merge changes
This commit is contained in:
commit
4be9ce6185
20 changed files with 333 additions and 35 deletions
|
@ -39,6 +39,8 @@ in
|
|||
};
|
||||
};
|
||||
|
||||
programs.honkers-railway-launcher.enable = true;
|
||||
|
||||
services.udev.packages = [ pkgs.wooting-udev-rules ];
|
||||
|
||||
environment.sessionVariables = {
|
||||
|
|
|
@ -18,7 +18,7 @@ in
|
|||
noto-fonts-monochrome-emoji
|
||||
roboto
|
||||
liberation_ttf
|
||||
nerdfonts
|
||||
# nerdfonts
|
||||
];
|
||||
|
||||
fontDir.enable = true;
|
||||
|
|
|
@ -39,10 +39,10 @@ in
|
|||
{
|
||||
config = mkIf (enable && graphical) {
|
||||
# Enable OpenGL
|
||||
hardware.opengl = {
|
||||
hardware.graphics = {
|
||||
enable = true;
|
||||
driSupport = true;
|
||||
driSupport32Bit = true;
|
||||
#driSupport = true;
|
||||
#driSupport32Bit = true;
|
||||
extraPackages = [ ];
|
||||
};
|
||||
|
||||
|
|
|
@ -66,7 +66,7 @@ in
|
|||
"usb_storage"
|
||||
"sd_mod"
|
||||
];
|
||||
initrd.systemd.enable = true;
|
||||
# initrd.systemd.enable = true;
|
||||
loader.systemd-boot.enable = true;
|
||||
# extraModulePackages = [ config.boot.kernelPackages.ddcci-driver ];
|
||||
kernelModules = [
|
||||
|
|
|
@ -9,7 +9,10 @@ let
|
|||
in
|
||||
{
|
||||
config = lib.mkIf (enable && network) {
|
||||
networking.networkmanager.enable = true;
|
||||
networking.networkmanager = {
|
||||
enable = true;
|
||||
plugins = with pkgs; [ networkmanager-openvpn ];
|
||||
};
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
|
||||
hardware.bluetooth.enable = lib.mkDefault laptop_hardware.enable;
|
||||
|
|
|
@ -9,7 +9,6 @@ let
|
|||
in
|
||||
{
|
||||
config = lib.mkIf (enable && sound.enable) {
|
||||
sound.enable = true;
|
||||
hardware.pulseaudio.enable = false;
|
||||
|
||||
services.pipewire = {
|
||||
|
|
|
@ -58,12 +58,14 @@ in
|
|||
|
||||
parted
|
||||
expect
|
||||
gptfdisk
|
||||
]
|
||||
++ optionals graphical [
|
||||
wev
|
||||
qdirstat
|
||||
libva-utils
|
||||
gparted
|
||||
bottles
|
||||
];
|
||||
|
||||
environment.shellAliases = {
|
||||
|
|
|
@ -10,6 +10,7 @@ let
|
|||
mkOption
|
||||
types
|
||||
getExe
|
||||
getExe'
|
||||
mkIf
|
||||
;
|
||||
inherit (pkgs)
|
||||
|
@ -56,7 +57,7 @@ in
|
|||
{
|
||||
config = mkIf (enable && tooling.enable) {
|
||||
environment.systemPackages = [ helix-wrapped ];
|
||||
environment.sessionVariables.EDITOR = getExe helix-wrapped;
|
||||
environment.sessionVariables.EDITOR = getExe' helix-wrapped "hx";
|
||||
|
||||
programs.helix.config = {
|
||||
editor.cursor-shape.insert = "bar";
|
||||
|
|
|
@ -53,7 +53,7 @@ in
|
|||
name: value: "aliases[\"${name}\"] = '''${value}'''"
|
||||
) config.environment.shellAliases
|
||||
);
|
||||
