{ lib, config, pkgs, #simintech, stm32cubemx, packettracer7, inputs, ... }: let serverIP = "10.0.174.12"; buildNodeYggIP = "200:ccc6:1361:5c84:aba0:1244:35f5:c903"; hasBootPartition = config.fileSystems ? "/boot"; isNvidia = (builtins.readFile ( pkgs.runCommandLocal "isNvidia" { } '' ${pkgs.pciutils}/bin/lspci | ${pkgs.busybox}/bin/grep NVIDIA | ${pkgs.busybox}/bin/grep VGA > $out || true '' )) != ""; isAdata = # ADATA is a famous cheap troubleful NVMe controllers (builtins.readFile ( pkgs.runCommandLocal "isAdata" { } '' ${pkgs.pciutils}/bin/lspci | ${pkgs.busybox}/bin/grep ADATA | ${pkgs.busybox}/bin/grep -i NVMe > $out || true '' )) != ""; in { users.users.student = { isNormalUser = true; initialPassword = "student"; # вход беспарольный, но пароль student extraGroups = [ "video" "sound" "input" "storage" "dialout" ]; }; imports = [ ./hardware-configuration.nix ]; programs.tmux = { enable = true; withUtempter = true; historyLimit = 5000; clock24 = true; }; boot.loader = if hasBootPartition then { efi.canTouchEfiVariables = true; timeout = 30; grub = { enable = true; efiSupport = true; device = "nodev"; useOSProber = true; theme = "${pkgs.sleek-grub-theme.override { withStyle = "orange"; withBanner = "Выберите ОС"; }}"; }; } else { timeout = 5; grub = { enable = true; device = "/dev/sda"; theme = "${pkgs.sleek-grub-theme.override { withStyle = "orange"; withBanner = "Загрузчик Linux"; }}"; }; }; time.hardwareClockInLocalTime = hasBootPartition; # настройки Nix nixpkgs.config = { allowUnfree = true; nvidia.acceptLicense = true; }; nix.settings = { extra-substituters = [ "http://nixos.builds.node" ]; trusted-public-keys = [ "nixos.builds.node:E/XNkcdzB0EyTyEJuOTXJH8qynxgCfQ87JHkbD88uF8=" ]; auto-optimise-store = true; }; nix.extraOptions = '' experimental-features = nix-command flakes ''; services.udev.extraRules = if isAdata then '' ACTION=="add|change",KERNEL=="nvme[0-9]", ATTR{queue/scheduler}="none" '' else ""; boot.kernelParams = lib.optionals isNvidia [ "nvidia-drm.modeset=1" ] ++ lib.optionals isAdata [ "nvme_core.default_ps_max_latency_us=0" "nvme_core.io_timeout=4294967295" ]; boot.extraModprobeConfig = if isNvidia then "options nvidia " + lib.concatStringsSep " " [ "NVreg_UsePageAttributeTable=1" "NVreg_EnablePCIeGen3=1" "NVreg_RegistryDwords=RMUseSwI2c=0x01;RMI2cSpeed=100" ] else ""; ##### СЕТЕВЫЕ НАСТРОЙКИ ####### services.yggdrasil = { enable = true; persistentKeys = true; settings = { Peers = [ "tcp://${serverIP}:12345" ]; }; }; # каждый компьютер имеет выход в интернет networking.networkmanager.enable = true; networking.hostName = "nixos"; networking.firewall.allowedTCPPorts = [ 22 ] ++ lib.optionals config.services.harmonia.enable [ 80 ]; # каждый компьютер знает, что kafpi.local - это адрес нашего сервера networking.hosts."${serverIP}" = [ "kafpi.local" ]; networking.hosts."${buildNodeYggIP}" = [ "nixos.builds.node" ]; time.timeZone = "Europe/Moscow"; i18n.defaultLocale = "ru_RU.UTF-8"; environment.systemPackages = with pkgs; [ vim tree wget git ]; services.openssh = { enable = true; settings.PermitRootLogin = "yes"; }; users.users.root.openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCyBYo/E/FkFZVABzMixLS2TWaipfN5T24y8f+E6Px1t+IG8PLnQ38dLJiCR8k971DOycLuJUfKWsC06BK3XLWTO0+PmpfGKNT4NI6dwP2REl/umaignP/QQSs2w9Ff49WqPjIYTSmATTsCNZSVB0VtM0eJ+Y9Ff4CXb1frtt4GYztk6XB3jc3TxV72qzB0g6DqrHkf6pT5YAq2UeuFGZYSZCqBvVXCGcvKHkO1KBubuo95itVA5XbzK3INQTZpQowbtK4ULhUYlaGBcX5tYq1bdiTCDlTcLt6MfxYfFHSFiHbJOzdGPd+mXM7urOQhq49uQOf07dHt9qAzQHajItQb+X3FOgyFt4n6Y9Q37gn/6KC3PH1zClldq9DtgttuG/Xk15q+uvCldji9YIgb80aRHBIp6DY8PlYodmGGesBLiBMGQ7hgKupfkqszjfMkxnMYIkZodUCQVgaqsxsEQ7lD84JJMgBY8HkNLxKhy+6dP6kTc4vTtrpjezq/Ph95PFE= bednov@kafpi-108-1-mainserver2" ]; # НЕ МЕНЯТЬ, иначе придётся все компы переустанавливать, а не обновлять system.stateVersion = "24.05"; }