infra/nix/os/devices/steveej-x13s/configuration.nix

{
  repoFlake,
  nodeFlake,
  pkgs,
  lib,
  config,
  nodeName,
  system,
  ...
}:
{
  nixpkgs.overlays = [ nodeFlake.overlays.default ];

  nixos-x13s = {
    enable = true;
    # TODO: use hardware address
    bluetoothMac = "65:9e:7a:8b:86:28";
    kernel = "jhovold";
  };

  services.illum.enable = true;

  # printint and autodiscovery of printers
  services.printing.enable = true;
  services.printing.drivers = [ pkgs.hplip ];
  services.avahi = {
    enable = true;
    nssmdns4 = true;
    openFirewall = true;
  };
  hardware.sane.enable = true; # enables support for SANE scanners

  systemd.services.bluetooth-x13s-mac = lib.mkForce {
    enable = true;
    path = [
      pkgs.systemd
      pkgs.util-linux
      pkgs.bluez5-experimental
      pkgs.expect
    ];
    script = ''
      # TODO: this may not be required
      while ! (journalctl -b0 | grep 'Bluetooth: hci0: QCA setup on UART is completed'); do
        echo Waiting for bluetooth firmware to complete
        echo sleep 1
      done

      (
        # best effort
        set +e
        rfkill block bluetooth
        echo $?
        btmgmt public-addr ${config.nixos-x13s.bluetoothMac}
        echo $?
        rfkill unblock bluetooth
        echo $?
      )
    '';
    requiredBy = [ "bluetooth.service" ];
    before = [ "bluetooth.service" ];
    serviceConfig = {
      Type = "oneshot";
      RemainAfterExit = true;

      # we need a tty, otherwise btmgmt will hang
      StandardInput = "tty";
      TTYPath = "/dev/tty2";
      TTYReset = "yes";
      TTYVHangup = "yes";
    };
  };

  imports = [
    nodeFlake.inputs.nixos-x13s.nixosModules.default

    repoFlake.inputs.sops-nix.nixosModules.sops
    nodeFlake.inputs.disko.nixosModules.disko
    ./disko.nix

    ../../profiles/common/user.nix

    ../../snippets/nix-settings.nix
    ../../snippets/nix-settings-holo-chain.nix
    ../../snippets/mycelium.nix

    nodeFlake.inputs.extra-container.nixosModules.default
    {
      networking.nat = {
        enable = true;
        internalInterfaces = ["ve-+"];
        # externalInterface = "enu1u1u2";
        # Lazy IPv6 connectivity for the container
        # enableIPv6 = true;
      };
    }

    # TODO: broken with: v4l2loopback-0.13.2-6.13.0-rc3.drv
    # make: *** [Makefile:53: v4l2loopback.ko] Error 2
    # ../../snippets/obs-studio.nix
    {
      services.openssh.enable = true;
      services.openssh.settings.PermitRootLogin = "yes";
      services.openssh.openFirewall = true;

      sops.defaultSopsFile = ../../../../secrets/${nodeName}/secrets.yaml;
      sops.defaultSopsFormat = "yaml";

      users.commonUsers = {
        enable = true;
        enableNonRoot = true;
      };

      sops.secrets.builder-private-key = { };
      nix.distributedBuilds = true;
      nix.buildMachines = [
        # test these with: sudo nix store ping --store 'ssh-ng://nix-remote-builder@<fqdn>?ssh-key=/run/secrets/builder-private-key'
        {
          hostName = "buildbot-nix-0.infra.holochain.org";
          sshUser = "nix-remote-builder";
          sshKey = config.sops.secrets.builder-private-key.path;
          protocol = "ssh-ng";
          systems = [ "x86_64-linux" ];
          supportedFeatures = [
            "big-parallel"
            "kvm"
            "nixos-test"
          ];
          maxJobs = 16;
        }