# package = pkgs.xonsh.wrapper.override { extraPackages = pyLibs; };
|
||||
package = pkgs.xonsh.override { extraPackages = pyLibs; };
|
||||
};
|
||||
|
||||
grimmShared.tooling.lang_servers = [
|
||||
|
|
8
common/xdg/alacritty.toml
Normal file
8
common/xdg/alacritty.toml
Normal file
|
@ -0,0 +1,8 @@
|
|||
[font]
|
||||
# Point size
|
||||
size=16.0
|
||||
normal = { family="Noto Sans Mono" }
|
||||
|
||||
[window]
|
||||
opacity=0.85
|
||||
|
|
@ -33,6 +33,16 @@ let
|
|||
"blender.desktop"
|
||||
];
|
||||
tex_editors = [ ] ++ text_editors;
|
||||
|
||||
alacritty_pkg = pkgs.symlinkJoin {
|
||||
name = "alacritty";
|
||||
paths = [ pkgs.alacritty ];
|
||||
buildInputs = [ pkgs.makeWrapper ];
|
||||
postBuild = ''
|
||||
wrapProgram $out/bin/alacritty \
|
||||
--add-flags "--config-file ${./alacritty.toml}"
|
||||
'';
|
||||
};
|
||||
in
|
||||
{
|
||||
config = lib.mkIf (enable && portals && graphical) {
|
||||
|
@ -41,7 +51,7 @@ in
|
|||
|
||||
zathura
|
||||
gnome-console
|
||||
alacritty
|
||||
alacritty_pkg
|
||||
imhex
|
||||
libreoffice-qt
|
||||
filezilla
|
||||
|
|
|
@ -20,6 +20,7 @@ let
|
|||
|
||||
host_modules = {
|
||||
grimmauld-nixos = [ ./specific/grimm-nixos-laptop/configuration.nix ];
|
||||
grimm-nixos-ssd = [ ./specific/grimm-nixos-ssd/configuration.nix ];
|
||||
|
||||
grimmauld-nixos-server = [
|
||||
./specific/grimmauld-nixos-server/configuration.nix
|
||||
|
@ -44,6 +45,8 @@ in
|
|||
"${nivSources.nixos-mailserver}/default.nix"
|
||||
"${nivSources.nixos-matrix-modules}/module.nix"
|
||||
|
||||
(builtins.getFlake (asGithubRef nivSources.aagl-gtk-on-nix)).nixosModules.default
|
||||
|
||||
# fixme: ideally we'd not rely on the flake syntax to load the module
|
||||
(builtins.getFlake (asGithubRef nivSources.chaotic)).nixosModules.default
|
||||
# (builtins.getFlake (asGithubRef nivSources.nixos-matrix-modules)).nixosModules.default
|
||||
|
@ -99,6 +102,10 @@ in
|
|||
|
||||
config = {
|
||||
allowUnfree = true;
|
||||
permittedInsecurePackages = [
|
||||
"olm-3.2.16"
|
||||
"jitsi-meet-1.0.8043"
|
||||
];
|
||||
};
|
||||
in
|
||||
{
|
||||
|
@ -129,11 +136,13 @@ in
|
|||
nix.settings.extra-substituters = [
|
||||
# "https://cache.lix.systems"
|
||||
"https://nyx.chaotic.cx/"
|
||||
"https://ezkea.cachix.org"
|
||||
];
|
||||
|
||||
nix.settings.trusted-public-keys = [
|
||||
# "cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o="
|
||||
"nyx.chaotic.cx-1:HfnXSw4pj95iI/n17rIDy40agHj12WfF+Gqk6SonIT8="
|
||||
"chaotic-nyx.cachix.org-1:HfnXSw4pj95iI/n17rIDy40agHj12WfF+Gqk6SonIT8="
|
||||
"ezkea.cachix.org-1:ioBmUbJTZIKsHmWWXPe1FSFbeVe+afhfgqgTSNd34eI="
|
||||
];
|
||||
}
|
||||
|
|
|
@ -5,10 +5,10 @@
|
|||
"homepage": "https://matrix.to/#/#agenix:nixos.org",
