feat: minor config improvments

sioodmy · Aug 26, 2024 · f87d53b · f87d53b
1 parent d68e544
commit f87d53b
Show file tree

Hide file tree

Showing 7 changed files with 32 additions and 12 deletions.
diff --git a/system/core/bootloader.nix b/system/core/bootloader.nix
@@ -1,7 +1,6 @@
 {
   pkgs,
   lib,
-  inputs,
   ...
 }: let
   inherit (lib) mkDefault;
@@ -11,18 +10,25 @@ in {
     pkgs.sbctl
   ];
   boot = {
-    binfmt.emulatedSystems = ["aarch64-linux"];
+    binfmt.emulatedSystems = ["aarch64-linux" "riscv64-linux"];
     tmp = {
       cleanOnBoot = true;
-      useTmpfs = false;
+      useTmpfs = true;
     };
-    # some kernel parameters, i dont remember what half of this shit does but who cares
-    initrd.verbose = false;
-    kernelPackages = mkDefault pkgs.linuxPackages_latest;
+    initrd = {
+      verbose = false;
+      systemd.enable = true;
+    };
+    kernelPackages = mkDefault pkgs.linuxPackages_xanmod_latest;
 
     bootspec.enable = mkDefault true;
     loader = {
-      systemd-boot.enable = mkDefault true;
+      systemd-boot = {
+        enable = mkDefault true;
+        memtest86.enable = true;
+        configurationLimit = 10;
+        editor = false;
+      };
       # spam space to get to boot menu
       timeout = 0;
     };

diff --git a/system/core/network.nix b/system/core/network.nix
@@ -20,14 +20,13 @@ in {
       dns = mkIf dnscrypt "none";
       wifi = {
         macAddress = "random";
+        backend = "iwd";
         powersave = true;
       };
     };
     firewall = {
       enable = true;
       allowPing = false;
-      # for chromecast
-      allowedUDPPorts = [10008];
       logReversePathDrops = true;
     };
   };

diff --git a/system/core/nix.nix b/system/core/nix.nix
@@ -25,6 +25,18 @@
     defaultPackages = [];
   };
 
+  # WE DONT WANT TO BUILD STUFF ON TMPFS
+  # ITS NOT A GOOD IDEA
+  systemd.services.nix-daemon = {
+    environment.TMPDIR = "/var/tmp";
+  };
+
+  # this makes rebuilds little faster
+  system.switch = {
+    enable = false;
+    enableNg = true;
+  };
+
   nixpkgs = {
     config = {
       # Wolność kocham i rozumiem

diff --git a/system/core/schizo.nix b/system/core/schizo.nix
@@ -12,7 +12,6 @@
         hibernate = false;
       };
     };
-    dbus.packages = [pkgs.seahorse];
     networkd-dispatcher.enable = true;
   };
 

diff --git a/system/core/secrets.nix b/system/core/secrets.nix
@@ -22,6 +22,7 @@ in {
     (forHost ["calypso"] ../../secrets/syncthing-calypso-cert.age "syncthing-calypso-cert" user)
     # TODO: rework
     (forHost ["calypso"] ../../secrets/radicale-pass.age "radicale-pass" user)
+    (forHost ["calypso"] ../../secrets/openai.age "openai" user)
     (forHost ["prometheus"] ../../secrets/mailserver.age "mailserver" {mode = "400";})
     (forHost ["prometheus"] ../../secrets/caldav.age "caldav" {mode = "400";})
     (forHost ["prometheus"] ../../secrets/discordtoken.age "discordtoken" {mode = "400";})

diff --git a/system/core/system.nix b/system/core/system.nix
@@ -5,10 +5,14 @@
 }: {
   services = {
     dbus = {
-      packages = with pkgs; [dconf gcr udisks2];
+      packages = with pkgs; [dconf gcr udisks2 seahorse];
+      implementation = "broker";
       enable = true;
     };
     udev.packages = with pkgs; [gnome.gnome-settings-daemon android-udev-rules];
+    # "irqbalance(1) - distribute hardware interrupts across processors on a multiprocessor system"
+    irqbalance.enable = true;
+    fstrim.enable = true;
     journald.extraConfig = ''
       SystemMaxUse=50M
       RuntimeMaxUse=10M

diff --git a/system/wayland/services.nix b/system/wayland/services.nix
@@ -42,6 +42,5 @@
 
     udisks2.enable = true;
     printing.enable = true;
-    fstrim.enable = true;
   };
 }
-Original file line number
+Diff line change
@@ Expand Up / @@ -12,7 +12,6 @@ @@
             hibernate = false;
           };
         };
-        dbus.packages = [pkgs.seahorse];
         networkd-dispatcher.enable = true;
       };
@@ Expand Down @@