mikael/idiosyn
mikael/idiosyn
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

nixos/muon: Use platform configuration for kernel

Browse source
This commit is contained in:
Mikael 2024-11-06 10:49:29 +01:00
parent 929decbc84
commit 96114beca1
Signed by: mikael
SSH key fingerprint: SHA256:21QyD2Meiot7jOUVitIR5YkGB/XuXdCvLW1hE6dsri0
2 changed files with 6 additions and 127 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
flake.lock
View file

@ -349,11 +349,11 @@
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1730844490,
"narHash": "sha256-g2cZqD4KwnFsM6dhXzfrdOUMf0GgTlZhQdtBtUa/b1U=",
"lastModified": 1730847151,
"narHash": "sha256-8C2YMErF1bYnfXVLrYN7TVIH7HYCWM0xJj2s7kmME34=",
"ref": "refs/heads/main",
"rev": "f402bb1d4d81fc92d89f325d0aee4002560a93f6",
"revCount": 1,
"rev": "efc47b94e5aa1cc5c805f4463739afb3988bb1f7",
"revCount": 3,
"type": "git",
"url": "https://woof.rip/mikael/linux-hardened.git"
},

125
nixos/config/muon.nix
View file

@ -27,20 +27,9 @@ imports = [
];
boot.kernelPackages = let
inherit (linux-hardened.packages.x86_64-linux) default;
in pkgs.linuxPackagesFor (default.override {
instSetArch = "alderlake";
inherit (linux-hardened.packages.x86_64-linux) thinkpad-x1-extreme-gen5;
in pkgs.linuxPackagesFor (thinkpad-x1-extreme-gen5.override {
extraFirmware = [
"i915/adlp_dmc.bin"
"i915/adlp_dmc_ver2_16.bin"
"i915/adlp_guc_70.bin"
"i915/tgl_huc.bin"
"intel/ibt-0040-0041.sfi"
"intel/ibt-0040-0041.ddc"
"intel/sof/sof-adl.ri"
"intel/sof-tplg/sof-hda-generic-2ch.tplg"
"iwlwifi-so-a0-gf-a0-89.ucode"
"iwlwifi-so-a0-gf-a0.pnvm"
"nvidia/ga107/acr/ucode_unload.bin"
"nvidia/ga107/acr/ucode_asb.bin"
"nvidia/ga107/acr/ucode_ahesasc.bin"
@ -58,9 +47,6 @@ imports = [
"nvidia/ga107/gsp/booter_unload-535.113.01.bin"
"nvidia/ga107/gsp/bootloader-535.113.01.bin"
"nvidia/ga107/gsp/gsp-535.113.01.bin"
"regulatory.db"
"regulatory.db.p7s"
"rtl_nic/rtl8153b-2.fw"
];
profiles = {
@ -72,135 +58,28 @@ imports = [
};
extraConfig = with linux-hardened.lib.kernel; {
X86_INTEL_LPSS = true;
CPU_SUP_INTEL = true;
CPU_SUP_AMD = false;
NR_CPUS = 20;
X86_MCE_INTEL = true;
ACPI_DPTF = true;
DPTF_POWER = true;
DPTF_PCH_FIVR = true;
INTEL_IDLE = true;
VIRTUALIZATION = true;
KVM = true;
KVM_INTEL = true;
KVM_SMM = true;
IP_MULTICAST = true;
IPV6_ROUTER_PREF = true;
IPV6_ROUTE_INFO = true;
IPV6_OPTIMISTIC_DAD = true;
BT_INTEL = true;
BT_HCIBTUSB = true;
EISA = true;
EISA_PCI_EISA = true;
EISA_VIRTUAL_ROOT = false;
EISA_NAMES = true;
NVME_CORE = true;
BLK_DEV_NVME = true;
NVME_VERBOSE_ERRORS = true;
NVME_HWMON = true;
MISC_RTSX = true;
INTEL_MEI = true;
MISC_RTSX_PCI = true;
ETHERNET = true;
AQTION = true;
WLAN = true;
IWLWIFI = true;
IWLMVM = true;
INPUT_MOUSEDEV = true;
INPUT_JOYDEV = true;
KEYBOARD_ATKBD = true;
INPUT_MOUSE = true;
MOUSE_PS2 = true;
MOUSE_PS2_TRACKPOINT = true;
INPUT_JOYSTICK = true;
INTEL_PCH_THERMAL = true;
MFD_CORE = true;
MFD_INTEL_LPSS_PCI = true;
I2C = true;
I2C_I801 = true;
SPI = true;
SPI_MEM = true;
SPI_INTEL_PCI = true;
INT340X_THERMAL = true;
VIDEO = true;
VGA_SWITCHEROO = true;
DRM = true;
DRM_FBDEV_EMULATION = true;
DRM_NOUVEAU = true;
DRM_NOUVEAU_SVM = true;
DRM_NOUVEAU_GSP_DEFAULT = true;
DRM_I915 = true;
BACKLIGHT_CLASS_DEVICE = true;
HDMI = true;
SND_HDA_INTEL = true;
SND_HDA_HWDEP = true;
SND_HDA_CODEC_REALTEK = true;
SND_HDA_CODEC_HDMI = true;
SND_HDA_POWER_SAVE_DEFAULT = 2;
SND_SOC = true;
SND_SOC_SOF_TOPLEVEL = true;
SND_SOC_SOF_PCI = true;
SND_SOC_SOF_INTEL_TOPLEVEL = true;
SND_SOC_SOF_TIGERLAKE = true;
SND_SOC_SOF_HDA_LINK = true;
SND_SOC_SOF_HDA_AUDIO_CODEC = true;
SND_SOC_DMIC = true;
HID_LENOVO = true;
HID_LOGITECH = true;
USB_ACM = true;
USB_SERIAL = true;
USB_SERIAL_PL2303 = true;
EDAC_IGEN6 = true;
ACPI_WMI = true;
MXM_WMI = true;
THINKPAD_ACPI = true;
THINKPAD_ACPI_ALSA_SUPPORT = true;
THINKPAD_ACPI_VIDEO = true;
INTEL_TURBO_MAX_3 = true;
INTEL_VSEC = true;
INTEL_IOMMU = true;
INTEL_IOMMU_DEFAULT_ON = true;
SOUNDWIRE = true;
SOUNDWIRE_INTEL = true;
INTEL_IDMA64 = true;
INTEL_RAPL = true;
BTRFS_FS = true;
BTRFS_FS_POSIX_ACL = true;
FUSE_FS = true;