|
||||
"owner": "ryantm",
|
||||
"repo": "agenix",
|
||||
"rev": "de96bd907d5fbc3b14fc33ad37d1b9a3cb15edc6",
|
||||
"sha256": "0rkcx72bq7fm5b1qy1nrzp8v93nv784wh11srgi3pi0m6sr9g03f",
|
||||
"rev": "f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41",
|
||||
"sha256": "1x8nd8hvsq6mvzig122vprwigsr3z2skanig65haqswn7z7amsvg",
|
||||
"type": "tarball",
|
||||
"url": "https://github.com/ryantm/agenix/archive/de96bd907d5fbc3b14fc33ad37d1b9a3cb15edc6.tar.gz",
|
||||
"url": "https://github.com/ryantm/agenix/archive/f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41.tar.gz",
|
||||
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
||||
},
|
||||
"authentik-nix": {
|
||||
|
@ -17,10 +17,10 @@
|
|||
"homepage": "",
|
||||
"owner": "nix-community",
|
||||
"repo": "authentik-nix",
|
||||
"rev": "89cfaf2eb197a39d12422e773f867d1a7c99b048",
|
||||
"sha256": "1405rzwq8fwpyc63ac76f50glc00sp18m2ska1najzqvzi9v5zpk",
|
||||
"rev": "1138b948d3e1d5bc453e096bac1a510487871415",
|
||||
"sha256": "0wbzbya8qkh9gys7am2m4waq8l5b41m7kvyxnxlvgk42xnrxdqxj",
|
||||
"type": "tarball",
|
||||
"url": "https://github.com/nix-community/authentik-nix/archive/89cfaf2eb197a39d12422e773f867d1a7c99b048.tar.gz",
|
||||
"url": "https://github.com/nix-community/authentik-nix/archive/1138b948d3e1d5bc453e096bac1a510487871415.tar.gz",
|
||||
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
||||
},
|
||||
"chaotic": {
|
||||
|
@ -29,10 +29,10 @@
|
|||
"homepage": "https://nyx.chaotic.cx",
|
||||
"owner": "chaotic-cx",
|
||||
"repo": "nyx",
|
||||
"rev": "a7f32d358f6efddddd29cd977cd056da9ab040cf",
|
||||
"sha256": "08gpq1bzfmis75c1lxqdsqa20m1nch1fnrl7v2f8jy10k9f332db",
|
||||
"rev": "7ed94bbcc6b28d546169b66b5e881c33ab5e62f4",
|
||||
"sha256": "14x6p0g2wbs9fc3bbds3yv4j5jgdc37vx282ggqmyx729ifv70m7",
|
||||
"type": "tarball",
|
||||
"url": "https://github.com/chaotic-cx/nyx/archive/a7f32d358f6efddddd29cd977cd056da9ab040cf.tar.gz",
|
||||
"url": "https://github.com/chaotic-cx/nyx/archive/7ed94bbcc6b28d546169b66b5e881c33ab5e62f4.tar.gz",
|
||||
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
||||
},
|
||||
"glibc-eac": {
|
||||
|
@ -41,28 +41,28 @@
|
|||
"homepage": "",
|
||||
"owner": "Frogging-Family",
|
||||
"repo": "glibc-eac",
|
||||
"rev": "1dc68d1d0c6105035c659f1eb574191d67ab1b7e",
|
||||
"sha256": "1jsi4g8324kxpx28wh3i65476djryj65v4zs0x9cv8jqamqvnhay",
|
||||
"rev": "de5df722493768cb02e23ce0703429636458befb",
|
||||
"sha256": "1yx3hal1kwj28ij688inaww169rj74iv3l3bwa74r3y4msdfnl80",
|
||||
"type": "tarball",
|
||||
"url": "https://github.com/Frogging-Family/glibc-eac/archive/1dc68d1d0c6105035c659f1eb574191d67ab1b7e.tar.gz",
|
||||
