From ebff5aeba6534d00a4244e938ce99a11325e2633 Mon Sep 17 00:00:00 2001 From: Emma Thorpe Date: Thu, 4 Jun 2026 15:22:07 +0100 Subject: [PATCH] feat(nixos): replace X1 with ThinkPad T400; add Mac Pro 3,1 desktop - lyrathorpe-t400 replaces lyrathorpe-x1c: ThinkPad T400 (legacy BIOS -> GRUB, Intel microcode + redistributable firmware for iwlwifi, pipewire, sshd). - lyrathorpe-macpro31: new desktop host (portable = false) importing desktop.nix. Mac Pro 3,1 has 64-bit EFI -> systemd-boot; wired NetworkManager via desktop.nix; desktop status bar (temperature + net, no battery). Both ship hand-written placeholder hardware-configuration.nix (root/swap/ESP by label, GRUB device /dev/sda) to be regenerated with nixos-generate-config and committed at install time. All five host configs evaluate; nixfmt clean. Co-Authored-By: Claude Opus 4.8 (1M context) --- flake.nix | 20 ++++++- system/machine/MacPro31/configuration.nix | 57 +++++++++++++++++++ .../MacPro31/hardware-configuration.nix | 52 +++++++++++++++++ system/machine/T400/configuration.nix | 43 ++++++++++++++ .../machine/T400/hardware-configuration.nix | 44 ++++++++++++++ system/machine/X1/configuration.nix | 33 ----------- system/machine/X1/hardware-configuration.nix | 42 -------------- 7 files changed, 214 insertions(+), 77 deletions(-) create mode 100644 system/machine/MacPro31/configuration.nix create mode 100644 system/machine/MacPro31/hardware-configuration.nix create mode 100644 system/machine/T400/configuration.nix create mode 100644 system/machine/T400/hardware-configuration.nix delete mode 100644 system/machine/X1/configuration.nix delete mode 100644 system/machine/X1/hardware-configuration.nix diff --git a/flake.nix b/flake.nix index fe4d937..c860a3e 100644 --- a/flake.nix +++ b/flake.nix @@ -192,12 +192,12 @@ ]; }; - lyrathorpe-x1c = { + lyrathorpe-t400 = { system = "x86_64-linux"; username = "lyrathorpe"; fullName = "Lyra Thorpe"; modules = [ - ./system/machine/X1/configuration.nix + ./system/machine/T400/configuration.nix ./system/modules/laptop.nix ./lyrathorpe/swaywm.nix ]; @@ -207,6 +207,22 @@ ]; }; + lyrathorpe-macpro31 = { + system = "x86_64-linux"; + username = "lyrathorpe"; + fullName = "Lyra Thorpe"; + portable = false; + modules = [ + ./system/machine/MacPro31/configuration.nix + ./system/modules/desktop.nix + ./lyrathorpe/swaywm.nix + ]; + homeModules = [ + ./lyrathorpe/home + ./lyrathorpe/home/desktop.nix + ]; + }; + emmathorpe-edaas = { system = "x86_64-linux"; username = "emmathorpe"; diff --git a/system/machine/MacPro31/configuration.nix b/system/machine/MacPro31/configuration.nix new file mode 100644 index 0000000..182a348 --- /dev/null +++ b/system/machine/MacPro31/configuration.nix @@ -0,0 +1,57 @@ +# Apple Mac Pro 3,1 (Early 2008, dual Xeon Harpertown, x86_64). Desktop host: +# shared graphical/wired options live in ../../modules/desktop.nix; only +# host-specific settings are here. +{ ... }: + +{ + imports = [ + ./hardware-configuration.nix + ]; + + # The Mac Pro 3,1 has 64-bit EFI (confirmed by the owner), so boot via + # systemd-boot like the MBP -- no GRUB/BIOS shim needed. + boot.loader.systemd-boot.enable = true; + # Apple's EFI does not reliably support efibootmgr NVRAM writes; leave the + # firmware vars untouched. + boot.loader.efi.canTouchEfiVariables = false; + # Apple-EFI quirk: if the Mac does not pick up the bootloader at the boot + # picker, install it to the fallback path \EFI\BOOT\BOOTX64.EFI and/or + # "bless" the ESP from macOS. Uncomment to write the removable fallback path: + # boot.loader.efi.efiInstallAsRemovable = true; + + networking.hostName = "MacPro31-NixOS"; + + # This host accepts SSH, so open 22 (the firewall itself is enabled in + # workstation.nix with a default-deny policy). + services.openssh.enable = true; + networking.firewall.allowedTCPPorts = [ 22 ]; + + services.pipewire = { + enable = true; + pulse.enable = true; + }; + + # No fingerprint hardware; empty service still lets swaylock authenticate via + # password. + security.pam.services.swaylock = { }; + + # Dual Harpertown Xeon microcode + redistributable firmware (e.g. GPU/NIC + # blobs). + hardware.cpu.intel.updateMicrocode = true; + hardware.enableRedistributableFirmware = true; + + # GPU note: the stock card varies between units -- ATI Radeon HD 2600 XT or + # NVIDIA GeForce 8800 GT. Sway needs a working KMS/modesetting driver; do NOT + # install a proprietary blob here. Depending on the installed card, rely on + # the open kernel driver: + # - ATI Radeon HD 2600 XT -> "radeon" (older) or "amdgpu" KMS + # - NVIDIA GeForce 8800 GT -> "nouveau" KMS + # These come up automatically via the in-tree drivers + KMS, and the graphics + # stack itself is enabled by swaywm.nix. If a card needs to be forced, add it + # here, e.g. `services.xserver.videoDrivers = [ "radeon" ];` (or "nouveau"), + # and/or `boot.initrd.kernelModules = [ "radeon" ];` in + # hardware-configuration.nix for early KMS. + + # See `man configuration.nix` / the stateVersion docs before changing. + system.stateVersion = "26.05"; +} diff --git a/system/machine/MacPro31/hardware-configuration.nix b/system/machine/MacPro31/hardware-configuration.nix new file mode 100644 index 0000000..713a78e --- /dev/null +++ b/system/machine/MacPro31/hardware-configuration.nix @@ -0,0 +1,52 @@ +# PLACEHOLDER -- hand-written, not machine-generated. Regenerate on the real +# Mac Pro 3,1 with `nixos-generate-config` and commit the result. The device +# labels below are guesses; replace them with the generated UUIDs (or label the +# partitions accordingly at install time). +{ + config, + lib, + modulesPath, + ... +}: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ + "ahci" + "ata_piix" + "ehci_pci" + "uhci_hcd" + "firewire_ohci" + "usb_storage" + "sd_mod" + "sr_mod" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + # EFI System Partition for systemd-boot. Label the ESP `ESP` at install, or + # replace with the generated UUID. + fileSystems."/boot" = { + device = "/dev/disk/by-label/ESP"; + fsType = "vfat"; + }; + + # Label your root partition `nixos` at install, or replace with the generated UUID. + fileSystems."/" = { + device = "/dev/disk/by-label/nixos"; + fsType = "ext4"; + }; + + swapDevices = [ + { device = "/dev/disk/by-label/swap"; } + ]; + + networking.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/system/machine/T400/configuration.nix b/system/machine/T400/configuration.nix new file mode 100644 index 0000000..b941349 --- /dev/null +++ b/system/machine/T400/configuration.nix @@ -0,0 +1,43 @@ +# ThinkPad T400 (NixOS). Shared laptop options live in ../../modules/laptop.nix; +# only host-specific settings are here. +{ ... }: + +{ + imports = [ + ./hardware-configuration.nix + ]; + + # The T400 is legacy BIOS only (no UEFI), so boot via GRUB in BIOS mode. + # `device` must point at the actual install disk -- adjust if it is not /dev/sda. + boot.loader.grub = { + enable = true; + device = "/dev/sda"; + }; + + networking.hostName = "T400-NixOS"; + + console.font = "Lat2-Terminus16"; + + services.pipewire = { + enable = true; + pulse.enable = true; + }; + + # This host accepts SSH, so open 22 (the firewall itself is enabled in + # laptop.nix with a default-deny