alex/nix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

restructured and optimized content

Browse Source
This commit is contained in:
alex
2025-04-21 14:21:37 +08:00
parent e1d5d900fb
commit 4af72b9d39
28 changed files with 632 additions and 609 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
modules/home/develop.nix Normal file
View File

@@ -0,0 +1,12 @@
{ pkgs, ... }:
{
home = {
packages = with pkgs; [
dbeaver-bin
go
nodejs
yarn
];
};
}

22
modules/home/fcitx.nix Normal file
View File

@@ -0,0 +1,22 @@
# 输入法配置模块
{ config, lib, pkgs, ... }:
{
home = {
packages = [ pkgs.catppuccin-fcitx5 ];
sessionVariables = {
GTK_IM_MODULE = "fcitx";
QT_IM_MODULE = "fcitx";
XIM = "fcitx";
XIM_PROGRAM = "fcitx";
XMODIFIERS = "@im=fcitx";
};
};
i18n.inputMethod = {
enabled = "fcitx5";
fcitx5.addons = with pkgs; [
fcitx5-chinese-addons
];
};
}

9
modules/home/hyprland/default.nix
View File

@@ -35,7 +35,6 @@
wayland.windowManager.hyprland = {
enable = true;
systemdIntegration = true;
enableNvidiaPatches = true;
# extraConfig = builtins.readFile ./conf/hyprland.conf;
};
@@ -56,10 +55,10 @@
recursive = true;
};
home.file.".config/swww" = {
source = ./conf/swww;
recursive = true;
};
# home.file.".config/swww" = {
# source = ./conf/swww;
# recursive = true;
# };
home.file.".config/waybar" = {
source = ./conf/waybar;

20
modules/home/v2ray/default.nix
View File

@@ -1,11 +1,11 @@
{ config, lib, pkgs, ... }:
{
imports = [
];
home.packages = with pkgs; [
v2ray
v2raya
];
{ config, lib, pkgs, ... }:
{
imports = [
];
home.packages = with pkgs; [
v2ray
v2raya
];
}

21
modules/home/vscode/default.nix
View File

@@ -1,4 +1,4 @@
{ config, lib, pkgs, ... }:
{ pkgs, ... }:
{
imports = [
@@ -7,16 +7,21 @@
vscode = {
enable = true;
extensions = with pkgs.vscode-extensions; [
jnoortheen.nix-ide
bierner.markdown-mermaid
esbenp.prettier-vscode
foxundermoon.shell-format
github.copilot
github.copilot-chat
golang.go
jnoortheen.nix-ide
pkief.material-icon-theme
] ++ pkgs.vscode-utils.extensionsFromVscodeMarketplace [
# {
# name = "aws-toolkit-vscode";
# publisher = "amazonwebservices";
# version = "1.9.0";
# sha256 = "erRg/C0qSrPg0cK2qmnULOnFGj/mVQTyBy5Kyj1ZfVw=";
# }
{
name = "vscode-augment";
publisher = "augment";
version = "0.409.1";
sha256 = "erRg/C0qSrPg0cK2qmnULOnFGj/mVQTyBy5Kyj1ZfVw=";
}
];
userSettings = builtins.fromJSON (builtins.readFile ./settings.json);
};

2
modules/home/vscode/settings.json
View File

@@ -40,7 +40,7 @@
"git.enableSmartCommit": true,
"javascript.updateImportsOnFileMove.enabled": "always",
"security.workspace.trust.untrustedFiles": "open",
"terminal.integrated.fontFamily": "\"Source Code Pro\"",
"terminal.integrated.fontFamily": "'Source Code Pro'",
"terminal.integrated.tabs.location": "left",
"typescript.updateImportsOnFileMove.enabled": "always",
"workbench.iconTheme": "material-icon-theme"