"url": "https://github.com/Frogging-Family/glibc-eac/archive/de5df722493768cb02e23ce0703429636458befb.tar.gz",
|
||||
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
||||
},
|
||||
"lix-module": {
|
||||
"branch": "main",
|
||||
"repo": "https://git.lix.systems/lix-project/nixos-module.git",
|
||||
"rev": "d70318fb946a0e720dfdd1fb10b0645c14e2a02a",
|
||||
"rev": "b0e6f359500d66670cc16f521e4f62d6a0a4864e",
|
||||
"type": "git"
|
||||
},
|
||||
"lix-pkg": {
|
||||
"branch": "main",
|
||||
"repo": "https://git.lix.systems/lix-project/lix.git",
|
||||
"rev": "5ee1e6ea9887a54f0af3a66528abc04b17611516",
|
||||
"rev": "14dc84ed03f1b7e5a41bb6fdce00916faab32b60",
|
||||
"type": "git"
|
||||
},
|
||||
"nixos-mailserver": {
|
||||
"branch": "master",
|
||||
"repo": "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver.git",
|
||||
"rev": "290a995de5c3d3f08468fa548f0d55ab2efc7b6b",
|
||||
"rev": "af7d3bf5daeba3fc28089b015c0dd43f06b176f2",
|
||||
"type": "git"
|
||||
},
|
||||
"nixos-matrix-modules": {
|
||||
|
@ -71,10 +71,10 @@
|
|||
"homepage": null,
|
||||
"owner": "dali99",
|
||||
"repo": "nixos-matrix-modules",
|
||||
"rev": "d7dc42c9bbb155c5e4aa2f0985d0df75ce978456",
|
||||
"sha256": "10q5is4fkmiqqfrmvvv92qkfv1iizariklbvazx00n9qvi2qlp1h",
|
||||
"rev": "ff787d410cba17882cd7b6e2e22cc88d4064193c",
|
||||
"sha256": "150nvzdrmvyy47pyv44rpmv96mwvgcsq4n22b6g5inzqyz334sxm",
|
||||
"type": "tarball",
|
||||
"url": "https://github.com/dali99/nixos-matrix-modules/archive/d7dc42c9bbb155c5e4aa2f0985d0df75ce978456.tar.gz",
|
||||
"url": "https://github.com/dali99/nixos-matrix-modules/archive/ff787d410cba17882cd7b6e2e22cc88d4064193c.tar.gz",
|
||||
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
||||
},
|
||||
"nixpkgs": {
|
||||
|
@ -83,10 +83,10 @@
|
|||
"homepage": null,
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "ad0b5eed1b6031efaed382844806550c3dcb4206",
|
||||
"sha256": "105856b6lrbhn6q6cdbxrmnwbxjd8jy8qs79qp864yk1x1j5wvpr",
|
||||
"rev": "1925c603f17fc89f4c8f6bf6f631a802ad85d784",
|
||||
"sha256": "04kf05809w6bvr4vmbjjc3p8w8ycapx9395v5x3ylmw3lhadxqr7",
|
||||
"type": "tarball",
|
||||
"url": "https://github.com/NixOS/nixpkgs/archive/ad0b5eed1b6031efaed382844806550c3dcb4206.tar.gz",
|
||||
"url": "https://github.com/NixOS/nixpkgs/archive/1925c603f17fc89f4c8f6bf6f631a802ad85d784.tar.gz",
|
||||
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
||||
},
|
||||
"ranger_udisk_menu": {
|
||||
|
|
|
@ -31,7 +31,7 @@
|
|||
./matrix-appservice-discord.nix
|
||||
./deskwhich.nix
|
||||
./tlpui.nix
|
||||
./mcontrolcenter.nix
|
||||
# ./mcontrolcenter.nix
|
||||
# ./ccache-wrapper.nix
|
||||
./searchclip.nix
|
||||
./confwhich.nix
|
||||
|
|
|
@ -4,6 +4,6 @@ let