policy). + services.openssh.enable = true; + networking.firewall.allowedTCPPorts = [ 22 ]; + + # The T400's fingerprint reader differs/may be absent; empty service still + # lets swaylock authenticate via password. + security.pam.services.swaylock = { }; + + # Intel Core 2 (Penryn) microcode + redistributable firmware for the Intel + # WiFi Link 5100/5300 iwlwifi blobs. The GMA 4500MHD works out of the box via + # i915/KMS, so no extra graphics config is needed. + hardware.cpu.intel.updateMicrocode = true; + hardware.enableRedistributableFirmware = true; + + # See `man configuration.nix` / the stateVersion docs before changing. + system.stateVersion = "26.05"; +} diff --git a/system/machine/T400/hardware-configuration.nix b/system/machine/T400/hardware-configuration.nix new file mode 100644 index 0000000..a68a562 --- /dev/null +++ b/system/machine/T400/hardware-configuration.nix @@ -0,0 +1,44 @@ +# PLACEHOLDER -- hand-written, not machine-generated. Regenerate on the real +# T400 with `nixos-generate-config` and commit the result. The device labels +# below are guesses; replace them with the generated UUIDs (or label the +# partitions accordingly at install time). +{ + config, + lib, + modulesPath, + ... +}: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ + "ahci" + "ata_piix" + "ehci_pci" + "uhci_hcd" + "usb_storage" + "sd_mod" + "sr_mod" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + # Label your root partition `nixos` at install, or replace with the generated UUID. + fileSystems."/" = { + device = "/dev/disk/by-label/nixos"; + fsType = "ext4"; + }; + + swapDevices = [ + { device = "/dev/disk/by-label/swap"; } + ]; + + networking.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/system/machine/X1/configuration.nix b/system/machine/X1/configuration.nix deleted file mode 100644 index bb31107..0000000 --- a/system/machine/X1/configuration.nix +++ /dev/null @@ -1,33 +0,0 @@ -# ThinkPad X1 (NixOS). Shared laptop options live in ../../modules/laptop.nix; -# only host-specific settings are here. -{ ... }: - -{ - imports = [ - ./hardware-configuration.nix - ]; - - boot.loader.efi.canTouchEfiVariables = true; - - networking.hostName = "X1-NixOS"; - networking.domain = "client.cbg.emmaisvery.gay"; - - console.font = "Lat2-Terminus16"; - - services.pipewire = { - enable = true; - pulse.enable = true; - }; - - # This host accepts SSH, so open 22 (the firewall itself is enabled in - # laptop.nix with a default-deny policy). - services.openssh.enable = true; - networking.firewall.allowedTCPPorts = [ 22 ]; - - # Fingerprint reader: allow swaylock to authenticate via fprintd. - services.fprintd.enable = true; - security.pam.services.swaylock.fprintAuth = true; - - # See `man configuration.nix` / the stateVersion docs before changing. - system.stateVersion = "24.11"; -} diff --git a/system/machine/X1/hardware-configuration.nix b/system/machine/X1/hardware-configuration.nix deleted file mode 100644 index 888cd4a..0000000 --- a/system/machine/X1/hardware-configuration.nix +++ /dev/null @@ -1,42 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "/dev/disk/by-uuid/a7145534-b122-4899-a75a-3d2e78474d6b"; - fsType = "ext4"; - }; - - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/1338-3D4F"; - fsType = "vfat"; - options = [ "fmask=0077" "dmask=0077" ]; - }; - - swapDevices = - [ { device = "/dev/disk/by-uuid/e553c8dc-9d5a-48ec-87bc-9c86ce5932a4"; } - ]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true; - # networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true; - # networking.interfaces.wwan0.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -}