Upgrade to 25.11 · ngp.computer/nixos@dd79584

+1 -3

gui.nix

··· 35 35 hardware.graphics = { 36 36 enable = true; 37 37 extraPackages = with pkgs; [ 38 - amdvlk 39 38 libva 40 39 mesa 41 40 rocmPackages.clr.icd ··· 52 51 fira-code-symbols 53 52 noto-fonts 54 53 noto-fonts-cjk-sans 55 - noto-fonts-emoji 56 - noto-fonts-extra 54 + noto-fonts-color-emoji 57 55 nerd-fonts.fira-code 58 56 ]; 59 57

+8 -3

hardware-configuration.nix

··· 17 17 enable = true; 18 18 qemu = { 19 19 runAsRoot = false; 20 - ovmf = { 21 - enable = true; 22 - }; 23 20 }; 24 21 }; 25 22 #boot.extraModulePackages = with config.boot.kernelPackages; [ ]; ··· 43 40 device = "/swapfile"; 44 41 size = 32 * 1024; 45 42 }]; 43 + 44 + # sysctls for Agave 45 + boot.kernel.sysctl."net.core.rmem_default" = 134217728; 46 + boot.kernel.sysctl."net.core.rmem_max" = 134217728; 47 + boot.kernel.sysctl."net.core.wmem_default" = 134217728; 48 + boot.kernel.sysctl."net.core.wmem_max" = 134217728; 49 + boot.kernel.sysctl."vm.max_map_count" = 1000000; 50 + boot.kernel.sysctl."fx.nr_open" = 1000000; 46 51 47 52 # Enables DHCP on each ethernet and wireless interface. In case of scripted networking 48 53 # (the default) this is the recommended approach. When using systemd-networkd it's

-2

i3/config

··· 192 192 bar { 193 193 status_command i3status 194 194 } 195 - 196 - exec barrier

+10 -2

networking.nix

··· 16 16 networking.tempAddresses = "disabled"; 17 17 18 18 networking.useNetworkd = true; 19 - # TODO: static IP @ 192.168.1.2 19 + # TODO: static IP @ 192.168.1.6 20 20 21 21 # Configure network proxy if necessary 22 22 # networking.proxy.default = "http://user:password@proxy:port/"; ··· 25 25 # networking.firewall.allowedTCPPorts = [ ... ]; 26 26 # networking.firewall.allowedUDPPorts = [ ... ]; 27 27 # Or disable the firewall altogether. 28 - # TODO: allow some ports 29 28 networking.firewall = { 30 29 enable = true; 31 30 allowPing = true; 32 31 allowedUDPPorts = [ ]; 32 + allowedUDPPortRanges = [ 33 + # Agave 34 + { from = 8000; to = 8020; } 35 + ]; 33 36 allowedTCPPorts = [ 34 37 2375 35 38 3000 39 + # Agave 40 + 8001 41 + 8899 42 + 8900 43 + 10000 36 44 ]; 37 45 }; 38 46

+1 -2

noah-home.nix

··· 68 68 unstable.janet 69 69 unstable.jpm 70 70 unstable.fennel-ls 71 - graalvm-ce 71 + graalvmPackages.graalvm-ce 72 72 cmake 73 73 ctags 74 74 kotlin ··· 119 119 grim 120 120 wl-clipboard 121 121 playerctl 122 - barrier 123 122 xclip 124 123 zathura 125 124 fuzzel

+1 -1

services.nix

··· 24 24 25 25 # Tailscale 26 26 services.tailscale = { 27 - enable = false; 27 + enable = true; 28 28 useRoutingFeatures = "client"; 29 29 }; 30 30

+18 -2

users.nix

··· 1 1 { pkgs, lib, ... }: 2 2 let 3 3 home-manager = builtins.fetchTarball 4 - "https://github.com/nix-community/home-manager/archive/release-25.05.tar.gz"; 4 + "https://github.com/nix-community/home-manager/archive/release-25.11.tar.gz"; 5 5 in 6 6 { 7 7 ··· 10 10 (import "${home-manager}/nixos") 11 11 ]; 12 12 13 + # PAM configuration 14 + security.pam.loginLimits = [ 15 + { 16 + domain = "*"; 17 + type = "soft"; 18 + item = "nofile"; 19 + value = "100000"; 20 + } 21 + { 22 + domain = "*"; 23 + type = "hard"; 24 + item = "nofile"; 25 + value = "1000000"; 26 + } 27 + ]; 28 + 13 29 # Declarative only optoins. 14 30 # I don't want to allow ad-hoc modifying users on the system. 15 31 # Users must be declared either as part of a package or in this file. ··· 28 44 name = "chiefnoah.keys"; 29 45 # Update this with: 30 46 # `curl https://meta.sr.ht/~chiefnoah.keys | sha256sum` 31 - sha256 = "1cry2r7m7c15ajlcdncdx3ppf6m0pzwgn1d025sq8g4d21n1qpal"; 47 + sha256 = "0aky26a91sxpydzd5bpmsgw2bm92mw793k72apf9niaxlx84qq44"; 32 48 })); 33 49 }; 34 50

Configure Feed

Configure Feed