        {
          hostName = "aarch64-linux-builder-0.infra.holochain.org";
          sshUser = "nix-remote-builder";
          sshKey = config.sops.secrets.builder-private-key.path;
          protocol = "ssh-ng";
          systems = [ "aarch64-linux" ];
          supportedFeatures = [
            "big-parallel"
            "kvm"
            "nixos-test"
          ];
          maxJobs = 8;
        }

        {
          hostName = "x64-linux-dev-01.dev.infra.holochain.org";
          sshUser = "nix-remote-builder";
          sshKey = config.sops.secrets.builder-private-key.path;
          protocol = "ssh-ng";
          systems = [
            # "x86_64-linux"
            "aarch64-linux"
          ];
          supportedFeatures = [
            "big-parallel"
            "kvm"
            "nixos-test"
          ];
          maxJobs = 0;
        }
      ];
    }

    {
      # yubikey / smartcard. only set to `true` for `ykman piv` commands.
      services.pcscd.enable = false;
    }

    # TODO: create syncthing os snippet
    (
      let
        tcp = [ 22000 ];
        udp = [
          22000
          21027
        ];
      in
      {
        # TODO: upstream feature for inverse rule to work: `! --in-interface zt+`
        networking.firewall.interfaces."en+".allowedTCPPorts = tcp;
        networking.firewall.interfaces."en+".allowedUDPPorts = udp;
        networking.firewall.interfaces."wl+".allowedTCPPorts = tcp;
        networking.firewall.interfaces."wl+".allowedUDPPorts = udp;

        networking.firewall.allowedTCPPorts = [
          # iperf3
          5201
        ];
      }
    )

    ../../snippets/home-manager-with-zsh.nix
    ../../snippets/sway-desktop.nix
    ../../snippets/bluetooth.nix
    ../../snippets/timezone.nix
    ../../snippets/radicale.nix

    ../../snippets/holo-zerotier.nix

    # ../../snippets/k3s-w-nix-snapshotter.nix
  ];

  networking.hostName = nodeName;
  networking.firewall.enable = true;
  networking.networkmanager.enable = true;

  nixpkgs.config.allowUnfree = true;

  environment.systemPackages = [
    pkgs.sshfs
    pkgs.util-linux
    pkgs.coreutils
    pkgs.vim

    pkgs.git
    pkgs.git-crypt
  ];

  system.stateVersion = "23.11";
  home-manager.users.root = _: { home.stateVersion = "23.11"; };
  home-manager.users.steveej = _: {
    home.stateVersion = "23.11";

    imports = [ ../../../home-manager/configuration/graphical-fullblown.nix ];

    nixpkgs.overlays = [ nodeFlake.overlays.default ];

    home.sessionVariables = { };

    home.packages = with pkgs; [ ];

    # TODO(upstream): currently unsupported on x13s
    services.gammastep.enable = true;
  };

  boot = {
    loader.systemd-boot.enable = true;
    loader.systemd-boot.configurationLimit = 5;

    loader.efi.canTouchEfiVariables = lib.mkForce false;
    loader.efi.efiSysMountPoint = "/boot";
    blacklistedKernelModules = [
      "wwan"
      # "qcom_soundwire"
      # "snd_soc_qcom_sdw"
      # "snd_soc_sc8280xp"
    ];
  };

  # TODO: debug this collision: collision between `/nix/store/cb32qlzc4pm6h4arw59kxqyzbvgnmx7g-b43-firmware-6.30.163.46-zstd/lib/firmware/b43/a0g0bsinitvals5.fw.zst' and `/nix/store/niffz3cf0v91y5knz0an29fwvm8amigm-b43-firmware-5.100.138-zstd/lib/firmware/b43/a0g0bsinitvals5.fw.zst'
  hardware.firmware = lib.mkBefore [
    (pkgs.runCommand "x13s-ath11k-firmware-before" { } ''
      mkdir -p $out/lib/firmware/ath11k/WCN6855/hw2.1/
      cp -v ${nodeFlake.inputs.ath11k-firmware}/WCN6855/hw2.1/{board-2,regdb}.bin $out/lib/firmware/ath11k/WCN6855/hw2.1/
      cp -v ${nodeFlake.inputs.ath11k-firmware}/WCN6855/hw2.1/1.1/WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.41/{amss,m3}.bin $out/lib/firmware/ath11k/WCN6855/hw2.1/
    '')
  ];

