From 91ab1b85d179f1e9f49b867a5de3687de8ed9d98 Mon Sep 17 00:00:00 2001
From: Craige McWhirter <craige@mcwhirter.io>
Date: Fri, 16 Feb 2024 13:26:46 +1000
Subject: [PATCH] dionach: rebuild and update to 23.11

---
 hardware/purism_librem_15.nix | 29 ++++++++++++++++-------------
 hosts/dionach.nix             | 14 +++++++-------
 profiles/desktop_common.nix   | 15 ++++++++++++---
 3 files changed, 35 insertions(+), 23 deletions(-)

diff --git a/hardware/purism_librem_15.nix b/hardware/purism_librem_15.nix
index 2246766..bfa89a3 100644
--- a/hardware/purism_librem_15.nix
+++ b/hardware/purism_librem_15.nix
@@ -2,10 +2,11 @@
 {
   config,
   lib,
+  modulesPath,
   pkgs,
   ...
 }: {
-  imports = [<nixpkgs/nixos/modules/installer/scan/not-detected.nix>];
+  imports = [(modulesPath + "/installer/scan/not-detected.nix")];
 
   boot = {
     initrd = {
@@ -16,26 +17,28 @@
         "usbhid" # USB HID transport layer
         "usb_storage" # USB Mass Storage support
         "sd_mod" # SCSI disk support
-        "aesni_intel" # AES-NI + SSE2 implementation of AEGIS-128
-        "cryptd" # Software async crypto daemon
       ];
-      kernelModules = ["dm-snapshot"];
-      luks.devices."cryptroot".device = "/dev/disk/by-uuid/52040288-dea9-4e74-9438-d0946b48a1f4";
     };
     kernelModules = ["kvm-intel"]; # Enable kvm for libvirtd
   };
 
-  fileSystems."/" = {
-    device = "/dev/disk/by-uuid/848e15eb-992b-499f-89b1-be8bc59af41c";
-    fsType = "ext4";
+  fileSystems = {
+    "/" = {
+      device = "/dev/disk/by-uuid/0bdc11fc-c497-47ff-bcc2-3044f81f40be";
+      fsType = "ext4";
+    };
+    "/home" = {
+      device = "/dev/disk/by-uuid/9c8a9dd1-b234-4a6d-ad62-3962e85d4063";
+      fsType = "ext4";
+    };
   };
 
-  fileSystems."/boot" = {
-    device = "/dev/disk/by-uuid/a9d48855-edaf-40b9-9296-58e9b7c7eb96";
-    fsType = "ext4";
-  };
+  swapDevices = [{device = "/dev/disk/by-uuid/05aed0b0-3a79-44f2-aa4d-e5e5724643f2";}];
 
-  swapDevices = [{device = "/dev/disk/by-uuid/ac308d76-cc12-4a73-83ee-64a2ad07b91e";}];
+  networking.useDHCP = lib.mkDefault true;
 
   nix.settings.max-jobs = lib.mkDefault 4;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
 }
diff --git a/hosts/dionach.nix b/hosts/dionach.nix
index 416365f..1b1238d 100644
--- a/hosts/dionach.nix
+++ b/hosts/dionach.nix
@@ -16,6 +16,7 @@
     loader.grub = {
       enable = true;
       device = "/dev/nvme0n1"; # or "nodev" for efi only
+      useOSProber = true;
     };
     kernel.sysctl."net.ipv4.ip_forward" = "1";
     extraModprobeConfig = "options kvm_intel nested=1";
@@ -23,6 +24,11 @@
 
   networking = {
     hostName = "dionach"; # Define your hostname.
+    firewall = {
+      enable = true;
+      checkReversePath = false; # Needed for libvirtd
+      allowedTCPPorts = [15000];
+    };
   };
 
   systemd.network.networks.enp0s20f0u4u4i5.ipv6SendRAConfig = {
@@ -33,15 +39,9 @@
 
   services.kbfs.enable = true;
 
-  networking.firewall = {
-    enable = true;
-    checkReversePath = false; # Needed for libvirtd
-    allowedTCPPorts = [15000];
-  };
-
   # This value determines the NixOS release with which your system is to be
   # compatible, in order to avoid breaking some software such as database
   # servers. You should change this only after NixOS release notes say you
   # should.
-  system.stateVersion = "20.03"; # Did you read the comment?
+  system.stateVersion = "23.11"; # Did you read the comment?
 }
diff --git a/profiles/desktop_common.nix b/profiles/desktop_common.nix
index 0d8c8d3..ddcb68c 100644
--- a/profiles/desktop_common.nix
+++ b/profiles/desktop_common.nix
@@ -31,6 +31,7 @@
     mplayer # A movie player that supports many video formats
     nextcloud-client # Nextcloud desktop client
     pwgen # Password generator
+    rsync
     shotwell # Photo organizer
     signal-desktop # Private, simple, and secure messenger
     usbutils # Tools for working with USB devices, such as lsusb
@@ -69,19 +70,27 @@
       };
       libinput.enable = true; # Enable touchpad support.
     };
+
+    pipewire = {
+      enable = true;
+      alsa = {
+        enable = true;
+        support32Bit = true;
+      };
+      pulse.enable = true;
+    };
   };
 
   sound.enable = true; # Enable sound.
+  security.rtkit.enable = true; # realtime scheduling for sound
 
   # Configure common hardware settings
   hardware = {
     pulseaudio = {
-      enable = true;
-      package = pkgs.pulseaudioFull;
+      enable = false;
     };
     bluetooth = {
       enable = true; # Enable bluetooth
-      hsphfpd.enable = true;
       settings = {
         General = {
           Enable = "Source,Sink,Media,Socket";