From cf105768249b737f531f09dff3f5adb3dd8b8339 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sun, 1 Feb 2026 19:33:01 +0000 Subject: [PATCH 1/5] Initial plan -- 2.49.1 From bf80ac7579c7b43c4d8ecaabb16dbe6a2bda2b93 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sun, 1 Feb 2026 19:35:39 +0000 Subject: [PATCH 2/5] Add NixOS dual-configuration setup (dev and gaming profiles) Co-authored-by: ragusa-it <196988693+ragusa-it@users.noreply.github.com> --- README.md | 208 +++++++++++++++++++++- flake.nix | 50 ++++++ hosts/hostname/hardware-configuration.nix | 42 +++++ modules/common.nix | 170 ++++++++++++++++++ modules/dev.nix | 86 +++++++++ modules/gaming.nix | 98 ++++++++++ 6 files changed, 653 insertions(+), 1 deletion(-) create mode 100644 flake.nix create mode 100644 hosts/hostname/hardware-configuration.nix create mode 100644 modules/common.nix create mode 100644 modules/dev.nix create mode 100644 modules/gaming.nix diff --git a/README.md b/README.md index af5566a..c80bb7d 100644 --- a/README.md +++ b/README.md @@ -1 +1,207 @@ -# nixos \ No newline at end of file +# NixOS Dual-Configuration Setup + +A NixOS system with **two fully isolated configurations**: + +1. **Dev** - Latest stable kernel, web development tooling (Docker, Node.js, direnv) +2. **Gaming** - Zen kernel, Steam, Lutris, performance tools + +Both share a common base: MangoWC (Wayland compositor) + Noctalia Shell, AMD RDNA 4 GPU support, and a shared `/home` directory with mutable dotfiles. + +## Target Hardware + +| Component | Model | Notes | +|-----------|-------|-------| +| CPU | AMD Ryzen 7 5700G | Zen 3, iGPU available | +| GPU | AMD RX 9060 XT | RDNA 4, requires Kernel 6.14+, Mesa 25.0+ | +| Motherboard | MSI B550 Tomahawk | Excellent IOMMU groups | + +## Directory Structure + +``` +nixos-config/ +├── flake.nix # Main flake definition +├── flake.lock # Auto-generated after first build +├── hosts/ +│ └── / +│ └── hardware-configuration.nix # Copy from /etc/nixos/ +└── modules/ + ├── common.nix # Shared configuration + ├── dev.nix # Development profile + └── gaming.nix # Gaming profile +``` + +## Prerequisites + +1. NixOS installed (minimal install is fine) +2. Flakes enabled in existing config or via: `nix-shell -p nixFlakes` +3. Know your hostname, username, timezone, and locale + +## Quick Setup + +### 1. Clone and Prepare + +```bash +# Clone this repo to your config directory +git clone ~/nixos-config +cd ~/nixos-config + +# Replace the placeholder hardware-configuration.nix with your actual one +cp /etc/nixos/hardware-configuration.nix hosts// +``` + +### 2. Replace Placeholders + +Edit the following files and replace these placeholders: + +| Placeholder | Example Value | Files | +|-------------|---------------|-------| +| `` | `desktop` | `flake.nix`, `modules/common.nix` | +| `` | `john` | `modules/common.nix`, `modules/dev.nix`, `modules/gaming.nix` | +| `` | `America/New_York` | `modules/common.nix` | +| `` | `en_US.UTF-8` | `modules/common.nix` | + +Also rename `hosts/hostname/` to match your actual hostname. + +### 3. Stage Files in Git + +```bash +cd ~/nixos-config +git add . +``` + +### 4. Verify Flake + +```bash +nix flake check +nix flake show +``` + +### 5. Build and Switch + +```bash +# Build and switch to dev config as main system profile +sudo nixos-rebuild switch --flake .#dev + +# Build gaming config as separate boot profile +sudo nixos-rebuild boot --profile-name gaming --flake .#gaming +``` + +### 6. Reboot and Verify + +Boot menu should show: +- `NixOS (dev)` - Default boot +- `NixOS (gaming, zen)` - Gaming profile + +## Updating + +**IMPORTANT:** Always update both profiles together to avoid kernel/Mesa version drift: + +```bash +cd ~/nixos-config +git add . +sudo nixos-rebuild switch --flake .#dev +sudo nixos-rebuild boot --profile-name gaming --flake .#gaming +``` + +To update flake inputs: + +```bash +nix flake update +git add flake.lock +sudo nixos-rebuild switch --flake .#dev +sudo nixos-rebuild boot --profile-name gaming --flake .