From 27b94ccb516f58a8f7f027df75bde490af9c1620 Mon Sep 17 00:00:00 2001
From: Daniel Flanagan <daniel@lyte.dev>
Date: Thu, 11 Jul 2024 12:51:51 -0500
Subject: [PATCH] Trying to upgrade router to NixOS

---
 flake.lock                                    |  6 +-
 flake.nix                                     | 78 +++++++++----------
 .../scripts/common/bin/gitforge-url.ts        |  2 +-
 modules/nixos/default.nix                     |  2 +-
 nixos/router.nix                              | 14 +++-
 5 files changed, 53 insertions(+), 49 deletions(-)

diff --git a/flake.lock b/flake.lock
index 9629999..1d64814 100644
--- a/flake.lock
+++ b/flake.lock
@@ -477,11 +477,11 @@
         "nixpkgs": "nixpkgs_4"
       },
       "locked": {
-        "lastModified": 1717012475,
-        "narHash": "sha256-XdcAf6+7IUBOw+jH66QqcXcMBaqw8vXmtiwQywqhcI4=",
+        "lastModified": 1720625270,
+        "narHash": "sha256-7JGUXmp6LxPkinxy9kEnrdbZQPF8QGZwvRxWU/ZwJKY=",
         "owner": "lytedev",
         "repo": "slippi-nix",
-        "rev": "8c37b6cfc082e2d522544c68eefa2c3b58ca2515",
+        "rev": "e86b5e46d53a929303b9ad6539cb6e64e7a8c5b4",
         "type": "github"
       },
       "original": {
diff --git a/flake.nix b/flake.nix
index 6f07521..896d0ed 100644
--- a/flake.nix
+++ b/flake.nix
@@ -83,6 +83,7 @@
   in {
     # kind of a quirk, but package definitions are actually in the "additions"
     # overlay I did this to work around some recursion problems
+    # TODO: https://discourse.nixos.org/t/infinite-recursion-getting-started-with-overlays/48880
     packages = genPkgs (pkgs: {inherit (pkgs) iosevkaLyteTerm iosevkaLyteTermSubset;});
     diskoConfigurations = import ./disko;
     templates = import ./templates;
@@ -158,16 +159,17 @@
       beefcake = nixpkgs.lib.nixosSystem {
         system = "x86_64-linux";
         modules = with nixosModules; [
-          common
           hardware.nixosModules.common-cpu-intel
+
+          common
           fonts
+
+          ./nixos/beefcake.nix
+
           {
             time = {
               timeZone = "America/Chicago";
             };
-          }
-          ./nixos/beefcake.nix
-          {
             services.smartd.enable = true;
             services.fwupd.enable = true;
           }
@@ -177,12 +179,11 @@
       dragon = nixpkgs.lib.nixosSystem {
         system = "x86_64-linux";
         modules = with nixosModules; [
-          common
-
           outputs.diskoConfigurations.standard
           hardware.nixosModules.common-cpu-amd
           hardware.nixosModules.common-pc-ssd
 
+          common
           password-manager
           wifi
           graphical-workstation
@@ -210,10 +211,9 @@
       htpc = nixpkgs.lib.nixosSystem {
         system = "x86_64-linux";
         modules = with nixosModules; [
-          common
-
           hardware.nixosModules.common-pc-ssd
 
+          common
           graphical-workstation
 
           ./nixos/htpc.nix
@@ -231,11 +231,10 @@
       foxtrot = nixpkgs.lib.nixosSystem {
         system = "x86_64-linux";
         modules = with nixosModules; [
-          common
-
           outputs.diskoConfigurations.standard
           hardware.nixosModules.framework-13-7040-amd
 
+          common
           graphical-workstation
           laptop
           gaming
@@ -260,37 +259,10 @@
       thablet = nixpkgs.lib.nixosSystem {
         system = "x86_64-linux";
         modules = with nixosModules; [
-          common
-
           outputs.diskoConfigurations.standard
           hardware.nixosModules.lenovo-thinkpad-x1-yoga
 