154
modules/home/xdg.nix
View File

@@ -1,77 +1,77 @@
# XDG stands for "Cross-Desktop Group", with X used to mean "cross".
# It's a bunch of specifications from freedesktop.org intended to standardize desktops and
# other GUI applications on various systems (primarily Unix-like) to be interoperable:
# https://www.freedesktop.org/wiki/Specifications/
{ config, pkgs, ... }: {
home.packages = with pkgs; [
xdg-utils # provides cli tools such as `xdg-mime` `xdg-open`
xdg-user-dirs
];
xdg = {
enable = true;
cacheHome = config.home.homeDirectory + "/.cache";
# manage $XDG_CONFIG_HOME/mimeapps.list
# xdg search all desktop entries from $XDG_DATA_DIRS, check it by command:
# echo $XDG_DATA_DIRS
# the system-level desktop entries can be list by command:
# ls -l /run/current-system/sw/share/applications/
# the user-level desktop entries can be list by command(user ryan):
# ls /etc/profiles/per-user/ryan/share/applications/
mimeApps = {
enable = true;
# defaultApplications =
# let
# browser = [ "microsoft-edge.desktop" ];
# in
# {
# "application/json" = browser;
# "application/pdf" = browser; # TODO: pdf viewer
# "text/html" = browser;
# "text/xml" = browser;
# "application/xml" = browser;
# "application/xhtml+xml" = browser;
# "application/xhtml_xml" = browser;
# "application/rdf+xml" = browser;
# "application/rss+xml" = browser;
# "application/x-extension-htm" = browser;
# "application/x-extension-html" = browser;
# "application/x-extension-shtml" = browser;
# "application/x-extension-xht" = browser;
# "application/x-extension-xhtml" = browser;
# "x-scheme-handler/about" = browser;
# "x-scheme-handler/ftp" = browser;
# "x-scheme-handler/http" = browser;
# "x-scheme-handler/https" = browser;
# "x-scheme-handler/unknown" = browser;
# "x-scheme-handler/discord" = [ "discord.desktop" ];
# "x-scheme-handler/tg" = [ "telegramdesktop.desktop" ];
# "audio/*" = [ "vlc.desktop" ];
# "video/*" = [ "vlc.dekstop" ];
# "image/*" = [ "imv.desktop" ];
# "image/gif" = [ "imv.desktop" ];
# "image/jpeg" = [ "imv.desktop" ];
# "image/png" = [ "imv.desktop" ];
# "image/webp" = [ "imv.desktop" ];
# };
associations.removed =
{
# ......
};
};
userDirs = {
enable = false;
createDirectories = false;
extraConfig = {
XDG_SCREENSHOTS_DIR = "${config.xdg.userDirs.pictures}/Screenshots";
};
};
};
}
# XDG stands for "Cross-Desktop Group", with X used to mean "cross".
# It's a bunch of specifications from freedesktop.org intended to standardize desktops and
# other GUI applications on various systems (primarily Unix-like) to be interoperable:
# https://www.freedesktop.org/wiki/Specifications/
{ config, pkgs, ... }: {
home.packages = with pkgs; [
xdg-utils # provides cli tools such as `xdg-mime` `xdg-open`
xdg-user-dirs
];
xdg = {
enable = true;
cacheHome = config.home.homeDirectory + "/.cache";
# manage $XDG_CONFIG_HOME/mimeapps.list
# xdg search all desktop entries from $XDG_DATA_DIRS, check it by command:
# echo $XDG_DATA_DIRS
# the system-level desktop entries can be list by command:
# ls -l /run/current-system/sw/share/applications/
# the user-level desktop entries can be list by command(user ryan):
# ls /etc/profiles/per-user/ryan/share/applications/
mimeApps = {
enable = true;
# defaultApplications =
# let
# browser = [ "microsoft-edge.desktop" ];
# in
# {
# "application/json" = browser;
# "application/pdf" = browser; # TODO: pdf viewer
# "text/html" = browser;
# "text/xml" = browser;
# "application/xml" = browser;
# "application/xhtml+xml" = browser;
# "application/xhtml_xml" = browser;
# "application/rdf+xml" = browser;
# "application/rss+xml" = browser;
# "application/x-extension-htm" = browser;
# "application/x-extension-html" = browser;
# "application/x-extension-shtml" = browser;
# "application/x-extension-xht" = browser;
# "application/x-extension-xhtml" = browser;
# "x-scheme-handler/about" = browser;
# "x-scheme-handler/ftp" = browser;
# "x-scheme-handler/http" = browser;
# "x-scheme-handler/https" = browser;
# "x-scheme-handler/unknown" = browser;
# "x-scheme-handler/discord" = [ "discord.desktop" ];
# "x-scheme-handler/tg" = [ "telegramdesktop.desktop" ];
# "audio/*" = [ "vlc.desktop" ];
# "video/*" = [ "vlc.dekstop" ];
# "image/*" = [ "imv.desktop" ];
# "image/gif" = [ "imv.desktop" ];
# "image/jpeg" = [ "imv.desktop" ];
# "image/png" = [ "imv.desktop" ];
# "image/webp" = [ "imv.desktop" ];
# };
associations.removed =
{
# ......
};
};
userDirs = {
enable = false;
createDirectories = false;
extraConfig = {
XDG_SCREENSHOTS_DIR = "${config.xdg.userDirs.pictures}/Screenshots";
};
};
};
}