#gaming +``` + +## Configuration Summary + +| Config | Kernel | Key Features | +|--------|--------|--------------| +| `dev` | Latest | Docker, Node.js, direnv, dev CLI tools | +| `gaming` | Zen | Steam, Lutris, MangoHUD, Gamemode, CoreCtrl | +| **Shared** | - | MangoWC, Noctalia, AMD GPU, PipeWire, Firefox | + +## Post-Installation + +### Change Password + +```bash +passwd +``` + +### Setup MangoWC + +```bash +mkdir -p ~/.config/mango +cp /etc/mango/config.conf ~/.config/mango/config.conf + +# Create autostart script +cat > ~/.config/mango/autostart.sh << 'EOF' +#!/bin/bash +qs -c noctalia-shell & +EOF +chmod +x ~/.config/mango/autostart.sh +``` + +Add to `~/.config/mango/config.conf`: +``` +exec-once="~/.config/mango/autostart.sh" +``` + +### Auto-start MangoWC from TTY + +Add to `~/.bash_profile` or `~/.zprofile`: +```bash +if [[ -z $WAYLAND_DISPLAY ]] && [[ $(tty) == /dev/tty1 ]]; then + exec mango +fi +``` + +## GPU Verification + +```bash +# Verify firmware loaded +dmesg | grep -i "amdgpu" | grep -i "firmware" + +# Check GPU detected +lspci | grep VGA + +# Verify Vulkan +vulkaninfo | head -30 + +# Check ray tracing support +vulkaninfo | grep VK_KHR_ray_tracing_pipeline + +# Verify OpenCL +clinfo | head -20 +``` + +## Troubleshooting + +### Flake can't find files +```bash +git add . # Flakes require files to be tracked by git +``` + +### MangoWC doesn't start +```bash +systemctl status seatd +groups # Ensure user is in 'seat' group +``` + +### RDNA 4 black screen +```bash +dmesg | grep -i "amdgpu" | grep -i "firmware" +uname -r # Should be 6.14+ +``` + +### Steam doesn't launch +Ensure `hardware.graphics.enable32Bit = true;` in common.nix. + +### Games won't launch +```bash +cat /proc/sys/vm/max_map_count # Should be 2147483642 on gaming profile +``` + +## License + +MIT \ No newline at end of file diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..fcc918a --- /dev/null +++ b/flake.nix @@ -0,0 +1,50 @@ +{ + description = "NixOS - Isolated Gaming & Dev configurations"; + + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + + mango = { + url = "github:DreamMaoMao/mango"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + quickshell = { + url = "github:outfoxxed/quickshell"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + noctalia = { + url = "github:noctalia-dev/noctalia-shell"; + inputs.nixpkgs.follows = "nixpkgs"; + inputs.quickshell.follows = "quickshell"; + }; + }; + + outputs = { self, nixpkgs, mango, quickshell, noctalia, ... }@inputs: + let + system = "x86_64-linux"; + specialArgs = { inherit inputs system; }; + + # IMPORTANT: Replace with actual hostname + commonModules = [ + ./hosts//hardware-configuration.nix + ./modules/common.nix + mango.nixosModules.mango + ]; + in { + nixosConfigurations = { + # Development configuration + dev = nixpkgs.lib.nixosSystem { + inherit system specialArgs; + modules = commonModules ++ [ ./modules/dev.nix ]; + }; + + # Gaming configuration + gaming = nixpkgs.lib.nixosSystem { + inherit system specialArgs; + modules = commonModules ++ [ ./modules/gaming.nix ]; + }; + }; + }; +} diff --git a/hosts/hostname/hardware-configuration.nix b/hosts/hostname/hardware-configuration.nix new file mode 100644 index 0000000..583607a --- /dev/null +++ b/hosts/hostname/hardware-configuration.nix @@ -0,0 +1,42 @@ +# This is a placeholder hardware-configuration.nix file. +# +# IMPORTANT: Replace this file with your actual hardware-configuration.nix +# generated during NixOS installation, typically found at: +# /etc/nixos/hardware-configuration.nix +# +# To generate a new hardware configuration, run: +# sudo nixos-generate-config --show-hardware-config > hardware-configuration.nix +# +# This placeholder will NOT work for actual system builds. + +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + # Example boot configuration (replace with your actual hardware) + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "sd_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + # Example filesystem configuration (replace with your actual mounts) + # fileSystems."