  # see https://linrunner.de/tlp/
  # TODO: find an equivalent to tlp that supports this machine
  services.tlp = {
    enable = false;
    settings = {
      START_CHARGE_THRESH_BAT0 = "80";
      STOP_CHARGE_THRESH_BAT0 = "85";
    };
  };

  # android on linux
  virtualisation.waydroid.enable = true;
  hardware.ledger.enable = true;

  virtualisation.containers.enable = true;
  virtualisation.podman.enable = true;

  steveej.holo-zerotier = {
    enable = true;
    autostart = false;
  };

  services.udev.packages = [ pkgs.android-udev-rules ];
  programs.adb.enable = true;

  nix.settings.sandbox = lib.mkForce "relaxed";

  systemd.user.services.wireplumber.environment.LIBCAMERA_IPA_PROXY_PATH = "${pkgs.libcamera}/libexec/libcamera";
}
WIP: x13s: install to nvme, refactor into module 2024-01-22 22:50:51 +01:00			`{`
nix fmt 2024-02-08 20:53:22 +01:00			`repoFlake,`
			`nodeFlake,`
			`pkgs,`
			`lib,`
			`config,`
			`nodeName,`
			`system,`
			`...`
feat: introduce treefmt and fmt all 2024-11-15 10:17:56 +01:00			`}:`
			`{`
			`nixpkgs.overlays = [ nodeFlake.overlays.default ];`
feat: experimental k3s + nix-snapshotter snippet 2024-06-13 16:42:55 +02:00
clean up and refactor more into OS snippets; bluetooth works on x13s 2024-01-24 00:24:04 +00:00			`nixos-x13s = {`
			`enable = true;`
			`# TODO: use hardware address`
			`bluetoothMac = "65:9e:7a:8b:86:28";`
feat,fix: cach up hostkey0 with structure changes, update x13s and config firewall 2024-03-07 22:01:03 +01:00			`kernel = "jhovold";`
clean up and refactor more into OS snippets; bluetooth works on x13s 2024-01-24 00:24:04 +00:00			`};`

shift illum serivce around and enable on x13s 2024-02-07 11:15:16 +01:00			`services.illum.enable = true;`

feat(steveej-x13s): enable cups / printing 2024-10-13 20:18:35 +02:00			`# printint and autodiscovery of printers`
			`services.printing.enable = true;`
feat: introduce treefmt and fmt all 2024-11-15 10:17:56 +01:00			`services.printing.drivers = [ pkgs.hplip ];`
feat(steveej-x13s): enable cups / printing 2024-10-13 20:18:35 +02:00			`services.avahi = {`
			`enable = true;`
			`nssmdns4 = true;`
			`openFirewall = true;`
			`};`
feat(steveej-x13s): enable scanning via sane 2024-10-14 17:44:31 +02:00			`hardware.sane.enable = true; # enables support for SANE scanners`
feat(steveej-x13s): enable cups / printing 2024-10-13 20:18:35 +02:00
steveej-x13s: use latest ath11k firmware and relax nix sandbox 2024-07-26 14:09:34 +02:00			`systemd.services.bluetooth-x13s-mac = lib.mkForce {`
clean up and refactor more into OS snippets; bluetooth works on x13s 2024-01-24 00:24:04 +00:00			`enable = true;`
			`path = [`
			`pkgs.systemd`
			`pkgs.util-linux`
			`pkgs.bluez5-experimental`
			`pkgs.expect`
			`];`
			`script = ''`
			`# TODO: this may not be required`
			`while ! (journalctl -b0 \| grep 'Bluetooth: hci0: QCA setup on UART is completed'); do`
			`echo Waiting for bluetooth firmware to complete`
			`echo sleep 1`
			`done`