|
|||
in
|
||||
{
|
||||
factorio = prev.factorio.override (
|
||||
{ } // lib.optionalAttrs (builtins.pathExists loginFile) (import loginFile)
|
||||
{ versionsJson = ./versions.json; } // lib.optionalAttrs (builtins.pathExists loginFile) (import loginFile)
|
||||
);
|
||||
}
|
||||
|
|
4
overlays/factorioLogin.nix
Normal file
4
overlays/factorioLogin.nix
Normal file
|
@ -0,0 +1,4 @@
|
|||
{
|
||||
username = "Grimmauld";
|
||||
token = "c3a57c976cf995959fd1458315ba0a";
|
||||
}
|
58
overlays/versions.json
Normal file
58
overlays/versions.json
Normal file
|
@ -0,0 +1,58 @@
|
|||
{
|
||||
"x86_64-linux": {
|
||||
"alpha": {
|
||||
"experimental": {
|
||||
"name": "factorio_alpha_x64-1.1.109.tar.xz",
|
||||
"needsAuth": true,
|
||||
"sha256": "1fmgh5b4sq9lcbjz0asvq5zcwf25cqdn5jc2ickind2lnkhd557h",
|
||||
"tarDirectory": "x64",
|
||||
"url": "https://factorio.com/get-download/1.1.109/alpha/linux64",
|
||||
"version": "1.1.109"
|
||||
},
|
||||
"stable": {
|
||||
"name": "factorio_alpha_x64-1.1.109.tar.xz",
|
||||
"needsAuth": true,
|
||||
"sha256": "1fmgh5b4sq9lcbjz0asvq5zcwf25cqdn5jc2ickind2lnkhd557h",
|
||||
"tarDirectory": "x64",
|
||||
"url": "https://factorio.com/get-download/1.1.109/alpha/linux64",
|
||||
"version": "1.1.109"
|
||||
}
|
||||
},
|
||||
"demo": {
|
||||
"experimental": {
|
||||
"name": "factorio_demo_x64-1.1.109.tar.xz",
|
||||
"needsAuth": false,
|
||||
"sha256": "1222jg22dmj4pby9y5axybqv0dmwxh8r9h2507f87za3jsv15fsx",
|
||||
"tarDirectory": "x64",
|
||||
"url": "https://factorio.com/get-download/1.1.109/demo/linux64",
|
||||
"version": "1.1.109"
|
||||
},
|
||||
"stable": {
|
||||
"name": "factorio_demo_x64-1.1.109.tar.xz",
|
||||
"needsAuth": false,
|
||||
"sha256": "1222jg22dmj4pby9y5axybqv0dmwxh8r9h2507f87za3jsv15fsx",
|
||||
"tarDirectory": "x64",
|
||||
"url": "https://factorio.com/get-download/1.1.109/demo/linux64",
|
||||
"version": "1.1.109"
|
||||
}
|
||||
},
|
||||
"headless": {
|
||||
"experimental": {
|
||||
"name": "factorio_headless_x64-1.1.109.tar.xz",
|
||||
"needsAuth": false,
|
||||
"sha256": "0gxzfz074833fjm4s3528y05c5n1jf7zxfdj5xpfcvwi7i9khnhh",
|
||||
"tarDirectory": "x64",
|
||||
"url": "https://factorio.com/get-download/1.1.109/headless/linux64",
|
||||
"version": "1.1.109"
|
||||
},
|
||||
"stable": {
|
||||
"name": "factorio_headless_x64-1.1.109.tar.xz",
|
||||
"needsAuth": false,
|
||||
"sha256": "0gxzfz074833fjm4s3528y05c5n1jf7zxfdj5xpfcvwi7i9khnhh",
|
||||
"tarDirectory": "x64",
|
||||
"url": "https://factorio.com/get-download/1.1.109/headless/linux64",
|
||||
"version": "1.1.109"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
|
@ -1,4 +1,4 @@
|
|||
{ config, ... }:
|
||||
{ config, lib, ... }:
|
||||
{
|
||||
imports = [
|
||||
# Include the results of the hardware scan.
|
||||
|
@ -9,6 +9,12 @@
|
|||
|
||||
age.identityPaths = [ "/home/grimmauld/.ssh/id_ed25519" ];
|
||||
|
||||
|
||||
services.zfs.trim.enable = true;
|
||||
boot.supportedFilesystems.zfs = true;
|
||||
networking.hostId = "2ea79333";
|
||||
boot.kernelPackages = lib.mkForce config.boot.zfs.package.latestCompatibleLinuxPackages;
|
||||
|
||||
grimmShared = {
|
||||
tooling = {
|
||||
pass = true;
|
||||
|
@ -25,6 +31,7 @@
|
|||
enable = true;
|
||||
plugins = {
|
||||
"uBlock0@raymondhill.net" = "ublock-origin";
|
||||
"{1e6672b5-a286-4217-83ec-81cc872debcf}" = "youtube-control-fix";
|
||||
"gdpr@cavi.au.dk" = "consent-o-matic";
|
||||
"{41f9e51d-35e4-4b29-af66-422ff81c8b41}" = "disable-javascript";
|
||||
"{7a7a4a92-a2a0-41d1-9fd7-1e92480d612d}" = "styl-us";
|
||||
|
|
66
specific/grimm-nixos-ssd/configuration.nix
Normal file
66
specific/grimm-nixos-ssd/configuration.nix
Normal file
|
@ -0,0 +1,66 @@
|
|||
{ config, lib, ... }:
|
||||
{
|
||||
imports = [
|
||||
# Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
# ./modules/kvm.nix
|
||||
./../../sway
|
||||
];
|
||||
|
||||
age.identityPaths = [ "/root/.ssh/id_ed25519" ];
|
||||
|
||||
services.zfs.trim.enable = true;
|
||||
boot.supportedFilesystems.zfs = true;
|
||||
# networking.hostId = "2ea79333";
|
||||
# boot.kernelPackages = lib.mkForce config.boot.zfs.package.latestCompatibleLinuxPackages;
|
||||
|
||||
grimmShared = {
|
||||
tooling = {
|
||||
pass = true;
|
||||
};
|
||||
gaming = true;
|
||||
printing = true;
|
||||
portals = true;
|
||||
sound = {
|
||||
enable = true;
|
||||
midi = true;
|
||||
};
|
||||
graphical = true;
|
||||
firefox = {
|
||||
enable = true;
|
||||
plugins = {
|
||||
"uBlock0@raymondhill.net" = "ublock-origin";
|
||||
"{1e6672b5-a286-4217-83ec-81cc872debcf}" = "youtube-control-fix";
|
||||
"gdpr@cavi.au.dk" = "consent-o-matic";
|
||||
"{41f9e51d-35e4-4b29-af66-422ff81c8b41}" = "disable-javascript";
|
||||
"{7a7a4a92-a2a0-41d1-9fd7-1e92480d612d}" = "styl-us";
|
||||
"wappalyzer@crunchlabz.com" = "wappalyzer";
|
||||
"{b9db16a4-6edc-47ec-a1f4-b86292ed211d}" = "video-downloadhelper";
|
||||
"{1526fba1-ac33-4dfc-99d8-163e6129f7b9}" = "reveye-ris";
|
||||
};
|
||||
};
|
||||
cloudSync = {
|
||||
enable = true;
|
||||
username = "Grimmauld";
|
||||
server = "cloud.grimmauld.de";
|
||||
passwordFile = config.age.secrets.nextcloud_pass.path;
|
||||
};
|
||||
|
||||
spotify.enable = true;
|
||||
};
|
||||
|
||||
age.secrets.nextcloud_pass = {
|
||||
file = ./../../secrets/nextcloud_pass.age;
|
||||
mode = "777";
|
||||
};
|
||||
|
||||
networking.hostName = "grimm-nixos-ssd";
|
||||
|
||||
system.stateVersion = "24.05";
|
||||
|
||||
# nix.settings.extra-substituters = [ "https://nixcache.grimmauld.de" ];
|
||||
|
||||
nix.settings.trusted-public-keys = [
|
||||
"nixcache.grimmauld.de:LFBlakr8RYIuVb9I1S0+L9JGyB2THcfbPa0W6srghqo="
|
||||
];
|
||||
}
|
129
specific/grimm-nixos-ssd/hardware-configuration.nix
Normal file
129
specific/grimm-nixos-ssd/hardware-configuration.nix
Normal file
|
@ -0,0 +1,129 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "uas" "sd_mod" "kvm-intel" ];
|
||||
boot.initrd.kernelModules = [ "zfs" "nls_cp437" "nls_iso8859-1" "usbhid" "usb_storage" "nvme" ];
|
||||
boot.zfs = {
|
||||
forceImportRoot = false;
|
||||
requestEncryptionCredentials = false; # none of the zfs datasets that should be mounted are encrypted. User homes happen later.