/" = { + # device = "/dev/disk/by-uuid/YOUR-ROOT-UUID"; + # fsType = "ext4"; + # }; + # + # fileSystems."/boot" = { + # device = "/dev/disk/by-uuid/YOUR-BOOT-UUID"; + # fsType = "vfat"; + # }; + # + # swapDevices = [ + # { device = "/dev/disk/by-uuid/YOUR-SWAP-UUID"; } + # ]; + + # CPU microcode updates for AMD + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/modules/common.nix b/modules/common.nix new file mode 100644 index 0000000..9ce6b35 --- /dev/null +++ b/modules/common.nix @@ -0,0 +1,170 @@ +{ config, pkgs, inputs, system, ... }: + +{ + # -------------------------------------------------------------------------- + # BOOT + # -------------------------------------------------------------------------- + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + # -------------------------------------------------------------------------- + # SYSTEM + # -------------------------------------------------------------------------- + # IMPORTANT: Replace with actual values + networking.hostName = ""; + time.timeZone = ""; + i18n.defaultLocale = ""; + + networking.networkmanager.enable = true; + + # -------------------------------------------------------------------------- + # AMD GPU - RDNA 4 (RX 9060 XT) + Zen 3 CPU (5700G) + # -------------------------------------------------------------------------- + + # CRITICAL: RDNA 4 requires navi44 firmware blobs + hardware.enableAllFirmware = true; + + # Use the modern amdgpu NixOS module (cleaner than manual initrd config) + hardware.amdgpu.initrd.enable = true; + + hardware.graphics = { + enable = true; + enable32Bit = true; # Required for Steam/Wine + extraPackages = with pkgs; [ + rocmPackages.clr.icd # OpenCL support for RDNA 4 + ]; + # NOTE: AMDVLK intentionally omitted + # Some games auto-select AMDVLK over RADV, causing performance issues + # RADV (Mesa) is the default and performs better for gaming + }; + + # RADV is already the default Vulkan driver + # This variable is optional but makes it explicit + environment.variables.AMD_VULKAN_ICD = "RADV"; + + # -------------------------------------------------------------------------- + # CPU - Zen 3 Optimizations (Ryzen 7 5700G) + # -------------------------------------------------------------------------- + boot.kernelParams = [ + "amd_pstate=active" # Better power/performance scaling on Zen 3 + ]; + + # -------------------------------------------------------------------------- + # MOTHERBOARD - MSI B550 Tomahawk Sensors + # -------------------------------------------------------------------------- + boot.kernelModules = [ "nct6775" ]; # B550 hardware monitoring + + # -------------------------------------------------------------------------- + # MANGOWC + NOCTALIA + # -------------------------------------------------------------------------- + programs.mango.enable = true; + + # Required for screen sharing, file dialogs + xdg.portal = { + enable = true; + wlr.enable = true; + extraPortals = [ pkgs.xdg-desktop-portal-gtk ]; + }; + + # Enable seatd for session management + services.seatd.enable = true; + + # -------------------------------------------------------------------------- + # USER ACCOUNT + # -------------------------------------------------------------------------- + # IMPORTANT: Replace with actual username + users.users. = { + isNormalUser = true; + extraGroups = [ "wheel" "networkmanager" "video" "seat" ]; + # Set initial password or use hashedPassword + initialPassword = "changeme"; + packages = with pkgs; [ + # -- Noctalia Shell -- + inputs.quickshell.packages.${system}.default + inputs.noctalia.packages.