedFactor = 2; supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ]; mandatoryFeatures = [ ]; }] ; nix.distributedBuilds = true; nix.extraOptions = '' builders-use-substitutes = true ''; system.stateVersion = "20.03"; }