Compare commits
14 commits
60b18b8e25
...
64decb01d1
Author | SHA1 | Date | |
---|---|---|---|
64decb01d1 | |||
6a765ae4ff | |||
00fab0858d | |||
4d9d033d4c | |||
d5e69efdbb | |||
26763de7b8 | |||
014cd8eb9c | |||
4df412b109 | |||
e7b2d8b59a | |||
dc1de1a343 | |||
62694d458a | |||
a4cdf9b225 | |||
0a54bc95e0 | |||
56242e79b4 |
48
flake.lock
48
flake.lock
|
@ -310,11 +310,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1728337164,
|
||||
"narHash": "sha256-VdRTjJFyq4Q9U7Z/UoC2Q5jK8vSo6E86lHc2OanXtvc=",
|
||||
"lastModified": 1728598744,
|
||||
"narHash": "sha256-sSfvyO5xH3HObHHmh6lp/hcvo7tMjFKd/HXpxyrRnoE=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "038630363e7de57c36c417fd2f5d7c14773403e4",
|
||||
"rev": "342a1d682386d3a1d74f9555cb327f2f311dda6e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -337,11 +337,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1728199407,
|
||||
"narHash": "sha256-x4G0ja//3pT/epOvwxKR1XB7GAW7Yuwiy6RYCOgRjuQ=",
|
||||
"lastModified": 1728632221,
|
||||
"narHash": "sha256-LnBVdKPsreziZkYbeFqiSYP7tPFlprt9ej2QGd2aNlw=",
|
||||
"owner": "nix-community",
|
||||
"repo": "lanzaboote",
|
||||
"rev": "0bc127c631999c9555cae2b0cdad2128ff058259",
|
||||
"rev": "3326a0b3974fc04d991990f6497fe1a7d9892439",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -398,11 +398,11 @@
|
|||
"xwayland-satellite-unstable": "xwayland-satellite-unstable"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1728549008,
|
||||
"narHash": "sha256-9C/Zbp8u2rzI/2uErThBciXxr1ronYKgOtVmisnWE1w=",
|
||||
"lastModified": 1728579099,
|
||||
"narHash": "sha256-cE2rv4xHe9l1xczfJmUnV7pKuDzFM8DtLDYndppiahg=",
|
||||
"owner": "sodiboo",
|
||||
"repo": "niri-flake",
|
||||
"rev": "fc6ad88ab80753d9eef496edd25efb214a71632c",
|
||||
"rev": "3f80dcf1833101dc377b1c4e1659da4b8e86f3eb",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -431,11 +431,11 @@
|
|||
"niri-unstable": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1728463806,
|
||||
"narHash": "sha256-RHfieDDCEjPxtevtpt/IyxBaw4ISjjyY0WGzw7zYCMg=",
|
||||
"lastModified": 1728546258,
|
||||
"narHash": "sha256-iE6O7EBokq/HjjwouHfd7EGmED7TUkB9icSbUfPHWSo=",
|
||||
"owner": "YaLTeR",
|
||||
"repo": "niri",
|
||||
"rev": "e24723125f5ef91983735043fba893a940469686",
|
||||
"rev": "859c0be0e5fa5ccf3c59f0ae1764551a930656fd",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -481,11 +481,11 @@
|
|||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1728472043,
|
||||
"narHash": "sha256-+fUCZ7C34cp+bY5E9Hw4biRyI+IINVsO+sXFCieWkZA=",
|
||||
"lastModified": 1728538411,
|
||||
"narHash": "sha256-f0SBJz1eZ2yOuKUr5CA9BHULGXVSn6miBuUWdTyhUhU=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "4fa56ac6d86a213b556d4db9b1cb43a51b3e40ec",
|
||||
"rev": "b69de56fac8c2b6f8fd27f2eca01dcda8e0a4221",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -525,11 +525,11 @@
|
|||
},
|
||||
"nixpkgs-stable_2": {
|
||||
"locked": {
|
||||
"lastModified": 1728328465,
|
||||
"narHash": "sha256-a0a0M1TmXMK34y3M0cugsmpJ4FJPT/xsblhpiiX1CXo=",
|
||||
"lastModified": 1728500571,
|
||||
"narHash": "sha256-dOymOQ3AfNI4Z337yEwHGohrVQb4yPODCW9MDUyAc4w=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "1bfbbbe5bbf888d675397c66bfdb275d0b99361c",