${system}.default + brightnessctl + cliphist + wlsunset + + # -- MangoWC Ecosystem -- + foot # Terminal + wmenu # Launcher + wl-clipboard # Clipboard + grim # Screenshot + slurp # Region selection + swaybg # Wallpaper + + # -- Applications -- + firefox + ]; + }; + + # -------------------------------------------------------------------------- + # SYSTEM PACKAGES + # -------------------------------------------------------------------------- + environment.systemPackages = with pkgs; [ + vim + wget + curl + htop + git + unzip + file + + # GPU verification tools + clinfo # Verify OpenCL: clinfo + vulkan-tools # Verify Vulkan: vulkaninfo + pciutils # lspci for hardware info + ]; + + # -------------------------------------------------------------------------- + # FONTS + # -------------------------------------------------------------------------- + fonts.packages = with pkgs; [ + # Nerd fonts - syntax changed in NixOS 25.05+ + # Old syntax was: (nerdfonts.override { fonts = [ "JetBrainsMono" ]; }) + # New syntax is individual packages: + nerd-fonts.jetbrains-mono + + # Other fonts + inter + roboto + ]; + + # -------------------------------------------------------------------------- + # AUDIO (PipeWire) + # -------------------------------------------------------------------------- + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; + + # Disable PulseAudio (conflicts with PipeWire) + hardware.pulseaudio.enable = false; + + # RealtimeKit for PipeWire + security.rtkit.enable = true; + + # -------------------------------------------------------------------------- + # MISC + # -------------------------------------------------------------------------- + # Allow unfree packages (needed for Steam, some drivers) + nixpkgs.config.allowUnfree = true; + + # Enable flakes + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + + # Garbage collection + nix.gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 14d"; + }; + + # IMPORTANT: Set to the NixOS version of your install media + # Check with: nixos-version + # Do NOT change this after initial install + system.stateVersion = "25.05"; +} diff --git a/modules/dev.nix b/modules/dev.nix new file mode 100644 index 0000000..fa88c80 --- /dev/null +++ b/modules/dev.nix @@ -0,0 +1,86 @@ +{ pkgs, ... }: + +{ + # Identification tag (shows in boot menu and `nixos-version`) + system.nixos.tags = [ "dev" ]; + + # -------------------------------------------------------------------------- + # KERNEL - Latest stable for RDNA 4 GPU support + # -------------------------------------------------------------------------- + # NOTE: LTS kernels often lag behind new GPU support. + # For RDNA 4 (RX 9060 XT), use linuxPackages_latest instead of linuxPackages. + boot.kernelPackages = pkgs.linuxPackages_latest; + + # -------------------------------------------------------------------------- + # DOCKER + # -------------------------------------------------------------------------- + virtualisation.docker = { + enable = true; + autoPrune = { + enable = true; + dates = "weekly"; + }; + }; + + # IMPORTANT: Replace with actual username + users.users..extraGroups = [ "docker" ]; + + # -------------------------------------------------------------------------- + # DEVELOPMENT TOOLS + # -------------------------------------------------------------------------- + programs.direnv = { + enable = true; + nix-direnv.enable = true; # Caches nix shells + }; + + # IMPORTANT: Replace with actual username + users.users..packages = with pkgs; [ + # -- Git -- + lazygit + gh # GitHub CLI + + # -- Node.js -- + nodejs_22 + nodePackages.pnpm + nodePackages.yarn + + # -- CLI Tools -- + httpie # HTTP client + jq # JSON processor + yq # YAML processor + fd # Find alternative + ripgrep # Grep alternative + eza # ls alternative + bat # cat alternative + fzf # Fuzzy finder + zoxide # cd alternative + delta # Git diff viewer + + # -- Database Clients -- + postgresql # psql client + # redis # Uncomment if needed + + # -- Misc -- + gnumake + gcc + ]; + + # -------------------------------------------------------------------------- + # SERVICES (Optional - uncomment if needed) + # -------------------------------------------------------------------------- + # Local PostgreSQL + # services.postgresql = { + # enable = true; + # ensureDatabases = [ "devdb" ]; + # ensureUsers = [{ + # name = ""; + # ensureDBOwnership = true; + # }]; + # }; + + # Local Redis + # services.redis.servers."dev" = { + # enable = true; + # port = 6379; + # }; +} diff --git a/modules/gaming.nix b/modules/gaming.nix new file mode 100644 index 0000000..90fa093 --- /dev/null +++ b/modules/gaming.nix @@ -0,0 +1,98 @@ +{ pkgs, ... }: + +{ + # Identification tags (shows in boot menu) + system.nixos.tags = [ "gaming" "zen" ]; + + # -------------------------------------------------------------------------- + # KERNEL - Zen for gaming performance + # -------------------------------------------------------------------------- + boot.kernelPackages = pkgs.linuxPackages_zen; + + # -------------------------------------------------------------------------- + # STEAM + # -------------------------------------------------------------------------- + programs.steam = { + enable = true; + gamescopeSession.enable = true; + remotePlay.openFirewall = true; + dedicatedServer.openFirewall = true; + }; + + # -------------------------------------------------------------------------- + # GAMEMODE - Auto performance optimizations + # -------------------------------------------------------------------------- + programs.gamemode = { + enable = true; + enableRenice = true; + settings = { + general = { + renice = 10; + }; + gpu = { + apply_gpu_optimisations = "accept-responsibility"; + gpu_device = 0; + amd_performance_level = "high"; + }; + }; + }; + + # -------------------------------------------------------------------------- + # CORECTRL - AMD GPU Control + # -------------------------------------------------------------------------- + programs.corectrl = { + enable = true; + gpuOverclock = { + enable = true; + ppfeaturemask = "0xffffffff"; + }; + }; + + # IMPORTANT: Replace with actual username + users.users..extraGroups = [ "corectrl" "gamemode" ]; + + # -------------------------------------------------------------------------- + # GAMING PACKAGES + # -------------------------------------------------------------------------- + # IMPORTANT: Replace with actual username + users.users..packages = with pkgs; [ + # -- Performance Overlays -- + mangohud # FPS counter, GPU stats + goverlay # MangoHud GUI config + + # -- Game Launchers -- + lutris # Multi-platform launcher + heroic # Epic/GOG launcher + bottles # Wine prefix manager + + # -- Proton/Wine -- + protonup-qt # Proton-GE installer + winetricks + protontricks + + # -- Utilities -- + gamescope # Micro-compositor for gaming + corectrl # AMD GPU control GUI + + # -- Optional Game Clients -- + # prismlauncher # Minecraft + # retroarch # Emulation + ]; + + # -------------------------------------------------------------------------- + # KERNEL PARAMETERS - Gaming optimizations + # -------------------------------------------------------------------------- + boot.kernel.sysctl = { + # Reduce swappiness for gaming + "vm.swappiness" = 10; + # Increase max map count (needed for some games) + "vm.max_map_count" = 2147483642; + }; + + # Additional kernel params for gaming (appends to common.nix params) + boot.kernelParams = [ + "amd_pstate=active" # Inherited from common, but explicit for clarity + "mitigations=off" # Optional: Disable CPU mitigations for ~5% perf gain + # Remove this line if security is a concern + ]; +} -- 2.49.1 From 41de438583db7eeb2248a156ecd73f7f774383d3 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sun, 1 Feb 2026 19:36:31 +0000 Subject: [PATCH 3/5] Address code review feedback: improve comments for vm.max_map_count and nerd fonts Co-authored-by: ragusa-it <196988693+ragusa-it@users.noreply.github.com> --- modules/common.nix | 6 +++--- modules/gaming.nix | 5 ++++- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/modules/common.nix b/modules/common.nix index 9ce6b35..974d5a4 100644 --- a/modules/common.nix +++ b/modules/common.nix @@ -121,9 +121,9 @@ # FONTS # -------------------------------------------------------------------------- fonts.packages = with pkgs; [ - # Nerd fonts - syntax changed in NixOS 25.05+ - # Old syntax was: (nerdfonts.override { fonts = [ "JetBrainsMono" ]; }) - # New syntax is individual packages: + # Nerd fonts - syntax changed in nixpkgs after 24.05 + # If using older nixpkgs: (nerdfonts.override { fonts = [ "JetBrainsMono" ]; }) + # Current nixpkgs-unstable uses individual packages: nerd-fonts.jetbrains-mono # Other fonts diff --git a/modules/gaming.nix b/modules/gaming.nix index 90fa093..8f1656e 100644 --- a/modules/gaming.nix +++ b/modules/gaming.nix @@ -85,7 +85,10 @@ boot.kernel.sysctl = { # Reduce swappiness for gaming "vm.swappiness" = 10; - # Increase max map count (needed for some games) + # Increase max map count for games requiring many memory mappings. + # This value (2^31 - 6) is the maximum safe value for signed 32-bit integers. + # Games like Star Citizen, Hogwarts Legacy, and some Unity/Unreal titles + # may crash without this setting due to high mmap requirements. "vm.max_map_count" = 2147483642; }; -- 2.49.1 From df02e01ce8eff09607176aa60d06cdeadeff2005 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sun, 1 Feb 2026 19:50:18 +0000 Subject: [PATCH 4/5] Address PR review feedback: security, documentation, and configuration improvements Co-authored-by: ragusa-it <196988693+ragusa-it@users.noreply.github.com> --- README.md | 41 +++++++++++++++++------ flake.nix | 10 +++++- hosts/hostname/hardware-configuration.nix | 32 +++++++++--------- modules/common.nix | 27 ++++++++++----- modules/dev.nix | 2 ++ modules/gaming.nix | 14 ++++---- 6 files changed, 84 insertions(+), 42 deletions(-) diff --git a/README.md b/README.md index c80bb7d..7b991e8 100644 --- a/README.md +++ b/README.md @@ -45,6 +45,9 @@ nixos-config/ git clone ~/nixos-config cd ~/nixos-config +# Create the host directory (replace with your actual hostname) +mkdir -p hosts/ + # Replace the placeholder hardware-configuration.nix with your actual one cp /etc/nixos/hardware-configuration.nix hosts// ``` @@ -60,10 +63,12 @@ Edit the following files and replace these placeholders: | `` | `America/New_York` | `modules/common.nix` | | `` | `en_US.UTF-8` | `modules/common.nix` | -Also rename `hosts/hostname/` to match your actual hostname. +Also rename the `hosts/hostname/` directory to match your actual hostname, and ensure the same hostname is used for all `` placeholders (including in `flake.nix`). ### 3. Stage Files in Git +**IMPORTANT:** Flakes require all files to be tracked by git before building. + ```bash cd ~/nixos-config git add . @@ -78,11 +83,16 @@ nix flake show ### 5. Build and Switch +**IMPORTANT:** Ensure all files are staged in git (step 3) before building. + ```bash # Build and switch to dev config as main system profile sudo nixos-rebuild switch --flake .#dev -# Build gaming config as separate boot profile +# (Optional) Test gaming config without committing it as a boot option +sudo nixos-rebuild test --flake .#gaming + +# Build gaming config as separate boot profile (available after next reboot) sudo nixos-rebuild boot --profile-name gaming --flake .#gaming ``` @@ -94,20 +104,22 @@ Boot menu should show: ## Updating -**IMPORTANT:** Always update both profiles together to avoid kernel/Mesa version drift: +**IMPORTANT:** Always update both profiles together to avoid kernel/Mesa version drift. + +### After Configuration Changes ```bash cd ~/nixos-config -git add . +git add . # Stage your configuration changes sudo nixos-rebuild switch --flake .#dev sudo nixos-rebuild boot --profile-name gaming --flake .#gaming ``` -To update flake inputs: +### Updating Flake Inputs Only ```bash nix flake update -git add flake.lock +git add flake.lock # Only stage the lock file, not other changes sudo nixos-rebuild switch --flake .#dev sudo nixos-rebuild boot --profile-name gaming --flake .#gaming ``` @@ -124,19 +136,24 @@ sudo nixos-rebuild boot --profile-name gaming --flake .#gaming ### Change Password +Generate a password hash and update `modules/common.nix`: ```bash -passwd +mkpasswd -m sha-512 +# Copy the output and replace in common.nix ``` ### Setup MangoWC +MangoWC is configured to auto-start via greetd. To customize it: + ```bash mkdir -p ~/.config/mango cp /etc/mango/config.conf ~/.config/mango/config.conf -# Create autostart script +# Create autostart script for Noctalia shell cat > ~/.config/mango/autostart.sh << 'EOF' #!