			`(`
			`# best effort`
			`set +e`
			`rfkill block bluetooth`
			`echo $?`
			`btmgmt public-addr ${config.nixos-x13s.bluetoothMac}`
			`echo $?`
			`rfkill unblock bluetooth`
			`echo $?`
			`)`
			`'';`
feat: introduce treefmt and fmt all 2024-11-15 10:17:56 +01:00			`requiredBy = [ "bluetooth.service" ];`
			`before = [ "bluetooth.service" ];`
clean up and refactor more into OS snippets; bluetooth works on x13s 2024-01-24 00:24:04 +00:00			`serviceConfig = {`
			`Type = "oneshot";`
			`RemainAfterExit = true;`

			`# we need a tty, otherwise btmgmt will hang`
			`StandardInput = "tty";`
			`TTYPath = "/dev/tty2";`
			`TTYReset = "yes";`
			`TTYVHangup = "yes";`
			`};`
			`};`

WIP: x13s: install to nvme, refactor into module 2024-01-22 22:50:51 +01:00			`imports = [`
clean up and refactor more into OS snippets; bluetooth works on x13s 2024-01-24 00:24:04 +00:00			`nodeFlake.inputs.nixos-x13s.nixosModules.default`

fixup! WIP: x13s: install to nvme, refactor into module 2024-01-22 23:05:23 +01:00			`repoFlake.inputs.sops-nix.nixosModules.sops`
WIP: x13s: install to nvme, refactor into module 2024-01-22 22:50:51 +01:00			`nodeFlake.inputs.disko.nixosModules.disko`
			`./disko.nix`

feat(obs-studio): add os snippet 2024-10-08 23:46:08 +02:00			`../../profiles/common/user.nix`

clean up and refactor more into OS snippets; bluetooth works on x13s 2024-01-24 00:24:04 +00:00			`../../snippets/nix-settings.nix`
feat,fix: cach up hostkey0 with structure changes, update x13s and config firewall 2024-03-07 22:01:03 +01:00			`../../snippets/nix-settings-holo-chain.nix`
feat(bm-hostkey0): set up mycelium 2024-05-25 11:35:26 +02:00			`../../snippets/mycelium.nix`
feat(flake,stevee-x13s): bump to 24.11 2024-11-24 16:09:58 +01:00
x13s: bump nixpkgs-unstable, use signal from 3rd party flake, add extra-container 2025-02-20 10:32:17 +01:00			`nodeFlake.inputs.extra-container.nixosModules.default`
steveej-x13s: enable NAT 2025-03-29 15:49:30 +01:00			`{`
			`networking.nat = {`
			`enable = true;`
			`internalInterfaces = ["ve-+"];`
			`# externalInterface = "enu1u1u2";`
			`# Lazy IPv6 connectivity for the container`
			`# enableIPv6 = true;`
			`};`
			`}`
x13s: bump nixpkgs-unstable, use signal from 3rd party flake, add extra-container 2025-02-20 10:32:17 +01:00
chore: TODO comments 2024-12-23 14:11:34 +01:00			`# TODO: broken with: v4l2loopback-0.13.2-6.13.0-rc3.drv`
			`# make: *** [Makefile:53: v4l2loopback.ko] Error 2`
feat(flake,stevee-x13s): bump to 24.11 2024-11-24 16:09:58 +01:00			`# ../../snippets/obs-studio.nix`
WIP: x13s: install to nvme, refactor into module 2024-01-22 22:50:51 +01:00			`{`
			`services.openssh.enable = true;`
			`services.openssh.settings.PermitRootLogin = "yes";`
			`services.openssh.openFirewall = true;`

clean up and refactor more into OS snippets; bluetooth works on x13s 2024-01-24 00:24:04 +00:00			`sops.defaultSopsFile = ../../../../secrets/${nodeName}/secrets.yaml;`
			`sops.defaultSopsFormat = "yaml";`
WIP: x13s: install to nvme, refactor into module 2024-01-22 22:50:51 +01:00
update commonUsers and refactor system config 2024-01-22 22:45:42 +00:00			`users.commonUsers = {`
			`enable = true;`
			`enableNonRoot = true;`
			`};`
feat(steveej-x13s,sj-bm-hostkey0): configure buildmachine 2024-05-02 09:45:30 +02:00
feat: introduce treefmt and fmt all 2024-11-15 10:17:56 +01:00			`sops.secrets.builder-private-key = { };`
feat(steveej-x13s,sj-bm-hostkey0): configure buildmachine 2024-05-02 09:45:30 +02:00			`nix.distributedBuilds = true;`
			`nix.buildMachines = [`
feat(steveej-x13s,holo-chain): change remote builder and disable cache.holo.host 2024-10-13 20:18:56 +02:00			`# test these with: sudo nix store ping --store 'ssh-ng://nix-remote-builder@<fqdn>?ssh-key=/run/secrets/builder-private-key'`
feat(steveej-x13s,sj-bm-hostkey0): configure buildmachine 2024-05-02 09:45:30 +02:00			`{`
feat(steveej-x13s,holo-chain): change remote builder and disable cache.holo.host 2024-10-13 20:18:56 +02:00			`hostName = "buildbot-nix-0.infra.holochain.org";`
feat(steveej-x13s,sj-bm-hostkey0): configure buildmachine 2024-05-02 09:45:30 +02:00			`sshUser = "nix-remote-builder";`
			`sshKey = config.sops.secrets.builder-private-key.path;`
			`protocol = "ssh-ng";`
feat: introduce treefmt and fmt all 2024-11-15 10:17:56 +01:00			`systems = [ "x86_64-linux" ];`
feat(steveej-x13s,sj-bm-hostkey0): configure buildmachine 2024-05-02 09:45:30 +02:00			`supportedFeatures = [`
			`"big-parallel"`
			`"kvm"`
feat(steveej-x13s and treewide): get most recent libcamera with fixes 2024-11-02 22:48:20 +01:00			`"nixos-test"`
feat(steveej-x13s,sj-bm-hostkey0): configure buildmachine 2024-05-02 09:45:30 +02:00			`];`
feat(steveej-x13s,holo-chain): change remote builder and disable cache.holo.host 2024-10-13 20:18:56 +02:00			`maxJobs = 16;`
steveej-x13s: add x64-linux-dev-01 builder 2024-07-26 14:31:25 +02:00			`}`

feat(steveej-x13s and treewide): get most recent libcamera with fixes 2024-11-02 22:48:20 +01:00			`{`
			`hostName = "aarch64-linux-builder-0.infra.holochain.org";`
			`sshUser = "nix-remote-builder";`
			`sshKey = config.sops.secrets.builder-private-key.path;`
			`protocol = "ssh-ng";`
feat: introduce treefmt and fmt all 2024-11-15 10:17:56 +01:00			`systems = [ "aarch64-linux" ];`
feat(steveej-x13s and treewide): get most recent libcamera with fixes 2024-11-02 22:48:20 +01:00			`supportedFeatures = [`
			`"big-parallel"`
			`"kvm"`
			`"nixos-test"`
			`];`
steveej-x13s: bump kernel 2024-11-23 14:43:21 +01:00			`maxJobs = 8;`
feat(steveej-x13s and treewide): get most recent libcamera with fixes 2024-11-02 22:48:20 +01:00			`}`

