Kabbone/nixos-config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: Kabbone:2171e2957043cdac9c79b5a8e2536d31dfad75ce
Branches Tags
Kabbone:main
Kabbone:dev
Kabbone:refactor
...
compare: Kabbone:1466895a1ea41e65dc9780d51a6e9fe2e8534600
Branches Tags
Kabbone:main
Kabbone:dev
Kabbone:refactor

2 Commits
2171e29570 ... 1466895a1e

Author SHA1 Message Date
Kabbone
1466895a1e
hosts: steamdeck: fix luks hardware-config 2023-12-21 11:32:23 +01:00
Kabbone
2aa2c10ff2
flake update 2023-12-21 11:31:03 +01:00
5 changed files with 125 additions and 276 deletions
Show Stats Expand all files Collapse all files

48
flake.lock generated
View File

@ -9,11 +9,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1701216516, "lastModified": 1703107199,
"narHash": "sha256-jKSeJn+7hZ1dZdiH1L+NWUGT2i/BGomKAJ54B9kT06Q=", "narHash": "sha256-Xx9Kkoqye520mkEWTZx/sKQRJsIeWOuwoh568uwHpNg=",
"owner": "ryantm", "owner": "ryantm",
"repo": "agenix", "repo": "agenix",
"rev": "13ac9ac6d68b9a0896e3d43a082947233189e247", "rev": "17090d105af1b9f941109c1e12d6e3a596657f97",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -90,11 +90,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1702937117, "lastModified": 1703113217,
"narHash": "sha256-4GjkL2D01bDg00UZN/SeGrnBZrDVOFeZTbQx6U702Vc=", "narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "e8aaced73ebaf6bfa8e3c6ab0a19cb184bc4d798", "rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -110,11 +110,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1702814678, "lastModified": 1703113038,
"narHash": "sha256-zDtO0jV2QLoddUJinLlTQrQqCUW3dPiIWOSYgg98T7E=", "narHash": "sha256-oxkyzjpD+mNT7arzU/zHrkNHLuY9tKwmnD2MNaZiSDw=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "1488651d02c1a7a15e284210f0d380a62d8d8cef", "rev": "0c2353d5d930c3d93724df6858aef064a31b3c00",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -132,11 +132,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1702725654, "lastModified": 1703015323,
"narHash": "sha256-jcYYMEkHArk1K8IpL8X1+AzipmGlkRimKBpQ9kmDD4w=", "narHash": "sha256-XTHHu0VoPC1wZwpsiLc7MMqQqirYNcvCnjtznqBVfXw=",
"owner": "Jovian-Experiments", "owner": "Jovian-Experiments",
"repo": "Jovian-NixOS", "repo": "Jovian-NixOS",
"rev": "e7ffb0cd75f38ac65d99614acfea576e1b23c100", "rev": "5814cd0fb21308ad928e0fe6f61efc165a4a136c",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -153,11 +153,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1702946274, "lastModified": 1703095240,
"narHash": "sha256-4eYMBzBOj8rin0xzSnWFTXDcy+Sbr7oQ/gS2cQU96ac=", "narHash": "sha256-n/oeDYcJmmrC5F13qHZHGoFr2LfGIgcGz+bmApSApF0=",
"owner": "astro", "owner": "astro",
"repo": "microvm.nix", "repo": "microvm.nix",
"rev": "7e429619284c64c128108a7e1e8cf0a5d334118d", "rev": "7bd9255e535c8cbada7f574ddd3bcf3bfa5e1eae",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -206,11 +206,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1702780907, "lastModified": 1703068421,
"narHash": "sha256-blbrBBXjjZt6OKTcYX1jpe9SRof2P9ZYWPzq22tzXAA=", "narHash": "sha256-WSw5Faqlw75McIflnl5v7qVD/B3S2sLh+968bpOGrWA=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "1e2e384c5b7c50dbf8e9c441a9e58d85f408b01f", "rev": "d65bceaee0fb1e64363f7871bc43dc1c6ecad99f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -222,11 +222,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1702830618, "lastModified": 1703013332,
"narHash": "sha256-lvhwIvRwhOLgzbRuYkqHy4M5cQHYs4ktL6/hyuBS6II=", "narHash": "sha256-+tFNwMvlXLbJZXiMHqYq77z/RfmpfpiI3yjL6o/Zo9M=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "91a00709aebb3602f172a0bf47ba1ef013e34835", "rev": "54aac082a4d9bb5bbc5c4e899603abfb76a3f6d6",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -238,11 +238,11 @@
}, },
"nur": { "nur": {
"locked": { "locked": {
"lastModified": 1702997397, "lastModified": 1703151853,
"narHash": "sha256-th/EqbtB6jDFhe12kTsssDzF9Ev0p9Yq/oaiWXS3H9w=", "narHash": "sha256-gprJXHmq/n0jrNx0EYKuBT4ejtIDyVAfiT6ZPyyLcPI=",
"owner": "nix-community", "owner": "nix-community",
"repo": "NUR", "repo": "NUR",
"rev": "a04eea76ecdc42258fc3ed8391ba838145d0b96a", "rev": "645447668a47f90ce4745356a46cf2dcb3977205",
"type": "github" "type": "github"
}, },
"original": { "original": {