70
modules/nixos/core.nix
View File

@@ -1,70 +0,0 @@
{ lib, ... }:
{
programs = {
git.enable = true;
dconf.enable = true;
vim = {
defaultEditor = true;
};
};
# This setups a SSH server. Very important if you're setting up a headless system.
# Feel free to remove if you don't need it.
services.openssh = {
enable = true;
# Forbid root login through SSH.
# Use keys only. Remove if you want to SSH using password (not recommended)
settings = {
# permitRootLogin = "no";
# passwordAuthentication = false;
};
};
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
networking.firewall.enable = lib.mkDefault false;
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "zh_CN.UTF-8";
LC_IDENTIFICATION = "zh_CN.UTF-8";
LC_MEASUREMENT = "zh_CN.UTF-8";
LC_MONETARY = "zh_CN.UTF-8";
LC_NAME = "zh_CN.UTF-8";
LC_NUMERIC = "zh_CN.UTF-8";
LC_PAPER = "zh_CN.UTF-8";
LC_TELEPHONE = "zh_CN.UTF-8";
LC_TIME = "zh_CN.UTF-8";
};
time.timeZone = "Asia/Shanghai";
nix = {
settings = {
# Enable flakes and new 'nix' command
experimental-features = "nix-command flakes";
# Deduplicate and optimize nix store
auto-optimise-store = true;
substituters = [
"https://mirrors.ustc.edu.cn/nix-channels/store"
"https://nixos-cn.cachix.org"
"https://nix-community.cachix.org"
"https://cache.nixos.org/"
];
trusted-public-keys = [
"nixos-cn.cachix.org-1:L0jEaL6w7kwQOPlLoCR3ADx+E3Q8SEFEcB9Jaibl0Xg="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
};
gc = {
automatic = true;
dates = "daily";
options = "--delete-older-than 7d";
};
};
}

22
modules/nixos/core/boot.nix Normal file
View File

@@ -0,0 +1,22 @@
# 引导配置
{ config, lib, pkgs, ... }:
{
boot = {
loader = {
efi = {
canTouchEfiVariables = true;
efiSysMountPoint = "/boot";
};
grub = {
enable = true;
efiSupport = true;
device = "nodev";
};
};
# Allow to modify store. It's dangerous!!
readOnlyNixStore = lib.mkDefault true;
};
}

66
modules/nixos/core/default.nix Normal file
View File

@@ -0,0 +1,66 @@
{ lib, ... }:
{
imports = [
./boot.nix
./system.nix
];
programs = {
git.enable = true;
dconf.enable = true;
vim = {
defaultEditor = true;
};
};
# This setups a SSH server. Very important if you're setting up a headless system.
# Feel free to remove if you don't need it.
services = {
openssh = {
enable = true;
# Forbid root login through SSH.
# Use keys only. Remove if you want to SSH using password (not recommended)
settings = {
# permitRootLogin = "no";
# passwordAuthentication = false;
KbdInteractiveAuthentication = false;
X11Forwarding = false;
};
};
journald.extraConfig = ''
SystemMaxUse=500M
MaxFileSec=7day
'';
};
# Configure firewall
networking.firewall = lib.mkDefault {
enable = true;
allowedTCPPorts = [ 22 80 443 ]; # 根据需要调整
allowedUDPPorts = [ 53 ]; # 根据需要调整
# 如果需要,可以添加特定服务的规则
allowedTCPPortRanges = [
{ from = 1714; to = 1764; } # KDE Connect
];
};
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "zh_CN.UTF-8";
LC_IDENTIFICATION = "zh_CN.UTF-8";
LC_MEASUREMENT = "zh_CN.UTF-8";
LC_MONETARY = "zh_CN.UTF-8";
LC_NAME = "zh_CN.UTF-8";
LC_NUMERIC = "zh_CN.UTF-8";
LC_PAPER = "zh_CN.UTF-8";
LC_TELEPHONE = "zh_CN.UTF-8";
LC_TIME = "zh_CN.UTF-8";
};
time.timeZone = "Asia/Shanghai";
}