/bin/bash +# Ensure quickshell is in PATH (it should be as a user package) qs -c noctalia-shell & EOF chmod +x ~/.config/mango/autostart.sh @@ -147,9 +164,13 @@ Add to `~/.config/mango/config.conf`: exec-once="~/.config/mango/autostart.sh" ``` -### Auto-start MangoWC from TTY +### Dev Profile: Docker Access -Add to `~/.bash_profile` or `~/.zprofile`: +After switching to the dev profile for the first time, you must log out and log back in (or reboot) for Docker group membership to take effect. + +### Auto-start MangoWC from TTY (Alternative) + +If not using greetd, add to `~/.bash_profile` or `~/.zprofile`: ```bash if [[ -z $WAYLAND_DISPLAY ]] && [[ $(tty) == /dev/tty1 ]]; then exec mango diff --git a/flake.nix b/flake.nix index fcc918a..49664cc 100644 --- a/flake.nix +++ b/flake.nix @@ -1,6 +1,9 @@ { description = "NixOS - Isolated Gaming & Dev configurations"; + # SECURITY NOTE: After first build, commit flake.lock to pin inputs to specific + # commits. Update via `nix flake update` only from trusted sources. + # This protects against supply-chain attacks from upstream changes. inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; @@ -24,13 +27,18 @@ outputs = { self, nixpkgs, mango, quickshell, noctalia, ... }@inputs: let system = "x86_64-linux"; + lib = nixpkgs.lib; specialArgs = { inherit inputs system; }; + # Verify mango flake exports the expected module + mangoModule = assert lib.hasAttrByPath [ "nixosModules" "mango" ] mango; + mango.nixosModules.mango; + # IMPORTANT: Replace with actual hostname commonModules = [ ./hosts//hardware-configuration.nix ./modules/common.nix - mango.nixosModules.mango + mangoModule ]; in { nixosConfigurations = { diff --git a/hosts/hostname/hardware-configuration.nix b/hosts/hostname/hardware-configuration.nix index 583607a..e75fc5b 100644 --- a/hosts/hostname/hardware-configuration.nix +++ b/hosts/hostname/hardware-configuration.nix @@ -7,7 +7,8 @@ # To generate a new hardware configuration, run: # sudo nixos-generate-config --show-hardware-config > hardware-configuration.nix # -# This placeholder will NOT work for actual system builds. +# This placeholder will NOT work for actual system builds - the UUIDs below +# are placeholders that must be replaced with your actual disk UUIDs. { config, lib, pkgs, modulesPath, ... }: @@ -22,20 +23,21 @@ boot.kernelModules = [ "kvm-amd" ]; boot.extraModulePackages = [ ]; - # Example filesystem configuration (replace with your actual mounts) - # fileSystems."/" = { - # device = "/dev/disk/by-uuid/YOUR-ROOT-UUID"; - # fsType = "ext4"; - # }; - # - # fileSystems."/boot" = { - # device = "/dev/disk/by-uuid/YOUR-BOOT-UUID"; - # fsType = "vfat"; - # }; - # - # swapDevices = [ - # { device = "/dev/disk/by-uuid/YOUR-SWAP-UUID"; } - # ]; + # IMPORTANT: Replace these UUIDs with your actual disk UUIDs + # Find your UUIDs with: lsblk -f + fileSystems."/" = { + device = "/dev/disk/by-uuid/REPLACE-WITH-YOUR-ROOT-UUID"; + fsType = "ext4"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/REPLACE-WITH-YOUR-BOOT-UUID"; + fsType = "vfat"; + }; + + swapDevices = [ + { device = "/dev/disk/by-uuid/REPLACE-WITH-YOUR-SWAP-UUID"; } + ]; # CPU microcode updates for AMD hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; diff --git a/modules/common.nix b/modules/common.nix index 974d5a4..a22beee 100644 --- a/modules/common.nix +++ b/modules/common.nix @@ -21,8 +21,8 @@ # AMD GPU - RDNA 4 (RX 9060 XT) + Zen 3 CPU (5700G) # -------------------------------------------------------------------------- - # CRITICAL: RDNA 4 requires navi44 firmware blobs - hardware.enableAllFirmware = true; + # RDNA 4 requires navi44 firmware blobs (included in redistributable firmware) + hardware.enableRedistributableFirmware = true; # Use the modern amdgpu NixOS module (cleaner than manual initrd config) hardware.amdgpu.initrd.enable = true; @@ -69,6 +69,16 @@ # Enable seatd for