diff --git a/system/machine/MacPro31/configuration.nix b/system/machine/MacPro31/configuration.nix index 6b7d3f7..66b0834 100644 --- a/system/machine/MacPro31/configuration.nix +++ b/system/machine/MacPro31/configuration.nix @@ -22,6 +22,10 @@ networking.hostName = "MacPro31-NixOS"; + # Elderly host: a compressed RAM swap softens memory pressure (earlyoom in + # workstation.nix is the backstop). + zramSwap.enable = true; + # This host accepts SSH, so open 22 (the firewall itself is enabled in # workstation.nix with a default-deny policy). services.openssh.enable = true; diff --git a/system/machine/T400/configuration.nix b/system/machine/T400/configuration.nix index 361130c..52c8931 100644 --- a/system/machine/T400/configuration.nix +++ b/system/machine/T400/configuration.nix @@ -1,7 +1,7 @@ # ThinkPad T400 (NixOS). Shared laptop options live in ../../modules/laptop.nix; # only host-specific settings are here. Install notes (boot variants, GPU, # partitions): see ./README.md. -{ ... }: +{ config, ... }: { imports = [ @@ -31,6 +31,16 @@ # the radeon firmware needed by the discrete GPU below. hardware.cpu.intel.updateMicrocode = true; + # Battery longevity: cap charging to 75-80%. tlp itself comes from the + # nixos-hardware lenovo-thinkpad profile; tp_smapi supplies the threshold + # sysfs on this 2008-era ThinkPad (kernel-native natacpi is too new for it). + boot.kernelModules = [ "tp_smapi" ]; + boot.extraModulePackages = [ config.boot.kernelPackages.tp_smapi ]; + services.tlp.settings = { + START_CHARGE_THRESH_BAT0 = 75; + STOP_CHARGE_THRESH_BAT0 = 80; + }; + # This T400 has the optional discrete GPU fitted: an ATI Mobility Radeon HD # 3470 (RV620), driven by the open `radeon` KMS driver. Load it in the initrd # for early modesetting (clean Sway/Wayland start); firmware comes from diff --git a/system/modules/laptop.nix b/system/modules/laptop.nix index 211beab..99bb142 100644 --- a/system/modules/laptop.nix +++ b/system/modules/laptop.nix @@ -12,4 +12,13 @@ enable = true; settings.General.EnableNetworkConfiguration = true; }; + + # Bluetooth. The Asahi MBP loads Apple's BT firmware (see its host config) and + # the T400 has an optional BT module; enable bluez on both, with blueman as the + # GUI/tray manager for the Sway session. + hardware.bluetooth = { + enable = true; + powerOnBoot = true; + }; + services.blueman.enable = true; } diff --git a/system/modules/workstation.nix b/system/modules/workstation.nix index a8e52b1..fcd58ea 100644 --- a/system/modules/workstation.nix +++ b/system/modules/workstation.nix @@ -5,12 +5,16 @@ # The bootloader is NOT set here -- it is firmware-specific, not form-factor: # UEFI hosts (MBP, Mac Pro 3,1) use systemd-boot, the BIOS-only T400 uses GRUB. # Each machine config declares its own. -{ ... }: +{ lib, pkgs, ... }: { features.swayDesktop.enable = true; console.keyMap = "dvorak"; + # Intel thermal management. x86 only -- the Asahi MBP governs its own SoC + # thermals, and thermald is an Intel-platform daemon. + services.thermald.enable = lib.mkIf pkgs.stdenv.hostPlatform.isx86_64 true; + # Default-deny inbound. Hosts that run a listening service open their own # ports next to where the service is enabled (e.g. sshd -> 22 on X1). networking.firewall.enable = true; @@ -20,6 +24,14 @@ services.fstrim.enable = true; boot.tmp.cleanOnBoot = true; + # Userspace OOM killer: act on memory pressure early instead of letting the + # kernel OOM-thrash. Matters on the 4 GiB T400 and the elderly Mac Pro. + services.earlyoom.enable = true; + + # Firmware updates via LVFS. No-op on the Asahi MBP (Apple-managed firmware), + # useful for UEFI/SSD updates on the x86 hosts. + services.fwupd.enable = true; + # Audio. PipeWire with the PulseAudio shim covers every graphical host; no # per-machine audio config is needed. services.pipewire = {