91
modules/nixos/core/system.nix Normal file
View File

@@ -0,0 +1,91 @@
{ inputs, outputs, config, lib, ... }:
{
security = {
sudo.enable = true;
polkit.enable = true;
};
services = {
printing.enable = true;
acpid.enable = true;
upower.enable = true;
};
nix = {
# This will add each flake input as a registry
# To make nix3 commands consistent with your flake
registry = lib.mapAttrs (_: value: { flake = value; }) inputs;
# This will additionally add your inputs to the system's legacy channels
# Making legacy nix commands consistent as well, awesome!
nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
settings = {
# Enable flakes and new 'nix' command
experimental-features = "nix-command flakes";
substituters = [
"https://mirrors.ustc.edu.cn/nix-channels/store"
"https://nixos-cn.cachix.org"
"https://nix-community.cachix.org"
"https://cache.nixos.org/"
];
trusted-public-keys = [
"nixos-cn.cachix.org-1:L0jEaL6w7kwQOPlLoCR3ADx+E3Q8SEFEcB9Jaibl0Xg="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
trusted-users = [ "root" ];
# Enable local binary cache
keep-outputs = true;
keep-derivations = true;
max-jobs = "auto";
cores = 0; # Use all available cores
# Deduplicate and optimize nix store during build
# auto-optimise-store = true;
};
gc = {
automatic = true; # Enable automatic garbage collection
dates = "weekly"; # Execute garbage collection weekly
persistent = true; # Keep settings after reboot
randomizedDelaySec = "15min"; # Add up to 15 minutes of random delay
options = "--delete-older-than 30d"; # Delete files older than 30 days
};
# Automatically run garbage collection whenever there is not enough space left
# Free up to 5GiB whenever there is less than 1GiB left:
extraOptions = ''
min-free = ${toString (1 * 1024 * 1024 * 1024)}
max-free = ${toString (5 * 1024 * 1024 * 1024)}
'';
};
nixpkgs = {
# You can add overlays here
overlays = [
# Add overlays your own flake exports (from overlays and pkgs dir):
outputs.overlays.additions
outputs.overlays.modifications
outputs.overlays.unstable-packages
# You can also add overlays exported from other flakes:
# neovim-nightly-overlay.overlays.default
# Or define it inline, for example:
# (final: prev: {
# hi = final.hello.overrideAttrs (oldAttrs: {
# patches = [ ./change-hello-to-hi.patch ];
# });
# })
];
# Configure your nixpkgs instance
config = {
# Disable if you don't want unfree packages
allowUnfree = true;
};
};
}

