{ pkgs, lib, config, inputs, ... }: { imports = [ inputs.flatpak.nixosModules.nix-flatpak ./hardware.nix ./disko.nix ]; bosun = { profiles = { graphical.enable = true; docker.enable = true; work.enable = true; }; #quirks = ["avahi" "docker" "nix-ld"]; key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPjqieS4GkYAa1WRYZpxjgYsj7VGZ9U+rTFCkX8M0umD"; }; networking = { firewall.enable = false; interfaces.eno1.wakeOnLan.enable = true; }; # Nomad client-only (no server) — joins the cluster for GPU/compute tasks services.nomad = { enable = true; dropPrivileges = false; extraSettingsPaths = [ (builtins.toFile "docker-plugin.hcl" '' plugin "docker" { config { volumes { enabled = true } } } '') ]; settings = { datacenter = "home"; bind_addr = "{{ GetInterfaceIP \"tailscale0\" }}"; addresses = { http = "0.0.0.0"; }; advertise = { http = "{{ GetInterfaceIP \"tailscale0\" }}"; rpc = "{{ GetInterfaceIP \"tailscale0\" }}"; serf = "{{ GetInterfaceIP \"tailscale0\" }}"; }; client = { enabled = true; servers = ["alvin" "fram" "great-western"]; node_class = "workstation"; meta = { has_gpu = "true"; has_display = "true"; location = "local"; }; }; }; }; # Make nomad CLI work with Tailscale-bound API environment.etc."profile.d/nomad.sh".text = '' export NOMAD_ADDR="http://$(tailscale ip -4):4646" ''; programs = { weylus.users = ["toph"]; gnupg.agent = { enable = true; pinentryPackage = pkgs.pinentry-gtk2; enableSSHSupport = true; }; dconf.enable = true; steam = { enable = true; protontricks.enable = true; remotePlay.openFirewall = true; }; envision.enable = true; gamemode.enable = true; _1password.enable = true; _1password-gui = { enable = true; # Certain features, including CLI integration and system authentication support, # require enabling PolKit integration on some desktop environments (e.g. Plasma). polkitPolicyOwners = ["toph"]; }; obs-studio = { enable = true; enableVirtualCamera = true; plugins = with pkgs.obs-studio-plugins; [ wlrobs obs-vaapi obs-pipewire-audio-capture obs-backgroundremoval obs-move-transition droidcam-obs ]; }; }; services = { # ovos.enable = true; # message-bus only. remainder in hm flatpak = { enable = true; packages = [ "com.bambulab.BambuStudio" "im.riot.Riot" ]; }; hardware.openrgb.enable = true; # Bluetooth manager blueman.enable = true; udev.extraRules = '' # SpaceMouse Enterprise SUBSYSTEM=="hidraw", ATTRS{idVendor}=="256f", MODE="0666" # Thrustmaster T.Flight Rudder Pedals SUBSYSTEM=="input", ATTRS{idProduct}=="b679", ATTRS{idVendor}=="044f", MODE="0666", ENV{ID_INPUT_JOYSTICK}="1" ''; udev.packages = [pkgs.platformio-core.udev]; elements.ollama.enable = true; usbmuxd = { enable = true; package = pkgs.usbmuxd2; }; gvfs.enable = true; # Mount/trash/... tumbler.enable = true; # Thumbnail support in Thunar gnome.gnome-keyring.enable = true; # Enable CUPS to print documents. printing = { enable = true; drivers = with pkgs; [ brlaser ]; }; # Smartcard support, necessary for Yubikey logins pcscd.enable = true; }; environment = { # List packages installed in system profile. To search, run: # $ nix search wget systemPackages = with pkgs; [ # Global apps vim wget htop gnumake libnotify gtk3 openrgb-with-all-plugins # lact # GPU tuning libimobiledevice ifuse naps2 # Scanning # Oxidized coreutils uutils-coreutils-noprefix wally-cli keymapp pavucontrol nix-tree nix-output-monitor ]; # Quirky workaround for this not being set in portals for some reason sessionVariables.MOZ_ENABLE_WAYLAND = "1"; }; users.groups.pico = {}; # AMD GPU tooling # systemd.packages = [pkgs.lact]; # systemd.services.lactd.wantedBy = ["multi-user.target"]; # Blue Yeti (046d:0ab7) initializes its audio endpoints in a broken state on cold boot # because snd-usb-audio loads ~2s after the device enumerates. Toggling authorized # forces a USB rebind on a clean device, mimicking unplug/replug. systemd.services.blue-yeti-reset = { description = "Reset Blue Yeti USB mic to fix cold-boot initialization"; after = ["systemd-udev-settle.service"]; wantedBy = ["multi-user.target"]; serviceConfig = { Type = "oneshot"; ExecStart = pkgs.writeShellScript "blue-yeti-reset" '' for dev in /sys/bus/usb/devices/*/; do [ -f "$dev/idVendor" ] || continue vendor=$(cat "$dev/idVendor" 2>/dev/null) product=$(cat "$dev/idProduct" 2>/dev/null) if [ "$vendor" = "046d" ] && [ "$product" = "0ab7" ]; then echo 0 > "$dev/authorized" sleep 0.5 echo 1 > "$dev/authorized" break fi done ''; }; }; hardware = { amdgpu = { opencl.enable = true; overdrive.enable = true; }; graphics = { enable = true; enable32Bit = true; extraPackages = with pkgs; [ mesa.opencl ]; }; bluetooth = { enable = true; powerOnBoot = true; }; # SANE scanner support sane = { enable = true; extraBackends = [pkgs.brscan4]; }; # 3DConnexion support spacenavd.enable = true; # Input emulation from userspace (see weylus). uinput.enable = true; # Enable zsa keyboard (Moonlander) support. keyboard.zsa.enable = true; }; # Do not change this value! system.stateVersion = "23.05"; boot = { # Set up our bootloader loader = { efi.canTouchEfiVariables = true; grub = { enable = true; device = "nodev"; efiSupport = true; }; }; extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ]; kernelModules = ["v4l2loopback"]; extraModprobeConfig = '' options v4l2loopback devices=1 video_nr=1 card_label="OBS Cam" exclusive_caps=1 ''; }; }