steveej-x13s: add x64-linux-dev-01 builder 2024-07-26 14:31:25 +02:00			`{`
			`hostName = "x64-linux-dev-01.dev.infra.holochain.org";`
			`sshUser = "nix-remote-builder";`
			`sshKey = config.sops.secrets.builder-private-key.path;`
			`protocol = "ssh-ng";`
			`systems = [`
feat(steveej-x13s and treewide): get most recent libcamera with fixes 2024-11-02 22:48:20 +01:00			`# "x86_64-linux"`
			`"aarch64-linux"`
steveej-x13s: add x64-linux-dev-01 builder 2024-07-26 14:31:25 +02:00			`];`
			`supportedFeatures = [`
			`"big-parallel"`
			`"kvm"`
feat(steveej-x13s and treewide): get most recent libcamera with fixes 2024-11-02 22:48:20 +01:00			`"nixos-test"`
steveej-x13s: add x64-linux-dev-01 builder 2024-07-26 14:31:25 +02:00			`];`
feat(steveej-x13s,holo-chain): change remote builder and disable cache.holo.host 2024-10-13 20:18:56 +02:00			`maxJobs = 0;`
feat(steveej-x13s,sj-bm-hostkey0): configure buildmachine 2024-05-02 09:45:30 +02:00			`}`
			`];`
WIP: x13s: install to nvme, refactor into module 2024-01-22 22:50:51 +01:00			`}`

tweak gpg related code 2025-04-05 21:33:13 +02:00			`{`
			# yubikey / smartcard. only set to `true` for `ykman piv` commands.
			`services.pcscd.enable = false;`
			`}`

feat,fix: cach up hostkey0 with structure changes, update x13s and config firewall 2024-03-07 22:01:03 +01:00			`# TODO: create syncthing os snippet`
feat: introduce treefmt and fmt all 2024-11-15 10:17:56 +01:00			`(`
			`let`
			`tcp = [ 22000 ];`
			`udp = [`
			`22000`
			`21027`
			`];`
			`in`
			`{`
			# TODO: upstream feature for inverse rule to work: `! --in-interface zt+`
			`networking.firewall.interfaces."en+".allowedTCPPorts = tcp;`
			`networking.firewall.interfaces."en+".allowedUDPPorts = udp;`
			`networking.firewall.interfaces."wl+".allowedTCPPorts = tcp;`
			`networking.firewall.interfaces."wl+".allowedUDPPorts = udp;`

			`networking.firewall.allowedTCPPorts = [`
			`# iperf3`
			`5201`
			`];`
			`}`
			`)`
feat,fix: cach up hostkey0 with structure changes, update x13s and config firewall 2024-03-07 22:01:03 +01:00
clean up and refactor more into OS snippets; bluetooth works on x13s 2024-01-24 00:24:04 +00:00			`../../snippets/home-manager-with-zsh.nix`
fixup! WIP: x13s: install to nvme, refactor into module 2024-01-22 23:05:23 +01:00			`../../snippets/sway-desktop.nix`
clean up and refactor more into OS snippets; bluetooth works on x13s 2024-01-24 00:24:04 +00:00			`../../snippets/bluetooth.nix`
mostly fix up stateVersions 2024-01-22 23:47:48 +00:00			`../../snippets/timezone.nix`
logseq on arm64, latest signal on arm, waydroid, radicale, vscode 2024-01-25 00:32:37 +01:00			`../../snippets/radicale.nix`
feat(zerotier): make os snippet and add custom options a way to disable autostart for zerotier is beneficial to not accidentally connect on each boot while still being able to connect on demand 2024-03-01 11:21:37 +01:00
			`../../snippets/holo-zerotier.nix`
feat: experimental k3s + nix-snapshotter snippet 2024-06-13 16:42:55 +02:00
feat: update x13s to linux-6.13-rc1 and use nixos-unstable 2024-12-05 21:50:11 +01:00			`# ../../snippets/k3s-w-nix-snapshotter.nix`
WIP: x13s: install to nvme, refactor into module 2024-01-22 22:50:51 +01:00			`];`

update commonUsers and refactor system config 2024-01-22 22:45:42 +00:00			`networking.hostName = nodeName;`
			`networking.firewall.enable = true;`
			`networking.networkmanager.enable = true;`
WIP: x13s: install to nvme, refactor into module 2024-01-22 22:50:51 +01:00
			`nixpkgs.config.allowUnfree = true;`