-          graphical-workstation
-          laptop
-          gaming
-
-          ./nixos/thablet.nix
-
-          {
-            home-manager.users.daniel = {
-              imports = with homeManagerModules; [
-                iex
-                cargo
-                linux-desktop-environment-config
-              ];
-            };
-          }
-        ];
-      };
-
-      grablet = nixpkgs.lib.nixosSystem {
-        system = "x86_64-linux";
-        modules = with nixosModules; [
           common
-
-          outputs.diskoConfigurations.standard
-          hardware.nixosModules.common-cpu-intel-kaby-lake
-          hardware.nixosModules.common-pc-laptopp-ssd
           graphical-workstation
           laptop
           gaming
@@ -305,12 +277,38 @@
                 linux-desktop-environment-config
               ];
             };
-
-            powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
           }
         ];
       };
 
+      # grablet = nixpkgs.lib.nixosSystem {
+      #   system = "x86_64-linux";
+      #   modules = with nixosModules; [
+      #     common
+
+      #     outputs.diskoConfigurations.standard
+      #     hardware.nixosModules.common-cpu-intel-kaby-lake
+      #     hardware.nixosModules.common-pc-laptopp-ssd
+      #     graphical-workstation
+      #     laptop
+      #     gaming
+
+      #     ./nixos/thablet.nix
+
+      #     {
+      #       home-manager.users.daniel = {
+      #         imports = with homeManagerModules; [
+      #           iex
+      #           cargo
+      #           linux-desktop-environment-config
+      #         ];
+      #       };
+
+      #       powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
+      #     }
+      #   ];
+      # };
+
       thinker = nixpkgs.lib.nixosSystem {
         system = "x86_64-linux";
         modules = with nixosModules; [
@@ -331,7 +329,7 @@
       router = nixpkgs.lib.nixosSystem {
         system = "x86_64-linux";
         modules = with nixosModules; [
-          outputs.diskoConfiguration.unencrypted
+          # outputs.diskoConfigurations.unencrypted
           common
           ./nixos/router.nix
         ];
diff --git a/modules/home-manager/scripts/common/bin/gitforge-url.ts b/modules/home-manager/scripts/common/bin/gitforge-url.ts
index fab29dc..d287767 100755
--- a/modules/home-manager/scripts/common/bin/gitforge-url.ts
+++ b/modules/home-manager/scripts/common/bin/gitforge-url.ts
@@ -1,4 +1,4 @@
-#!/usr/bin/env -S deno run --allow-read --allow-run --allow-net
+#!/usr/bin/env -S nix shell nixpkgs#deno --command deno run --allow-read --allow-run --allow-net
 
 import * as path from "https://deno.land/std@0.181.0/path/mod.ts";
 
diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix
index 5370b04..bf0a528 100644
--- a/modules/nixos/default.nix
+++ b/modules/nixos/default.nix
@@ -206,7 +206,7 @@
           "https://cache.nixos.org/"
           "https://helix.cachix.org"
           "https://nix-community.cachix.org"
-          "https://nix.h.lyte.dev"
+          # "https://nix.h.lyte.dev"
           "https://hyprland.cachix.org"
         ];
         trusted-public-keys = [
diff --git a/nixos/router.nix b/nixos/router.nix
index 413cc6c..2a373c3 100644
--- a/nixos/router.nix
+++ b/nixos/router.nix
@@ -33,7 +33,13 @@ in {
   networking.domain = "h.lyte.dev";
   networking.useDHCP = false;
 
-  # TODO: perform a hardware scan
+  boot.initrd.availableKernelModules = ["xhci_pci"];
+  boot.initrd.kernelModules = [];
+  boot.kernelModules = ["kvm-intel"];
+  boot.extraModulePackages = [];
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = true;
 
   boot = {
     loader = {
@@ -50,12 +56,12 @@ in {
         "net.ipv6.conf.all.use_tempaddr" = 0;
 
         "net.ipv6.conf.wan0.accept_ra" = 2;
-        # "net.ipv6.conf.wan0.autoconf" = 1;
+        "net.ipv6.conf.wan0.autoconf" = 1;
       };
     };
   };
 
-  powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
+  powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
 
   services.fail2ban.enable = true;
   services.radvd = {
@@ -179,7 +185,6 @@ in {
     ::1 localhost ip6-localhost ip6-loopback
     ff02::1 ip6-allnodes
     ff02::2 ip6-allrouters
-
   '';
 
   networking.nat.enable = true; # TODO: maybe replace some of the nftables stuff with this?
@@ -288,6 +293,7 @@ in {
       # No way.... https://github.com/NetworkConfiguration/dhcpcd/issues/36#issuecomment-954777644
       # issues caused by guests with oneplus devices
       noarp
+
       persistent
       vendorclassid