|
||||
"rev": "d51c28603def282a24fa034bcb007e2bcb5b5dd0",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -557,11 +557,11 @@
|
|||
},
|
||||
"nur": {
|
||||
"locked": {
|
||||
"lastModified": 1728550049,
|
||||
"narHash": "sha256-7oceEn7K0Ee2N9SHRxQK92ljj8VCn1PBA36femqL768=",
|
||||
"lastModified": 1728635778,
|
||||
"narHash": "sha256-P0lNNBexaUCpGnJ+xfZ+A4HRudT+BvMz54t6MkcnNq0=",
|
||||
"owner": "nix-community",
|
||||
"repo": "NUR",
|
||||
"rev": "202de6e51b808ed907886a74f7ea6b4ce0b47555",
|
||||
"rev": "abf82f0f0338c25322e0653c2b7e09814da7b2f7",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -672,11 +672,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1728527353,
|
||||
"narHash": "sha256-GY755PX8CbGH3O9iKqauhkFTdP9WSKcOfOkZBe3SOqw=",
|
||||
"lastModified": 1728613723,
|
||||
"narHash": "sha256-zVVj0PKguM8ZMdLE43YW7dzer3tl9e6i5Qs1fr878+c=",
|
||||
"owner": "oxalica",
|
||||
"repo": "rust-overlay",
|
||||
"rev": "94749eee5a2b351b6893d5bddb0a18f7f01251ac",
|
||||
"rev": "ca93f28abd2147dd9997261dcaeacc5a30dba463",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
|
@ -10,12 +10,18 @@ imports = [
|
|||
wireless
|
||||
]);
|
||||
|
||||
boot.binfmt = {
|
||||
emulatedSystems = [ "aarch64-linux" "riscv64-linux" ];
|
||||
preferStaticEmulators = true;
|
||||
};
|
||||
|
||||
boot.initrd = {
|
||||
luks.devices."luks-2fb93d4f-a0fe-4a49-9e40-3ac38ffe4d75".device = "/dev/disk/by-uuid/2fb93d4f-a0fe-4a49-9e40-3ac38ffe4d75";
|
||||
luks.devices."luks-ea77e674-847f-41b8-9e1d-8b6dd08710e6".device = "/dev/disk/by-uuid/ea77e674-847f-41b8-9e1d-8b6dd08710e6";
|
||||
};
|
||||
|
||||
boot.kernelParams = [
|
||||
"hugepagesz=1G" "hugepages=8"
|
||||
"intel_iommu=on"
|
||||
"nouveau.config=NvGspRm=1"
|
||||
];
|
||||
|
@ -252,7 +258,80 @@ imports = [
|
|||
{ from = 6001; to = 6011; }
|
||||
];
|
||||
|
||||
programs.ssh.knownHosts."zh1830.rsync.net".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJtclizeBy1Uo3D86HpgD3LONGVH0CJ0NT+YfZlldAJd";
|
||||
nix = {
|
||||
distributedBuilds = true;
|
||||
buildMachines = [
|
||||
{
|
||||
hostName = "localhost";
|
||||
protocol = null;
|
||||
maxJobs = 2;
|
||||
speedFactor = 12;
|
||||
systems = [ "x86_64-linux" "aarch64-linux" "riscv64-linux" ];
|
||||
supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" "gccarch-x86-64" "gccarch-x86-64-v2" "gccarch-x86-64-v3" ];
|
||||
}
|
||||
{
|
||||
hostName = "integra.kyouma.net";
|
||||
protocol = "ssh-ng";
|
||||
sshUser = "nix-ssh";
|
||||
maxJobs = 2;
|
||||
speedFactor = 4;
|
||||
systems = [ "aarch64-linux" ];
|
||||
supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
|
||||
sshKey = "/etc/keys/nix-ssh";
|
||||
}
|
||||
] ++ lib.forEach [ "01" "02" "03" "04" "05" "06" "07" "08" ] (num: {
|
||||
hostName = "build-worker-${num}";
|
||||
protocol = "ssh-ng";
|
||||
sshUser = "root";
|
||||
maxJobs = 4;
|
||||
speedFactor = 16;
|
||||
systems = [ "x86_64-linux" "i686-linux" ];
|
||||
supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" "gccarch-x86-64" "gccarch-x86-64-v2" "gccarch-x86-64-v3" ];
|
||||
sshKey = "/etc/keys/nix-ssh";
|
||||
});
|
||||
};
|
||||
|
||||
programs.ssh = {
|
||||
knownHosts = {
|
||||