			`environment.systemPackages = [`
			`pkgs.sshfs`
			`pkgs.util-linux`
			`pkgs.coreutils`
			`pkgs.vim`

			`pkgs.git`
			`pkgs.git-crypt`
			`];`

fixup! WIP: x13s: install to nvme, refactor into module 2024-01-22 23:05:23 +01:00			`system.stateVersion = "23.11";`
feat: introduce treefmt and fmt all 2024-11-15 10:17:56 +01:00			`home-manager.users.root = _: { home.stateVersion = "23.11"; };`
fixup! WIP: x13s: install to nvme, refactor into module 2024-01-22 23:05:23 +01:00			`home-manager.users.steveej = _: {`
			`home.stateVersion = "23.11";`
WIP: x13s: install to nvme, refactor into module 2024-01-22 22:50:51 +01:00
feat: introduce treefmt and fmt all 2024-11-15 10:17:56 +01:00			`imports = [ ../../../home-manager/configuration/graphical-fullblown.nix ];`
WIP: x13s: install to nvme, refactor into module 2024-01-22 22:50:51 +01:00
feat: introduce treefmt and fmt all 2024-11-15 10:17:56 +01:00			`nixpkgs.overlays = [ nodeFlake.overlays.default ];`
feat(steveej-x13s and treewide): get most recent libcamera with fixes 2024-11-02 22:48:20 +01:00
feat: introduce treefmt and fmt all 2024-11-15 10:17:56 +01:00			`home.sessionVariables = { };`
WIP: x13s: install to nvme, refactor into module 2024-01-22 22:50:51 +01:00
feat: introduce treefmt and fmt all 2024-11-15 10:17:56 +01:00			`home.packages = with pkgs; [ ];`
clean up and refactor more into OS snippets; bluetooth works on x13s 2024-01-24 00:24:04 +00:00
feat(steveej-x13s and treewide): get most recent libcamera with fixes 2024-11-02 22:48:20 +01:00			`# TODO(upstream): currently unsupported on x13s`
wip(redshift): attempt to re-enable 2024-10-13 20:16:50 +02:00			`services.gammastep.enable = true;`
clean up and refactor more into OS snippets; bluetooth works on x13s 2024-01-24 00:24:04 +00:00			`};`

			`boot = {`
			`loader.systemd-boot.enable = true;`
feat(steveej-x13s): update and limit space usage on /boot 2024-08-22 14:34:01 +02:00			`loader.systemd-boot.configurationLimit = 5;`

clean up and refactor more into OS snippets; bluetooth works on x13s 2024-01-24 00:24:04 +00:00			`loader.efi.canTouchEfiVariables = lib.mkForce false;`
			`loader.efi.efiSysMountPoint = "/boot";`
feat: update x13s to linux-6.13-rc1 and use nixos-unstable 2024-12-05 21:50:11 +01:00			`blacklistedKernelModules = [`
			`"wwan"`
x13s: tweak audio 2025-01-19 23:37:18 +01:00			`# "qcom_soundwire"`
			`# "snd_soc_qcom_sdw"`
			`# "snd_soc_sc8280xp"`
feat: update x13s to linux-6.13-rc1 and use nixos-unstable 2024-12-05 21:50:11 +01:00			`];`
fixup! WIP: x13s: install to nvme, refactor into module 2024-01-22 23:05:23 +01:00			`};`
logseq on arm64, latest signal on arm, waydroid, radicale, vscode 2024-01-25 00:32:37 +01:00
feat(nix/devices/steveej-x13s): use linaro ath11k firmware this significantly improves wifi speed (2x-3x speedup) 2024-12-23 14:12:33 +01:00			# TODO: debug this collision: collision between `/nix/store/cb32qlzc4pm6h4arw59kxqyzbvgnmx7g-b43-firmware-6.30.163.46-zstd/lib/firmware/b43/a0g0bsinitvals5.fw.zst' and `/nix/store/niffz3cf0v91y5knz0an29fwvm8amigm-b43-firmware-5.100.138-zstd/lib/firmware/b43/a0g0bsinitvals5.fw.zst'
steveej-x13s: use latest ath11k firmware and relax nix sandbox 2024-07-26 14:09:34 +02:00			`hardware.firmware = lib.mkBefore [`
feat(nix/devices/steveej-x13s): use linaro ath11k firmware this significantly improves wifi speed (2x-3x speedup) 2024-12-23 14:12:33 +01:00			`(pkgs.runCommand "x13s-ath11k-firmware-before" { } ''`
			`mkdir -p $out/lib/firmware/ath11k/WCN6855/hw2.1/`
			`cp -v ${nodeFlake.inputs.ath11k-firmware}/WCN6855/hw2.1/{board-2,regdb}.bin $out/lib/firmware/ath11k/WCN6855/hw2.1/`
			`cp -v ${nodeFlake.inputs.ath11k-firmware}/WCN6855/hw2.1/1.1/WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.41/{amss,m3}.bin $out/lib/firmware/ath11k/WCN6855/hw2.1/`
			`'')`
steveej-x13s: use latest ath11k firmware and relax nix sandbox 2024-07-26 14:09:34 +02:00			`];`