92
modules/nixos/fonts/default.nix
View File

@@ -1,48 +1,44 @@
{ config, lib, pkgs, ... }:
{
imports = [
./fhs-fonts.nix
];
environment.systemPackages = with pkgs; [
twemoji-color-font
];
# all fonts are linked to /nix/var/nix/profiles/system/sw/share/X11/fonts
fonts = {
# use fonts specified by user rather than default ones
enableDefaultFonts = false;
fontDir.enable = true;
fonts = with pkgs; [
# icon fonts
material-design-icons
font-awesome
# Noto 系列字体是 Google 主导的名字的含义是「没有豆腐」qno tofu因为缺字时显示的方框或者方框被叫作 tofu
# Noto 系列字族名只支持英文,命名规则是 Noto + Sans 或 Serif + 文字名称。
# 其中汉字部分叫 Noto Sans/Serif CJK SC/TC/HK/JP/KR最后一个词是地区变种
noto-fonts # 大部分文字的常见样式,不包含汉字
noto-fonts-cjk # 汉字部分
noto-fonts-emoji # 彩色的表情符号字体
noto-fonts-extra # 提供额外的字重和宽度变种
# 思源系列字体是 Adobe 主导的。其中汉字部分被称为「思源黑体」和「思源宋体」,是由 Adobe + Google 共同开发的
source-sans # 无衬线字体,不含汉字。字族名叫 Source Sans 3 和 Source Sans Pro以及带字重的变体加上 Source Sans 3 VF
source-serif # 衬线字体,不含汉字。字族名叫 Source Code Pro以及带字重的变体
source-han-sans # 思源黑体
source-han-serif # 思源宋体
# nerdfonts
(nerdfonts.override {
fonts = [
# "FiraCode"
"JetBrainsMono"
# "Iosevka"
];
})
];
};
}
{ config, lib, pkgs, ... }:
{
imports = [
./fhs-fonts.nix
];
environment.systemPackages = with pkgs; [
twemoji-color-font
];
# all fonts are linked to /nix/var/nix/profiles/system/sw/share/X11/fonts
fonts = {
# use fonts specified by user rather than default ones
enableDefaultFonts = false;
fontDir.enable = true;
fonts = with pkgs; [
# Noto 系列字体是 Google 主导的名字的含义是「没有豆腐」qno tofu因为缺字时显示的方框或者方框被叫作 tofu
# Noto 系列字族名只支持英文,命名规则是 Noto + Sans 或 Serif + 文字名称。
# 其中汉字部分叫 Noto Sans/Serif CJK SC/TC/HK/JP/KR最后一个词是地区变种。
noto-fonts # 大部分文字的常见样式,不包含汉字
noto-fonts-cjk # 汉字部分
noto-fonts-emoji # 彩色的表情符号字体
noto-fonts-extra # 提供额外的字重和宽度变种
# 思源系列字体是 Adobe 主导的。其中汉字部分被称为「思源黑体」和「思源宋体」,是由 Adobe + Google 共同开发的
source-sans # 无衬线字体,不含汉字。字族名叫 Source Sans 3 和 Source Sans Pro以及带字重的变体加上 Source Sans 3 VF
source-serif # 衬线字体,不含汉字。字族名叫 Source Code Pro以及带字重的变体
source-han-sans # 思源黑体
source-han-serif # 思源宋体
# nerdfonts
(nerdfonts.override {
fonts = [
# "FiraCode"
"JetBrainsMono"
# "Iosevka"
];
})
];
};
}

66
modules/nixos/fonts/fhs-fonts.nix
View File

@@ -1,33 +1,33 @@
{
config,
pkgs,
...
}: {
###################################################################################
#
# Copy from https://github.com/NixOS/nixpkgs/issues/119433#issuecomment-1326957279
# Mainly for flatpak
# 1. bindfs resolves all symlink,
# 2. allowing all fonts to be accessed at `/usr/share/fonts`
# 3. without letting /nix into the sandbox.
#
###################################################################################
system.fsPackages = [pkgs.bindfs];
fileSystems = let
mkRoSymBind = path: {
device = path;
fsType = "fuse.bindfs";
options = ["ro" "resolve-symlinks" "x-gvfs-hide"];
};
aggregatedFonts = pkgs.buildEnv {
name = "system-fonts";
paths = config.fonts.fonts;
pathsToLink = ["/share/fonts"];
};
in {
# Create an FHS mount to support flatpak host icons/fonts
"/usr/share/icons" = mkRoSymBind (config.system.path + "/share/icons");
"/usr/share/fonts" = mkRoSymBind (aggregatedFonts + "/share/fonts");
};
}
{
config,
pkgs,
...
}: {
###################################################################################
#
# Copy from https://github.com/NixOS/nixpkgs/issues/119433#issuecomment-1326957279
# Mainly for flatpak
# 1. bindfs resolves all symlink,
# 2. allowing all fonts to be accessed at `/usr/share/fonts`
# 3. without letting /nix into the sandbox.
#
###################################################################################
system.fsPackages = [pkgs.bindfs];
fileSystems = let
mkRoSymBind = path: {
device = path;
fsType = "fuse.bindfs";
options = ["ro" "resolve-symlinks" "x-gvfs-hide"];
};
aggregatedFonts = pkgs.buildEnv {
name = "system-fonts";
paths = config.fonts.fonts;
pathsToLink = ["/share/fonts"];
};
in {
# Create an FHS mount to support flatpak host icons/fonts
"/usr/share/icons" = mkRoSymBind (config.system.path + "/share/icons");
"/usr/share/fonts" = mkRoSymBind (aggregatedFonts + "/share/fonts");
};
}

