nixos-lib/general.nix

{ config, pkgs, lib, myLib, ... }:
with lib;
let
  cfg = config.aviallon.general;
  desktopCfg = config.aviallon.desktop;
  buildUserPubKeyFile = ./nix/id_builder.pub;
  buildUserKeyFile = ./nix/id_builder;

  getSpeed = cores: threads: cores + (threads - cores) / 2;

  mkBuildMachine = {
    hostName,
    cores,
    systems ? [ "x86_64-linux" ] ,
    threads ? (cores * 2),
    features ? [ ],
    x86ver ? 1 ,
    ...
  }@attrs: let
    speedFactor = getSpeed cores threads;
  in {
    inherit hostName speedFactor;
    systems = systems
      ++ optional (any (s: s == "x86_64-linux") systems) "i686-linux"
    ;
    sshUser = "builder";
    sshKey = toString buildUserKeyFile;
    maxJobs = myLib.math.log2 cores;
    supportedFeatures = [ "kvm" "benchmark" ]
      ++ optional (speedFactor > 8) "big-parallel"
      ++ optional (x86ver >= 2) "gccarch-x86-64-v2"
      ++ optional (x86ver >= 3) "gccarch-x86-64-v3"
      ++ optional (x86ver >= 4) "gccarch-x86-64-v4"
      ++ features
    ;
    
  };
in
{
  imports = [
    (mkRemovedOptionModule [ "aviallon" "general" "flakes" "enable" ] "Flakes are now enabled by default")
  ];

  options.aviallon.general = {
    enable = mkOption {
      default = true;
      example = false;
      description = "Enable aviallon's general tuning";
      type = types.bool;
    };

    minimal = mkEnableOption "minimal installation";
    
    cores = mkOption {
      default = null;
      example = 4;
      description = "Number of physical threads of the machine";
      type = with types; nullOr ints.positive;
    };

    cpuVendor = mkOption {
      default = null;
      example = "amd";
      description = "Vendor of you CPU. Either AMD or Intel";
      type = types.str;
    };
    
    cpuArch = mkOption {
      default = "x86-64";
      example = "x86-64-v2";
      description = "Set CPU arch used in overlays, ...";
      type = types.str;
    };
    cpuTune = mkOption {
      default = "generic";
      example = "sandybridge";
      description = "Set CPU tuning for compilers";
      type = types.str;
    };
    unsafeOptimizations = mkEnableOption "unsafe system tuning";
    debug = mkEnableOption "debug-specific configuration";
  };

  config = mkIf cfg.enable {
    # Set your time zone.
    time.timeZone = "Europe/Paris";

    # Select internationalisation properties.
    i18n = {
      defaultLocale = "fr_FR.UTF-8";
    };

    console = {
      keyMap = "fr-pc";
      font = "Lat2-Terminus16";
    };

    aviallon.boot.cmdline = mkIf cfg.unsafeOptimizations {
      mitigations = "off";
    };

    powerManagement.cpuFreqGovernor = mkDefault "schedutil";

    # Some programs need SUID wrappers, can be configured further or are
    # started in user sessions.
    programs.mtr.enable = true;
    
    documentation.man.generateCaches = true;


    # zram is so usefull, we should always have it enabled.
    zramSwap = {
      enable = true;
      priority = 10000;
      memoryPercent = 100;
      algorithm = "zstd";
    };

    environment.noXlibs = mkIf (cfg.minimal && (!desktopCfg.enable)) true;

    nix.buildMachines = []
      # luke-skywalker-nixos
      ++ optional (config.networking.hostName != "luke-skywalker-nixos") (mkBuildMachine {
        hostName = "2a01:e0a:18e:8670:ae71:8e51:19af:91a4";
        cores = 16;
        threads = 32;
        x86ver = 3;
      })
      ++ optional false (mkBuildMachine {
        hostName = "cachan.lesviallon.fr";
        cores = 6;
        threads = 6;
      })
    ;

    programs.ssh.extraConfig = ''
      Host cachan.lesviallon.fr
        Port 52222
    '';
    
    users.users.builder = {
      isSystemUser = true;
      group = "builder";
      hashedPassword = mkForce null; # Must not have a password!
      openssh.authorizedKeys.keys = [
        (readFile buildUserPubKeyFile)
      ];
      shell = pkgs.bashInteractive;
    };
    users.groups.builder = {};
    nix.settings.trusted-users = [ "builder" ];
    nix.distributedBuilds = mkDefault true;
  };

}