Update cadmium config

hardware/cadmium.nix

@@ -1,15 +1,4 @@
 { config, lib, pkgs, ... }:
 
 {
-  boot.initrd.availableKernelModules = [
-    "i915"
-  ];
-
-  environment.systemPackages = with pkgs; [
-    intel-media-driver
-    libva
-    libva-utils
-    libva1
-  ];
-  hardware.opengl.extraPackages = lib.singleton pkgs.vaapiIntel;
 }

machines/cadmium/configuration.nix

@@ -13,18 +13,18 @@
       ../../unstable.nix
       ../../fish.nix
       ../../autologin.nix
-      ../../lxc.nix
       ../../obs.nix
       ../../pulseaudio.nix
     ];
 
-  nix.autoOptimiseStore = true;
-
   hardware.cpu.intel.updateMicrocode = true;
   powerManagement.cpuFreqGovernor = "performance";
 
-  # Use the GRUB 2 boot loader.
+  nix.autoOptimiseStore = true;
+  nix.useSandbox = true;
+
   boot = {
+    kernelParams = [ "radeon.dpm=1" ];
     loader = {
       systemd-boot.enable = true;
       efi.efiSysMountPoint = "/boot";
@@ -32,14 +32,16 @@
     };
     initrd = {
       availableKernelModules = [
-        "aes_x86_64"
-        "aesni_intel"
+        "aes_generic"
         "cryptd"
+        "nvme" 
+        "xhci_pci"
       ];
       luks.devices = {
         pvcrypt = {
-          device = "/dev/disk/by-uuid/8b7b67c8-d985-4431-8041-3bf31cc915c8";
+          device = "/dev/disk/by-uuid/b706883f-3979-41ea-b72e-497c0ada5092";
           preLVM = true;
+	  allowDiscards = true;
         };
       };
     };
@@ -54,17 +56,14 @@
 
     firewall = {
       allowedUDPPorts = [
-        53
-        33580 # wireguard
+        #53
       ];
       allowedTCPPorts = [
-        53
+        #53
       ];
     };
     extraHosts = ''
-      10.10.7.105 staging-transfer-reverseproxy-01-01.sys.tradebyte.com
-      185.11.253.218 reststaging.tradebyte.com clientmediastaging.tradebyte.com sftpstaging.tradebyte.com ftpstaging.tradebyte.com ftpsstaging.tradebyte.com rc.staging.tradebyte.com c3p0.staging.tradebyte.com c3p2.staging.tradebyte.com c3p4.staging.tradebyte.com staging.tradebyte.com
-10.10.7.30 supportstaging.tradebyte.com
+    #10.10.10.10 example.com
     '';
   };
 
@@ -112,7 +111,7 @@
   ];
 
   programs.mtr.enable = true;
-  
+
   programs.gnupg.agent = {
      enable = true;
      pinentryFlavor = "gnome3";
@@ -123,11 +122,21 @@
   services.ofono.enable = true;
 
   services.udisks2.enable = true;
-  
+
   services.openssh.enable = true;
 
+
+  # udevadm info --name /dev/foo --query all
+
   services.udev.extraRules = ''
-    SUBSYSTEM=="video4linux", BUS=="usb", ATTRS{vendor}=="0x046d", ATTRS{device}=="0x085c", NAME="video1"
+    # mute indicator
+    SUBSYSTEM=="tty", ATTRS{idVendor}=="1eaf", ATTRS{idProduct}=="6d75", SYMLINK+="mute-indicator"
+
+    # DJI Goggles
+    SUBSYSTEM=="usb", ATTRS{idVendor}=="2ca3", ATTRS{idProduct}=="001f", GROUP="video", MODE="0660"
+
+    # STLink
+    SUBSYSTEMS=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="3748", GROUP="users", MODE="0660"
   '';
 
   virtualisation = {
@@ -141,7 +150,7 @@
   security.polkit.enable = true;
 
   # Define a user account. Don't forget to set a password with ‘passwd’.
-  users.users.jal = {
+  users.users.jalr = {
     isNormalUser = true;
     extraGroups = [
       "dialout"
@@ -154,63 +163,7 @@
     shell = pkgs.fish;
   };
 