logseq on arm64, latest signal on arm, waydroid, radicale, vscode 2024-01-25 00:32:37 +01:00			`# see https://linrunner.de/tlp/`
shift illum serivce around and enable on x13s 2024-02-07 11:15:16 +01:00			`# TODO: find an equivalent to tlp that supports this machine`
logseq on arm64, latest signal on arm, waydroid, radicale, vscode 2024-01-25 00:32:37 +01:00			`services.tlp = {`
shift illum serivce around and enable on x13s 2024-02-07 11:15:16 +01:00			`enable = false;`
logseq on arm64, latest signal on arm, waydroid, radicale, vscode 2024-01-25 00:32:37 +01:00			`settings = {`
			`START_CHARGE_THRESH_BAT0 = "80";`
			`STOP_CHARGE_THRESH_BAT0 = "85";`
			`};`
			`};`

			`# android on linux`
x13s: try signal in waydroid instead of nixos 2024-08-08 14:37:38 +02:00			`virtualisation.waydroid.enable = true;`
x13s: enable ledger hw support 2024-02-07 11:08:46 +01:00			`hardware.ledger.enable = true;`
feat(zerotier): make os snippet and add custom options a way to disable autostart for zerotier is beneficial to not accidentally connect on each boot while still being able to connect on demand 2024-03-01 11:21:37 +01:00
feat: experimental k3s + nix-snapshotter snippet 2024-06-13 16:42:55 +02:00			`virtualisation.containers.enable = true;`
			`virtualisation.podman.enable = true;`

feat(zerotier): make os snippet and add custom options a way to disable autostart for zerotier is beneficial to not accidentally connect on each boot while still being able to connect on demand 2024-03-01 11:21:37 +01:00			`steveej.holo-zerotier = {`
			`enable = true;`
			`autostart = false;`
			`};`
steveej-x13s: use latest ath11k firmware and relax nix sandbox 2024-07-26 14:09:34 +02:00
feat: introduce treefmt and fmt all 2024-11-15 10:17:56 +01:00			`services.udev.packages = [ pkgs.android-udev-rules ];`
steveej-x13s: use latest ath11k firmware and relax nix sandbox 2024-07-26 14:09:34 +02:00			`programs.adb.enable = true;`

			`nix.settings.sandbox = lib.mkForce "relaxed";`
feat(steveej-x13s and treewide): get most recent libcamera with fixes 2024-11-02 22:48:20 +01:00
			`systemd.user.services.wireplumber.environment.LIBCAMERA_IPA_PROXY_PATH = "${pkgs.libcamera}/libexec/libcamera";`
WIP: x13s: install to nvme, refactor into module 2024-01-22 22:50:51 +01:00			`}`