61
modules/nixos/sysatomic.nix Normal file
View File

@@ -0,0 +1,61 @@
# 配置原子系统, 使用 tmpfs 作为根文件系统, 并配置持久化存储
{ config, pkgs, username, inputs, lib, ... }:
{
imports = [
inputs.impermanence.nixosModules.impermanence
];
# 启用 tmpfs 作为根文件系统
fileSystems."/" = lib.mkForce {
device = "none";
fsType = "tmpfs";
options = [ "relatime" "mode=755" ];
};
# 将 /nix 目录绑定到持久化存储
fileSystems."/nix" = lib.mkForce {
device = "/dev/disk/by-label/nixos"; # 需要根据实际情况修改
fsType = "btrfs";
options = [ "compress-force=zstd" ];
};
# 配置持久化存储
environment.persistence."/nix/persistent" = {
hideMounts = true;
directories = [
"/etc/nixos"
"/etc/NetworkManager/system-connections"
"/var/log"
"/var/lib"
"/root"
];
files = [
"/etc/machine-id"
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
];
users.${username} = {
directories = [
".config"
".cache"
".local"
".ssh"
".vscode"
".npm"
".nix"
"data"
"doc"
];
files = [
".zsh_history"
".gitconfig"
];
};
};
}

4
modules/nixos/user-group.nix → modules/nixos/user.nix
View File

@@ -5,9 +5,6 @@
# Define a user account. Don't forget to set a password with passwd.
users = {
groups = {
docker = { };
};
users."${username}" = {
# the hashed password with salt is generated by run `mkpasswd`.
hashedPassword = "$y$j9T$inkrp6FuM46uoPFVrOlbz1$igJed6pECf4AENVaLT4mk.Q4z02MmxjWnGo.OVvCyC.";
@@ -21,7 +18,6 @@
"audio"
];
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDQOn+imHUzz7KvNYE1mBTjwhMZ0HMyVNwkc6p/6Qak0ejzdyx6mNk9AlKOZB1UQvniWBT8z//u/8DqMT9OL8X0VZmQQTTIpSnvuYRxkH6thkoX9c0umo9GrMGWZN3WIsD71dfiJLMagqPxX7HWgkONBFxJHmBUfP4CXLgLdZs7dUMBm5tILx09zWU7Ttv120NuFdPYENAg8hNka3hjBbXbnDQdp2Y8TPY2Dbcg3MnVZ6Q7LMfKUkVYIoDHEiN6ZAJQaYIU+f2PeNxCb5WqRo2AiZwuzJtQO0VARRIf8hAs5wnX3gU68sWBvLr7payeaYsAyD+C7I4EpyNA8TrwKotrmripv+y5hjHiG7fL97vZEzSfIJH2KEAg7ojGDBbcwAcBKGn4PjwaCdUM7MGm6hj7cMHJf/32rXyc4u7LUZxTjXS5/dKWhF+sCycbBASRlSW93jlnxoUY/zPK4IRnzaF0WL7kUxfBglfFf8UMSgAZNncESNr36hsWFKcFqKUto48= alex@zion.xzdcbj.com.cn"
];
};
};

4
modules/nixos/virtualize/libvirtd/default.nix
View File

@@ -10,8 +10,8 @@
# Ref: https://nixos.wiki/wiki/NixOps/Virtualization
boot = {
kernelModules = [ "kvm-intel" "vfio" "vfio_iommu_type1" "vfio_pci" "vfio_virqfd" ];
kernelParams = [ "intel_iommu=on" "iommu=pt" ];
kernelModules = [ "kvm-amd" "kvm-intel" "vfio" "vfio_iommu_type1" "vfio_pci" "vfio_virqfd" ];
kernelParams = [ "amd_iommu=on" "intel_iommu=on" "iommu=pt" ];
# extraModprobeConfig = "options vfio-pci ids=8086:1901,10de:1b81,10de:10f0";
};
virtualisation.libvirtd = {