session management services.seatd.enable = true; + # Use greetd to automatically start a MangoWC session on login + services.greetd = { + enable = true; + settings.default_session = { + command = "mango"; + # IMPORTANT: Replace with actual username + user = ""; + }; + }; + # -------------------------------------------------------------------------- # USER ACCOUNT # -------------------------------------------------------------------------- @@ -76,8 +86,9 @@ users.users. = { isNormalUser = true; extraGroups = [ "wheel" "networkmanager" "video" "seat" ]; - # Set initial password or use hashedPassword - initialPassword = "changeme"; + # IMPORTANT: Generate a password hash with: mkpasswd -m sha-512 + # Then replace the placeholder below with the generated hash + hashedPassword = ""; packages = with pkgs; [ # -- Noctalia Shell -- inputs.quickshell.packages.${system}.default @@ -121,9 +132,9 @@ # FONTS # -------------------------------------------------------------------------- fonts.packages = with pkgs; [ - # Nerd fonts - syntax changed in nixpkgs after 24.05 - # If using older nixpkgs: (nerdfonts.override { fonts = [ "JetBrainsMono" ]; }) - # Current nixpkgs-unstable uses individual packages: + # Nerd fonts: current syntax for nixos-unstable and NixOS >= 24.05 + # For older nixpkgs (before this change), use: + # (nerdfonts.override { fonts = [ "JetBrainsMono" ]; }) nerd-fonts.jetbrains-mono # Other fonts @@ -166,5 +177,5 @@ # IMPORTANT: Set to the NixOS version of your install media # Check with: nixos-version # Do NOT change this after initial install - system.stateVersion = "25.05"; + system.stateVersion = "24.11"; } diff --git a/modules/dev.nix b/modules/dev.nix index fa88c80..bcf47d9 100644 --- a/modules/dev.nix +++ b/modules/dev.nix @@ -23,6 +23,8 @@ }; # IMPORTANT: Replace with actual username + # NOTE: After first enabling/applying this dev profile, you must log out and + # log back in (or reboot) for the docker group membership to take effect. users.users..extraGroups = [ "docker" ]; # -------------------------------------------------------------------------- diff --git a/modules/gaming.nix b/modules/gaming.nix index 8f1656e..ad40843 100644 --- a/modules/gaming.nix +++ b/modules/gaming.nix @@ -27,7 +27,7 @@ enableRenice = true; settings = { general = { - renice = 10; + renice = -10; # Negative value = higher priority for games }; gpu = { apply_gpu_optimisations = "accept-responsibility"; @@ -48,6 +48,11 @@ }; }; + # NOTE: Profile-specific group membership + # The user must be in the "corectrl" and "gamemode" groups for these + # programs to function correctly. These groups are only added when using + # the gaming profile. If you need consistent group membership across + # both profiles, add these groups to common.nix instead. # IMPORTANT: Replace with actual username users.users..extraGroups = [ "corectrl" "gamemode" ]; @@ -91,11 +96,4 @@ # may crash without this setting due to high mmap requirements. "vm.max_map_count" = 2147483642; }; - - # Additional kernel params for gaming (appends to common.nix params) - boot.kernelParams = [ - "amd_pstate=active" # Inherited from common, but explicit for clarity - "mitigations=off" # Optional: Disable CPU mitigations for ~5% perf gain - # Remove this line if security is a concern - ]; } -- 2.49.1 From 7ccb4414b84590ed9c6a846c04b1fd7dde23da9f Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Sun, 1 Feb 2026 19:51:22 +0000 Subject: [PATCH 5/5] Add comment clarifying mango binary source in greetd config Co-authored-by: ragusa-it <196988693+ragusa-it@users.noreply.github.com> --- modules/common.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/modules/common.nix b/modules/common.nix index a22beee..47c4eb7 100644 --- a/modules/common.nix +++ b/modules/common.nix @@ -70,6 +70,7 @@ services.seatd.enable = true; # Use greetd to automatically start a MangoWC session on login + # Note: 'mango' binary is provided by programs.mango.enable above services.greetd = { enable = true; settings.default_session = { -- 2.49.1