feat: Convert to a multi-host flake

2026-02-11 05:13:20 -08:00 · 2026-02-11 05:13:20 -08:00 · b717ea973a
commit b717ea973a
parent c20fd46f9f
14 changed files with 416 additions and 27 deletions
--- a/hosts/crossbox/default.nix
+++ b/hosts/crossbox/default.nix
@ -0,0 +1,88 @@
+{ config, pkgs, lib, ... }:
+
+let
+  # Using nixos-24.05 for bisq-desktop (last stable release with working bisq-desktop)
+  # bisq-desktop was removed after 24.05 due to OpenJFX EOL issues
+  bisqPkgs = import (builtins.fetchTarball {
+    url = "https://github.com/NixOS/nixpkgs/archive/nixos-24.05.tar.gz";
+    sha256 = "0zydsqiaz8qi4zd63zsb2gij2p614cgkcaisnk11wjy3nmiq0x1s";
+  }) { system = pkgs.system; };
+in
+{
+  imports = [
+    ./hardware-configuration.nix
+    ./nginx.nix
+    ./forgejo.nix
+    ./radicale.nix
+    ./ollama.nix
+    # ./docuseal.nix
+  ];
+
+  environment.systemPackages = with pkgs; [
+    bisqPkgs.bisq-desktop  # v1.9.15-1.9.17 from nixos-24.05
+    bisq2
+    llamacpp-rocm-bin-gfx1151
+    lmstudio
+  ];
+
+  networking.hostName = "crossbox";
+  system.stateVersion = "25.11";
+  networking.firewall.allowedTCPPorts = [ 22 1234 ];
+  services.pulseaudio.enable = false;
+
+  hardware.graphics = {
+    enable = true;
+    extraPackages = with pkgs; [
+      rocmPackages.clr.icd # ROCm OpenCL runtime
+      rocmPackages.clr
+      rocmPackages.rocminfo
+      rocmPackages.rocm-runtime
+    ];
+  };
+
+  boot.kernelParams = [ "amdgpu.gttsize=115200" ];
+  boot.kernelPackages = pkgs.linuxPackages_latest;
+
+  # ROCm environment for gfx1151 (Strix Halo)
+  # gfx1151 lacks TensileLibrary support in most ROCm builds,
+  # so we override to gfx1100 which is close enough and has full library support.
+  # The strix-halo overlay's llamacpp binaries override this with 11.5.1 in their wrappers.
+  environment.variables = {
+    HSA_OVERRIDE_GFX_VERSION = "11.0.0";
+  };
+
+  # List services that you want to enable:
+  services.openssh = {
+    enable = true;
+    settings = {
+      PermitRootLogin = "no";
+      PasswordAuthentication = false;
+      KbdInteractiveAuthentication = false;
+    };
+  };
+
+  # Disable automatic suspend.
+  # Otherwise SSH tunnels and HDMI signals break.
+  services.logind = {
+    settings = {
+      Login = {
+        HandleLidSwitch = "ignore";
+	HandleHibernateKey = "ignore";
+	HandleSuspendKey = "ignore";
+	HandlePowerKey = "ignore";
+      };
+    };
+  };
+
+  virtualisation.docker = {
+    enable = true;
+    autoPrune = {
+      enable = true;
+      dates = "weekly";
+    };
+    rootless = {
+      enable = true;
+      setSocketVariable = true;
+    };
+  };
+}