-  autologin.username = "jal";
-
-  networking.wg-quick.interfaces.wgawsjal = {
-    address = [ "10.254.254.6/30" ];
-    privateKeyFile = "/root/wireguard-keys/wgawsjal";
-    listenPort = 33580;
-    #mtu = 1419
-    #mtu = 1408
-    mtu = 1358;
-
-    peers = [
-      {
-        publicKey = "5B5Ad+C05saQZaVXw7nc9/htshzcPV5Suj2I8P4Ndik=";
-        endpoint = "3.121.44.55:2048";
-        persistentKeepalive = 10;
-        allowedIPs = [
-          "10.254.254.4/30" # tunnel transport
-          "10.10.7.0/24"    # NETWAYS
-          "10.158.128.0/23" # Approvals (instance.tradebyte.com)
-          "10.158.224.0/20" # TB.Shift production
-          "10.158.240.0/20" # TB.Shift development
-          "10.18.0.0/16"    # AWS IT
-          "10.250.0.0/16"   # AWS CCS
-          #10.10.7.6/32
-          #10.10.7.52/32
-          #10.10.7.218/32
-          #10.10.7.248/32
-        ];
-      }
-    ];
-  };
-
-  services.dnsmasq = {
-    enable = true;
-    resolveLocalQueries = true;
-    servers = [
-      "194.150.168.168" # dns.as250.net Berlin/Frankfurt
-      "195.160.173.53" # dnscache.berlin.ccc.de
-      "46.182.19.48" # digitalcourage
-      "/sv.tb/192.168.99.17"
-      "/abc.tb/192.168.99.44"
-      "/sys.tradebyte.com/10.10.7.64"
-      "/core.tradebyte.com/10.10.7.64"
-      "/corp.ad.zalando.net/10.160.19.100"
-      "/7.10.10.in-addr.arpa/10.10.7.64"
-      "/develop.sys.tradebyte.com/10.0.3.1"
-    ];
-    extraConfig = ''
-      no-resolv
-      interface=lo
-      listen-address=::1
-      listen-address=127.0.0.1
-      bind-interfaces
-      dns-loop-detect
-      neg-ttl=5
-    '';
-  };
+  autologin.username = "jalr";
 
   # This value determines the NixOS release from which the default
   # settings for stateful data, like file locations and database versions

machines/cadmium/hardware-configuration.nix

@@ -14,13 +14,20 @@
   boot.extraModulePackages = [ ];
 
   fileSystems."/" =
-    { device = "/dev/disk/by-uuid/d6302c3c-1100-4cc4-86d7-fc3a84db9a37";
+    #{ device = "/dev/disk/by-uuid/d6302c3c-1100-4cc4-86d7-fc3a84db9a37";
+    { device = "/dev/disk/by-uuid/6de83731-af29-4ba2-a0b2-48d3a1f5537e";
       fsType = "ext4";
     };
   fileSystems."/boot" =
-    { device = "/dev/disk/by-uuid/BBF2-C8B1";
+    #{ device = "/dev/disk/by-uuid/BBF2-C8B1";
+    { device = "/dev/disk/by-uuid/D384-54D8";
       fsType = "vfat";
     };
+  fileSystems."/home" =
+    { device = "/dev/disk/by-uuid/f14ae966-ac3f-467f-9263-ba9136967782";
+      fsType = "ext4";
+      noCheck = true;
+    };
 
   swapDevices = [ ];
 

obs.nix

@@ -1,38 +1,25 @@
-{ config, lib, pkgs, ... }:
+{ config, lib, pkgs, ... }: 
 
-with lib;
-
-let
-  cfg = config.obs;
-in {
-  options.obs = {
-    kernel.packages = mkOption {
-      description = "kernel package to use";
-    };
-  };
-  config = {
-    boot = {
-      #kernelPackages = pkgs.linuxPackages_latest;
-      extraModulePackages = [
-        #(pkgs.linuxPackages_latest.v4l2loopback.overrideAttrs ({ ... }: {
-        #(pkgs.linuxPackages_5_9_rt.v4l2loopback.overrideAttrs ({ ... }: {
-        (cfg.kernel.packages.v4l2loopback.overrideAttrs ({ ... }: {
-          src = pkgs.fetchFromGitHub {
-            owner = "umlaeute";
-            repo = "v4l2loopback";
-            # master 2020-04-17
-            rev = "10b1c7e6bda4255fdfaa187ce2b3be13433416d2";
-            sha256 = "0xsn4yzj7lwdg0n7q3rnqpz07i9i011k2pwn06hasd45313zf8j2";
-          };
-        }))
-      ];
-      extraModprobeConfig = ''
-        options v4l2loopback exclusive_caps=1 video_nr=9 card_label="obs"
-      '';
-      kernelParams = [ "vmalloc=512M" ];
-    };
-    environment.systemPackages = with pkgs; [
-      v4l-utils
+{
+  boot = {
+    kernelPackages = pkgs.linuxPackages_latest;
+    extraModulePackages = [
+      (pkgs.linuxPackages_latest.v4l2loopback.overrideAttrs ({ ... }: {
+        src = pkgs.fetchFromGitHub {
+          owner = "umlaeute";
+          repo = "v4l2loopback";
+          # master 2020-04-17
+          rev = "10b1c7e6bda4255fdfaa187ce2b3be13433416d2";
+          sha256 = "0xsn4yzj7lwdg0n7q3rnqpz07i9i011k2pwn06hasd45313zf8j2";
+        };
+      }))
     ];
+    kernelModules = [ "v4l2loopback" ];
+    extraModprobeConfig = ''
+      options v4l2loopback exclusive_caps=1 card_label=OBS video_nr=10
+    '';
   };
+  environment.systemPackages = with pkgs; [
+    v4l-utils
+  ];
 }