|
||||
# [
|
||||
# "zpool/home"
|
||||
# "zpool/root"
|
||||
# "zpool/nix"
|
||||
# "zpool/var"
|
||||
# ];
|
||||
};
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.supportedFilesystems.zfs = true;
|
||||
networking.hostId = "40fa5ea8";
|
||||
boot.kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
|
||||
boot.extraModulePackages = [ ];
|
||||
boot.kernelParams = [ "mds=full,nosmt" ];
|
||||
services.homed.enable = true;
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "zpool/root";
|
||||
fsType = "zfs";
|
||||
};
|
||||
|
||||
fileSystems."/nix" =
|
||||
{ device = "zpool/nix";
|
||||
fsType = "zfs";
|
||||
};
|
||||
|
||||
fileSystems."/var" =
|
||||
{ device = "zpool/var";
|
||||
fsType = "zfs";
|
||||
};
|
||||
|
||||
# fileSystems."/home" =
|
||||
# { device = "zpool/home";
|
||||
# fsType = "zfs";
|
||||
# };
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/12CE-A600";
|
||||
fsType = "vfat";
|
||||
options = [ "fmask=0022" "dmask=0022" "umask=077" ];
|
||||
};
|
||||
|
||||
|
||||
grimmShared = {
|
||||
screens = {
|
||||
external = {
|
||||
id = "HDMI-A-1";
|
||||
pos = "0 0";
|
||||
};
|
||||
|
||||
internal = {
|
||||
id = "eDP-1";
|
||||
fps = [
|
||||
144
|
||||
60
|
||||
];
|
||||
};
|
||||
};
|
||||
laptop_hardware.enable = true;
|
||||
};
|
||||
|
||||
|
||||
# fileSystems."/crypt-storage" =
|
||||
# { device = "/dev/disk/by-uuid/6f0d65a8-24f0-439d-b5ee-03c0ef051fcb";
|
||||
# fsType = "ext4";
|
||||
# options = [ "umask=077" ]; # read only so a fat-finger can't accidentially bonk our salts, rendering the disk useless.
|
||||
# };
|
||||
|
||||
# fileSystems."/home/grimmauld" =
|
||||
# { device = "zpool/home/grimmauld";
|
||||
# fsType = "zfs";
|
||||
# };
|
||||
|
||||
security.pam = {
|
||||
zfs = {
|
||||
enable = true;
|
||||
homes = "zpool/home";
|
||||
};
|
||||
};
|
||||
|
||||
boot.initrd.luks.yubikeySupport = true; # enable yubikey support
|
||||
|
||||
boot.initrd.luks.devices."root" = {
|
||||
device = "/dev/disk/by-uuid/6e6ca6b4-cfd5-4384-955b-bad9c48fa9d6"; # /dev/sda3
|
||||
preLVM = true;
|
||||
allowDiscards = true;
|
||||
|
||||
yubikey = {
|
||||
slot = 2;
|
||||
twoFactor = true; # Set to false for 1FA
|
||||
gracePeriod = 30; # Time in seconds to wait for Yubikey to be inserted
|
||||
keyLength = 64; # Set to $KEY_LENGTH/8
|
||||
saltLength = 16; # Set to $SALT_LENGTH
|
||||
|
||||
storage = {
|
||||
device = "/dev/disk/by-uuid/6f0d65a8-24f0-439d-b5ee-03c0ef051fcb"; # same ID as the crypt-storage mount earlier
|
||||
fsType = "ext4";
|
||||
path = "/default";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
swapDevices = [ ];
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.enp3s0.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.wlo1.useDHCP = lib.mkDefault true;
|
||||
|
||||
nixpkgs.hostPlatform = "x86_64-linux";
|
||||
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
}
|
Loading…
Reference in a new issue