From 8b1ad3db8cecac5bbcee337640f1662eb30569b1 Mon Sep 17 00:00:00 2001
From: Yorick van Pelt <yorick@yorickvanpelt.nl>
Date: Thu, 8 Dec 2016 15:31:45 +0100
Subject: [PATCH] add jarvis, fix i3-gaps, add spotify ports

---
 jarvis/configuration.nix          | 51 +++++++++++++++++
 jarvis/hardware-configuration.nix | 94 +++++++++++++++++++++++++++++++
 roles/common.nix                  |  3 +
 roles/graphical.nix               |  9 ++-
 4 files changed, 156 insertions(+), 1 deletion(-)
 create mode 100644 jarvis/configuration.nix
 create mode 100644 jarvis/hardware-configuration.nix

diff --git a/jarvis/configuration.nix b/jarvis/configuration.nix
new file mode 100644
index 0000000..014512a
--- /dev/null
+++ b/jarvis/configuration.nix
@@ -0,0 +1,51 @@
+# Edit this configuration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ config, pkgs, ... }:
+
+let secrets = import <secrets>;
+in
+{
+  imports =
+    [ # Include the results of the hardware scan.
+      ./hardware-configuration.nix
+      ../roles/common.nix
+      ../roles/graphical.nix
+    ];
+
+  # Use the systemd-boot EFI boot loader.
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  networking.hostName = "jarvis"; # Define your hostname.
+  # Select internationalisation properties.
+  i18n.consoleFont = "latarcyrheb-sun32";
+
+  # List services that you want to enable:
+
+  # Enable the OpenSSH daemon.
+  # services.openssh.enable = true; # temp
+  # Enable CUPS to print documents.
+  services.printing.enable = true;
+
+
+  # The NixOS release to be compatible with for stateful data such as databases.
+  system.stateVersion = "17.03";
+
+  # List packages installed in system profile. To search by name, run:
+  # $ nix-env -qaP | grep wget
+  environment.systemPackages = with pkgs; [
+    btrfs-progs
+  ];
+
+  #virtualisation.virtualbox.host.enable = true;
+
+  users.extraUsers.yorick.hashedPassword = secrets.yorick_hashedPassword;
+  services.xserver.displayManager.sessionCommands = ''
+    gpg-connect-agent /bye
+    unset SSH_AGENT_PID
+    export SSH_AUTH_SOCK="''${XDG_RUNTIME_DIR}/gnupg/S.gpg-agent.ssh"
+    ${pkgs.xorg.xrandr}/bin/xrandr --dpi 192
+  '';
+}
diff --git a/jarvis/hardware-configuration.nix b/jarvis/hardware-configuration.nix
new file mode 100644
index 0000000..67ac86d
--- /dev/null
+++ b/jarvis/hardware-configuration.nix
@@ -0,0 +1,94 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, ... }:
+let
+kpkgs = pkgs.linuxPackages_testing;
+#kpkgs = pkgs.linuxPackages_custom (pkgs.linuxPackages_latest.kernel.overrideDerivation (oldAttr: {
+#  enableParallelBuild = true;
+#}));
+in
+{
+  imports =
+    [ <nixpkgs/nixos/modules/installer/scan/not-detected.nix>
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+  boot.blacklistedKernelModules = ["psmouse"];
+  
+  hardware.cpu.intel.updateMicrocode = true;
+
+
+  services.xserver.synaptics.enable = true;
+  services.thermald.enable = true;
+
+  networking.wireless.enable = true;
+  hardware.bluetooth.enable = true;
+  boot.kernelPackages = kpkgs;
+  boot.kernelParams = ["i915.enable_fbc=1"]; # "i915.enable_psr=1"]; # lvds downclock is no longer a thing
+  boot.kernelPatches = let
+    kver = "4.8.8"; #kpkgs.kernel.version;