"[build-worker-kyoumanet.fly.dev]:2201".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDL2M97UBHg9aUfjDUxzmzg1r0ga0m3/stummBVwuEAB";
|
||||
"[build-worker-kyoumanet.fly.dev]:2202".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOTwVKL0P0chPM2Gz23rbT94844+w1CGJdCaZdzfjThz";
|
||||
"[build-worker-kyoumanet.fly.dev]:2203".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAjy2eZGJQeAYy0+fLgW9jiS0jVY2LInY0NDMnzCvvKp";
|
||||
"[build-worker-kyoumanet.fly.dev]:2204".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN72OyD9LYy4hq0WZ7ie5RPV+G54UreEJiA/RubjGoe9";
|
||||
"[build-worker-kyoumanet.fly.dev]:2205".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICNh1o1I98XrI2XmOI6Q0aHPfyLCIQwKkKOxGUUeXL9v";
|
||||
"[build-worker-kyoumanet.fly.dev]:2206".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGf0kxGgwOG9KhUhvxxTSiQC5YikrzZXKDgSpBw33qN4";
|
||||
"[build-worker-kyoumanet.fly.dev]:2207".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL9z95a6Fn/dB+iNigEYpuJdBnBwCkIZYaKHcFbGP+RY";
|
||||
"[build-worker-kyoumanet.fly.dev]:2208".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAk+FNMhTfAVqk3MfLp4QiG/i5ti53DlpnC0q+sOvU9O";
|
||||
"integra.kyouma.net".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIBwEQiSfaDrUAwgul4mktusBPcIVxI4pLNDh9DPopVU";
|
||||
"zh1830.rsync.net".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJtclizeBy1Uo3D86HpgD3LONGVH0CJ0NT+YfZlldAJd";
|
||||
};
|
||||
|
||||
extraConfig = ''
|
||||
Host build-worker-01
|
||||
Hostname build-worker-kyoumanet.fly.dev
|
||||
Port 2201
|
||||
Host build-worker-02
|
||||
Hostname build-worker-kyoumanet.fly.dev
|
||||
Port 2202
|
||||
Host build-worker-03
|
||||
Hostname build-worker-kyoumanet.fly.dev
|
||||
Port 2203
|
||||
Host build-worker-04
|
||||
Hostname build-worker-kyoumanet.fly.dev
|
||||
Port 2204
|
||||
Host build-worker-05
|
||||
Hostname build-worker-kyoumanet.fly.dev
|
||||
Port 2205
|
||||
Host build-worker-06
|
||||
Hostname build-worker-kyoumanet.fly.dev
|
||||
Port 2206
|
||||
Host build-worker-07
|
||||
Hostname build-worker-kyoumanet.fly.dev
|
||||
Port 2207
|
||||
Host build-worker-08
|
||||
Hostname build-worker-kyoumanet.fly.dev
|
||||
Port 2208
|
||||
'';
|
||||
};
|
||||
|
||||
services.beesd.filesystems.root = {
|
||||
spec = "UUID=039aa386-a39d-4329-bcf0-48936b938db1";
|
||||
|
|
|
@ -36,6 +36,10 @@ in {
|
|||
device = "/dev/vda";
|
||||
};
|
||||
|
||||
boot.kernelParams = [
|
||||
"hugepagesz=1G" "hugepages=1"
|
||||
];
|
||||
|
||||
boot.kernelPackages = let
|
||||
inherit (self.packages.x86_64-linux) linux-hardened;
|
||||
in pkgs.linuxPackagesFor (linux-hardened.override {
|
||||
|
@ -108,6 +112,12 @@ in {
|
|||
'';
|
||||
};
|
||||
|
||||
services.akkoma.dist.extraFlags = [
|
||||
"-MMlp" "on"
|
||||
"-MMsco" "true"
|
||||
"-MMscs" "1024"
|
||||
];
|
||||
|
||||
services.akkoma.config = let
|
||||
elixir = pkgs.formats.elixirConf { };
|
||||
in with elixir.lib; {
|
||||
|
|
|
@ -13,7 +13,7 @@
|
|||
|
||||
hardware.graphics.enable = false;
|
||||
|
||||
security.lockKernelModules = true;
|
||||
security.lockKernelModules = lib.mkIf (config.boot.kernelPackages.kernel.config.isEnabled "MODULES") true;
|
||||
security.protectKernelImage = true;
|
||||
services.openssh.enable = true;
|
||||
services.openssh.openFirewall = true;
|
||||
|
|
|
@ -140,6 +140,6 @@
|
|||
|
||||
systemd.tmpfiles.rules = [
|
||||
"w- /sys/kernel/mm/transparent_hugepage/enabled - - - - always"
|
||||
"w- /sys/kernel/mm/transparent_hugepage/defrag - - - - defer+madvise"
|
||||
"w- /sys/kernel/mm/transparent_hugepage/defrag - - - - defer"
|
||||
];
|
||||
}
|
||||
|
|
|
@ -3,6 +3,15 @@ let
|
|||
inherit (nixpkgs.lib) optionalAttrs toList;
|
||||
inherit (prev.stdenv) hostPlatform;
|
||||
in {
|
||||
numactl = prev.numactl.overrideAttrs (prevAttrs: {
|
||||
patches = prevAttrs.patches or [ ] ++ [
|
||||
(final.fetchpatch {
|
||||
url = "https://github.com/numactl/numactl/commit/f9deba0c8404529772468d6dd01389f7dbfa5ba9.patch";
|
||||
hash = "sha256-TmWfD99YaSIHA5PSsWHE91GSsdsVgVU+qIow7LOwOGw=";
|
||||
})
|
||||
];
|
||||
});
|
||||
|
||||
redis = prev.redis.overrideAttrs ({
|
||||
doCheck = false;
|
||||
});
|
||||
|
|
|
@ -15,17 +15,46 @@ in {
|
|||
secureBuild = true;
|
||||
};
|
||||
|
||||
firefox = final.wrapFirefox final.firefox-unwrapped { };
|
||||
mpv = final.mpv-unwrapped.wrapper { mpv = final.mpv-unwrapped; };
|
||||
thunderbird = final.wrapThunderbird final.thunderbird-unwrapped { };
|
||||
firefox = (final.wrapFirefox final.firefox-unwrapped { }).overrideAttrs (prevAttrs: {
|
||||
buildCommand = prevAttrs.buildCommand + ''
|
||||
sed -i \
|
||||
'$i export MIMALLOC_RESERVE_HUGE_OS_PAGES=2' \
|
||||
"$out/bin/firefox"
|
||||
'';
|
||||
});
|
||||
|
||||
thunderbird = (final.wrapThunderbird final.thunderbird-unwrapped { }).overrideAttrs (prevAttrs: {
|
||||
buildCommand = prevAttrs.buildCommand + ''
|
||||
sed -i \
|
||||
'$i export MIMALLOC_RESERVE_HUGE_OS_PAGES=2' \
|
||||
"$out/bin/thunderbird"
|
||||
'';
|
||||
});
|
||||
|
||||
fractal = prev.fractal.overrideAttrs (prevAttrs: {
|
||||
nativeBuildInputs = prevAttrs.nativeBuildInputs or [ ] ++ [ final.makeBinaryWrapper ];
|
||||
buildInputs = prevAttrs.buildInputs or [ ] ++ [ final.mimalloc ];
|
||||
|
||||
NIX_RUSTFLAGS = lib.toList prevAttrs.NIX_RUSTFLAGS or [ ] ++ [ "-C" "link-arg=-lmimalloc" ];
|
||||
|
||||
postInstall = prevAttrs.postInstall or "" + ''
|
||||
wrapProgram "$out/bin/fractal" \
|
||||
--set MIMALLOC_RESERVE_HUGE_OS_PAGES 1
|
||||
'';
|
||||
});
|
||||
|
||||
mpv = final.mpv-unwrapped.wrapper {
|
||||
mpv = final.mpv-unwrapped;
|
||||
extraMakeWrapperArgs = [ "--set" "MIMALLOC_RESERVE_HUGE_OS_PAGES" "1" ];
|
||||
};
|
||||
} // lib.genAttrs [
|
||||
"bat"
|
||||
"bottom"
|
||||
"cryptsetup"
|
||||
"dbus-broker"
|
||||
"erlang"
|
||||
"fd"
|
||||
"firefox-unwrapped"
|
||||
"fractal"
|
||||
"fuzzel"
|
||||
"helix"
|
||||
"kitty"
|
||||
|
@ -58,7 +87,7 @@ in {
|
|||
NIX_LDFLAGS = toString (lib.toList prevAttrs.env.NIX_LDFLAGS or [ ] ++ [ "-lmimalloc" ]);
|
||||
};
|
||||
|
||||
NIX_RUSTFLAGS = lib.toList prevAttrs.NIX_RUSTFLAGS or [ ] ++ [ "-C link-arg=-lmimalloc" ];
|
||||
NIX_RUSTFLAGS = lib.toList prevAttrs.NIX_RUSTFLAGS or [ ] ++ [ "-C" "link-arg=-lmimalloc" ];
|
||||
} // lib.optionalAttrs (!prevAttrs ? env.NIX_LDFLAGS) {
|
||||
NIX_LDFLAGS = lib.toList prevAttrs.NIX_LDFLAGS or [ ] ++ [ "-lmimalloc" ];
|
||||
}))
|
||||
|
|
Loading…
Reference in a new issue