diff --git a/modules/disko/disko-ab-partitions.nix b/modules/disko/disko-ab-partitions.nix index 201cdc527..6c9ed3856 100644 --- a/modules/disko/disko-ab-partitions.nix +++ b/modules/disko/disko-ab-partitions.nix @@ -18,126 +18,143 @@ # - gp-storage : (50G) General purpose storage for some common insecure cases # - recovery : (no quota) Recovery factory image is stored here # - storagevm: (no quota) Dataset is meant to be used for StorageVM -{ pkgs, ... }: { - # TODO Keep ZFS-related parts of the configuration here for now. - # This allows to have all config dependencies in one place and cleans - # other targets' configs from unnecessary components. - networking.hostId = "8425e349"; - boot = { - initrd.availableKernelModules = [ "zfs" ]; - supportedFilesystems = [ "zfs" ]; + pkgs, + lib, + config, + ... +}: +{ + + options = { + ghaf.imageBuilder.compression = lib.mkOption { + type = lib.types.enum [ + "none" + "zstd" + ]; + default = "zstd"; + }; }; - disko = { - # 8GB is the recommeneded minimum for ZFS, so we are using this for VMs to avoid `cp` oom errors. - memSize = 17384; - imageBuilder = { - extraPostVM = '' - ${pkgs.zstd}/bin/zstd --compress $out/*raw - rm $out/*raw - ''; + config = { + # TODO Keep ZFS-related parts of the configuration here for now. + # This allows to have all config dependencies in one place and cleans + # other targets' configs from unnecessary components. + networking.hostId = "8425e349"; + boot = { + initrd.availableKernelModules = [ "zfs" ]; + supportedFilesystems = [ "zfs" ]; }; - devices = { - disk.disk1 = { - type = "disk"; - imageSize = "60G"; - content = { - type = "gpt"; - partitions = { - boot = { - name = "boot"; - size = "1M"; - type = "EF02"; - priority = 1; # Needs to be first partition - }; - esp = { - name = "ESP"; - size = "500M"; - type = "EF00"; - content = { - type = "filesystem"; - format = "vfat"; - mountpoint = "/boot"; - mountOptions = [ - "umask=0077" - "nofail" - ]; + disko = { + # 8GB is the recommeneded minimum for ZFS, so we are using this for VMs to avoid `cp` oom errors. + memSize = 17384; + imageBuilder = { + extraPostVM = lib.mkIf (config.ghaf.imageBuilder.compression == "zstd") '' + ${pkgs.zstd}/bin/zstd --compress $out/*raw + rm $out/*raw + ''; + }; + devices = { + disk.disk1 = { + type = "disk"; + imageSize = "60G"; + content = { + type = "gpt"; + partitions = { + boot = { + name = "boot"; + size = "1M"; + type = "EF02"; + priority = 1; # Needs to be first partition }; - }; - swap = { - size = "38G"; - type = "8200"; - content = { - type = "swap"; - resumeDevice = true; # resume from hiberation from this device - # TODO: remove when LUKS is enabled - #randomEncryption = true; + esp = { + name = "ESP"; + size = "500M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = [ + "umask=0077" + "nofail" + ]; + }; }; - }; - zfs_1 = { - size = "100%"; - content = { - type = "zfs"; - pool = "zfspool"; + swap = { + size = "38G"; + type = "8200"; + content = { + type = "swap"; + resumeDevice = true; # resume from hiberation from this device + # TODO: remove when LUKS is enabled + #randomEncryption = true; + }; + }; + zfs_1 = { + size = "100%"; + content = { + type = "zfs"; + pool = "zfspool"; + }; }; }; }; }; - }; - zpool = { - zfspool = { - type = "zpool"; - rootFsOptions = { - mountpoint = "none"; - acltype = "posixacl"; - compression = "lz4"; - xattr = "sa"; - }; - # `ashift=12` optimizes alignment for 4K sector size. - # Since this is an generic image and people might upgrade from one nvme device to another, - # we should make sure it runs well on these devices, also in theory 512B would work with less. - # This trades off some space overhead for overall better performance on 4k devices. - options.ashift = "12"; - datasets = { - "root" = { - type = "zfs_fs"; - mountpoint = "/"; - options = { + zpool = { + zfspool = { + type = "zpool"; + rootFsOptions = { + mountpoint = "none"; + acltype = "posixacl"; + compression = "lz4"; + xattr = "sa"; + }; + # `ashift=12` optimizes alignment for 4K sector size. + # Since this is an generic image and people might upgrade from one nvme device to another, + # we should make sure it runs well on these devices, also in theory 512B would work with less. + # This trades off some space overhead for overall better performance on 4k devices. + options.ashift = "12"; + datasets = { + "root" = { + type = "zfs_fs"; mountpoint = "/"; - quota = "30G"; + options = { + mountpoint = "/"; + quota = "30G"; + }; }; - }; - "vm_storage" = { - type = "zfs_fs"; - options = { - mountpoint = "/vm_storage"; - quota = "30G"; + "vm_storage" = { + type = "zfs_fs"; + options = { + mountpoint = "/vm_storage"; + quota = "30G"; + }; }; - }; - "reserved" = { - type = "zfs_fs"; - options = { - mountpoint = "none"; - quota = "10G"; + "reserved" = { + type = "zfs_fs"; + options = { + mountpoint = "none"; + quota = "10G"; + }; }; - }; - "gp_storage" = { - type = "zfs_fs"; - options = { - mountpoint = "/gp_storage"; - quota = "50G"; + "gp_storage" = { + type = "zfs_fs"; + options = { + mountpoint = "/gp_storage"; + quota = "50G"; + }; }; - }; - "recovery" = { - type = "zfs_fs"; - options = { - mountpoint = "none"; + "recovery" = { + type = "zfs_fs"; + options = { + mountpoint = "none"; + }; }; - }; - "storagevm" = { - type = "zfs_fs"; - options = { - mountpoint = "/storagevm"; + "storagevm" = { + type = "zfs_fs"; + options = { + mountpoint = "/storagevm"; + }; }; }; }; diff --git a/modules/reference/hardware/lenovo-t14-amd/definitions/gen-5.nix b/modules/reference/hardware/lenovo-t14-amd/definitions/gen-5.nix new file mode 100644 index 000000000..f79905630 --- /dev/null +++ b/modules/reference/hardware/lenovo-t14-amd/definitions/gen-5.nix @@ -0,0 +1,164 @@ +# Copyright 2024 TII (SSRC) and the Ghaf contributors +# SPDX-License-Identifier: Apache-2.0 +{ + # System name + name = "LENOVO ThinkPad T14 Gen 5"; + + # List of system SKUs covered by this configuration + skus = [ + "LENOVO_MT_21MC_BU_Think_FM_ThinkPad T14 Gen 5 21MCCTO1WW" + ]; + + # Host configuration + host = { + kernelConfig.kernelParams = [ + "amd_iommu=on" + "iommu=pt" + "acpi_backlight=vendor" + "acpi_osi=linux" + "module_blacklist=amdgpu" + #"module_blacklist=amdgpu,ath12k,r8169,snd_acp_pci,snd_hda_intel,snd_pci_acp3x,snd_pci_acp5x,snd_pci_acp6x,snd_pci_ps,snd_rn_pci_acp3x,snd_rpl_pci_acp6x,snd_sof_amd_rembrandt,snd_sof_amd_renoir,snd_sof_amd_vangogh" + ]; + }; + + # Input devices + input = { + keyboard = { + name = [ + "AT Translated Set 2 keyboard" + ]; + evdev = [ + "/dev/keyboard0" + ]; + }; + + mouse = { + name = [ + "TPPS/2 Elan TrackPoint" + "ELAN0676:00 04F3:3195 Mouse" + ]; + evdev = [ + "/dev/mouse0" + "/dev/mouse1" + ]; + }; + + touchpad = { + name = [ + "ELAN0676:00 04F3:3195 Touchpad" + ]; + evdev = [ + "/dev/touchpad0" + ]; + }; + + misc = { + name = [ + # "Power Button" "HD-Audio Generic Mic" "HD-Audio Generic Headphone" "ThinkPad Extra Buttons" "Lid Switch" "Sleep Button" "Video Bus" "HD-Audio Generic HDMI/DP,pcm=3" "HD-Audio Generic HDMI/DP,pcm=7" "HD-Audio Generic HDMI/DP,pcm=8" + ]; + evdev = [ + # /dev/input/by-path/platform-thinkpad_acpi-event + ]; + }; + }; + + # Main disk device + disks = { + disk1.device = "/dev/nvme0n1"; + }; + + # Network devices for passthrough to netvm + network = { + pciDevices = [ + { + # Network controller: Qualcomm Technologies, Inc WCN785x Wi-Fi 7(802.11be) 320MHz 2x2 [FastConnect 7800] (rev 01) + name = "wlp0s5f0"; + path = "0000:02:00.0"; + vendorId = "17cb"; + productId = "1107"; + # Detected kernel driver: ath12k_pci + # Detected kernel modules: ath12k + } + { + # Ethernet controller: Realtek Semiconductor Co., Ltd. RTL8111/8168/8211/8411 PCI Express Gigabit Ethernet Controller (rev 0e) + name = "eth0"; + path = "0000:01:00.0"; + vendorId = "10ec"; + productId = "8168"; + # Detected kernel driver: r8169 + # Detected kernel modules: r8169 + } + ]; + kernelConfig = { + # Kernel modules are indicative only, please investigate with lsmod/modinfo + stage1.kernelModules = []; + stage2.kernelModules = [ + "ath12k" + "r8169" + ]; + kernelParams = []; + }; + }; + + # GPU devices for passthrough to guivm + gpu = { + pciDevices = [ + { + # VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Phoenix3 (rev d0) + name = "gpu0"; + path = "0000:c4:00.0"; + vendorId = "1002"; + productId = "1900"; + # Detected kernel driver: amdgpu + # Detected kernel modules: amdgpu + } + ]; + kernelConfig = { + # Kernel modules are indicative only, please investigate with lsmod/modinfo + stage1.kernelModules = [ + "amdgpu" + ]; + stage2.kernelModules = []; + kernelParams = [ + "earlykms" + ]; + }; + }; + + # Audio device for passthrough to audiovm + audio = { + pciDevices = [ + { + # Audio device: Advanced Micro Devices, Inc. [AMD] Family 17h/19h HD Audio Controller + name = "snd2"; + path = "0000:c4:00.6"; + vendorId = "1022"; + productId = "15e3"; + # Detected kernel driver: snd_hda_intel + # Detected kernel modules: snd_hda_intel + } + ]; + kernelConfig = { + # Kernel modules are indicative only, please investigate with lsmod/modinfo + stage1.kernelModules = []; + stage2.kernelModules = [ + "snd_hda_intel" + ]; + kernelParams = []; + }; + }; + + # USB devices for passthrough + usb = { + internal = [ + { + name = "cam0"; + hostbus = "3"; + hostport = "1"; + } + ]; + external = [ + # Add external USB devices here + ]; + }; +} diff --git a/targets/laptop/flake-module.nix b/targets/laptop/flake-module.nix index 743826516..93cb042ba 100644 --- a/targets/laptop/flake-module.nix +++ b/targets/laptop/flake-module.nix @@ -60,6 +60,16 @@ let }; } ]) + # For now we just build debug profile until everything works + (laptop-configuration "lenovo-t14-amd" "debug" [ + self.nixosModules.disko-ab-partitions-v1 + { + ghaf = { + hardware.definition = import ../../modules/reference/hardware/lenovo-t14-amd/definitions/gen-5.nix; + reference.profiles.mvp-user-trial.enable = true; + }; + } + ]) # Laptop Release configurations (laptop-configuration "lenovo-x1-carbon-gen10" "release" [