+    linux-nvme = pkgs.fetchFromGitHub {
+      owner = "damige";
+      repo = "linux-nvme";
+      rev = "e58f5a1e9357fb0647fc173a17ceebe6280ba43c";
+      sha256 = "0n42s6a6wzckm5k6mfpx0mp66ql52wv3irs9s0c000nx039hg57m";
+    };
+  in [
+   # half of thesea are in 4.9 already
+   # { patch = "${linux-nvme}/src/${kver}/nvmepatch1-V4.patch"; name = "nvme-1";}
+   # { patch = "${linux-nvme}/src/${kver}/nvmepatch2-V4.patch"; name = "nvme-2";}
+    { patch = "${linux-nvme}/src/${kver}/nvmepatch3-V4.patch"; name = "nvme-3";}
+  ];
+  # nixpkgs.config.packageOverrides = pkgs:
+  #   { linux_testing = pkgs.linux_testing.overrideDerivation (attrs: {
+  #     enableParallelBuilding = true;
+  #     });
+  #   };
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/a751e4ea-f1aa-48e1-9cbe-423878e29b62";
+      fsType = "btrfs";
+      options = ["defaults" "relatime" "discard"];
+    };
+
+  boot.initrd.luks.devices."nix-crypt" = {
+    device = "/dev/disk/by-uuid/320ef81d-283f-4916-ac26-ecfb0f31e549";
+    allowDiscards = true;
+  };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/0E07-7805";
+      fsType = "vfat";
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/d9c4c15b-0e9c-47f6-8675-93b1b8de5f9d"; }
+    ];
+
+  nix.maxJobs = lib.mkDefault 4;
+  
+  # ideal... doesn't work.
+  #services.udev.extraRules = ''
+  #   KERNEL=="intel_backlight", SUBSYSTEM=="backlight", MODE="666"
+  #'';
+  # for now
+  systemd.services."display-manager".preStart = ''
+   chmod a+w $(realpath /sys/class/backlight/intel_backlight/brightness) || true
+  '';
+  # this makes sure my wifi doesn't take a minute to work
+  services.udev.extraRules = ''
+    SUBSYSTEM=="firmware", ACTION=="add", ATTR{loading}="-1"
+  '';
+
+  services.xserver.videoDrivers = ["modesetting"];
+  hardware.opengl.extraPackages = [ pkgs.vaapiIntel ];
+  nixpkgs.config = {
+    packageOverrides = pkgs : {
+      mpv = pkgs.mpv.override { vaapiSupport = true; };
+    };
+  };
+
+}
diff --git a/roles/common.nix b/roles/common.nix
index 6aa91e4..ba5edf6 100644
--- a/roles/common.nix
+++ b/roles/common.nix
@@ -6,6 +6,7 @@
 	users.extraUsers.root = {
 		openssh.authorizedKeys.keys = config.users.extraUsers.yorick.openssh.authorizedKeys.keys;
 	};
+  services.timesyncd.enable = true;
 	users.extraUsers.yorick = {
 	  isNormalUser = true;
 	  uid = 1000;
@@ -26,6 +27,8 @@
   nix.extraOptions = ''
     allow-unsafe-native-code-during-evaluation = true
     allow-unfree = true
+    binary-caches-parallel-connections = 3
+    connect-timeout = 5
   '';
 
   # Networking
diff --git a/roles/graphical.nix b/roles/graphical.nix
index 5e5636b..3902ec5 100644
--- a/roles/graphical.nix
+++ b/roles/graphical.nix
@@ -11,7 +11,11 @@
     layout = "us";
     displayManager.slim.defaultUser = "yorick";
     # xkbOptions = "eurosign:e";
-    windowManager.i3-gaps.enable = true;
+    windowManager.i3 = {
+      enable = true;
+    } // (if (lib.versionAtLeast config.system.nixosRelease "17.03") then {
+      package = pkgs.i3-gaps;
+      } else {});
   };
   hardware.opengl = {
     enable = true;
@@ -40,4 +44,7 @@
       night = 5500;
     };
   };
+  # spotify
+  networking.firewall.allowedTCPPorts = [57621];
+  networking.firewall.allowedUDPPorts = [57621];
 }