2
hosts/default.nix
View File

@ -97,7 +97,7 @@ in
nixos-hardware.nixosModules.common-pc-ssd nixos-hardware.nixosModules.common-pc-ssd
home-manager-unstable.nixosModules.home-manager { home-manager-unstable.nixosModules.home-manager {
nixpkgs-unstable.overlays = [ nixpkgs.overlays = [
nur.overlay nur.overlay
]; ];
home-manager.useGlobalPkgs = true; home-manager.useGlobalPkgs = true;

4
hosts/steamdeck/default.nix
View File

@ -67,14 +67,14 @@
}; };
services = { services = {
blueman.enable = true; # blueman.enable = true;
printing = { # Printing and drivers for TS5300 printing = { # Printing and drivers for TS5300
enable = true; enable = true;
drivers = [ pkgs.gutenprint ]; drivers = [ pkgs.gutenprint ];
}; };
avahi = { # Needed to find wireless printer avahi = { # Needed to find wireless printer
enable = true; enable = true;
nssmdns = true; nssmdns4 = true;
publish = { # Needed for detecting the scanner publish = { # Needed for detecting the scanner
enable = true; enable = true;
addresses = true; addresses = true;

174
hosts/steamdeck/hardware-configuration.nix
View File

@ -17,82 +17,65 @@
[ (modulesPath + "/installer/scan/not-detected.nix") [ (modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usb_storage" "usbhid" "sd_mod" "sdhci_pci" ]; boot = {
boot.initrd.kernelModules = [ ]; initrd = {
boot.kernelModules = [ "kvm-amd" ]; availableKernelModules = [ "nvme" "xhci_pci" "usb_storage" "usbhid" "sd_mod" "sdhci_pci" ];
boot.extraModulePackages = [ ]; kernelModules = [ ];
boot.tmp.useTmpfs = false; systemd.enable = true;
boot.tmp.cleanOnBoot = true; luks = {
devices."crypted" = {
device = "/dev/disk/by-partlabel/disk-nvme0n1-luks";
allowDiscards = true;
};
};
};
kernelModules = [ "kvm-amd" ];
kernelParams = [ "luks.options=fido2-device=auto" ];
tmp.useTmpfs = false;
tmp.cleanOnBoot = true;
};
zramSwap.enable = true; zramSwap.enable = true;
# services.btrfs.autoScrub = { services.btrfs.autoScrub = {
# enable = true; enable = true;
# interval = "monthly"; interval = "monthly";
# fileSystems = [ fileSystems = [
# "/" "/"
# ]; ];
# }; };
#
# services.btrbk = {
# instances = {
# hf = {
# onCalendar = "hourly";
# settings = {
# incremental = "yes";
# snapshot_create = "ondemand";
# snapshot_dir = "@snapshots";
# timestamp_format = "long";
#
# snapshot_preserve = "2m 2w 5d 5h";
# snapshot_preserve_min = "latest";
#
# volume = {
# "/mnt/snapshots/root" = {
# snapshot_create = "always";
# subvolume = {
# "@home" = {};
# };
# };
# };
# };
# };
# };
# };
# fileSystems."/" = services.btrbk = {
# { device = "/dev/disk/by-label/NIXROOT"; instances = {
# fsType = "btrfs"; hf = {
# options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@,discard=async" ]; onCalendar = "hourly";
# }; settings = {
# incremental = "yes";
# fileSystems."/home" = snapshot_create = "ondemand";
# { device = "/dev/disk/by-label/NIXROOT"; snapshot_dir = "@snapshots";
# fsType = "btrfs"; timestamp_format = "long";
# options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@home,discard=async" ];
# }; snapshot_preserve = "2m 2w 5d 5h";
# snapshot_preserve_min = "latest";
# fileSystems."/srv" =
# { device = "/dev/disk/by-label/NIXROOT"; volume = {
# fsType = "btrfs"; "/mnt/snapshots/root" = {
# options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@srv,discard=async" ]; snapshot_create = "always";
# }; subvolume = {
# "@home" = {};
# fileSystems."/nix" = };
# { device = "/dev/disk/by-label/NIXROOT"; };
# fsType = "btrfs"; };
# options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@nix,discard=async" ]; };
# }; };
# };
# fileSystems."/mnt/snapshots/root" = };
# { device = "/dev/disk/by-label/NIXROOT";
# fsType = "btrfs";
# options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvolid=5,discard=async" ];
# };
fileSystems."/" = fileSystems."/" =
{ device = "/dev/disk/by-label/NIXROOT"; { device = "/dev/mapper/crypted";
fsType = "ext4"; fsType = "btrfs";
options = [ "defaults,noatime" ]; options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@,discard=async" ];
}; };
fileSystems."/boot" = fileSystems."/boot" =
@ -100,10 +83,46 @@
fsType = "vfat"; fsType = "vfat";
}; };
fileSystems."/home" =
{ device = "/dev/mapper/crypted";
fsType = "btrfs";
options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@home,discard=async" ];
};
fileSystems."/nix" =
{ device = "/dev/mapper/crypted";
fsType = "btrfs";
options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@nix,discard=async" ];
};
fileSystems."/srv" =
{ device = "/dev/mapper/crypted";
fsType = "btrfs";
options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@srv,discard=async" ];
};
fileSystems."/swap" =
{ device = "/dev/mapper/crypted";
fsType = "btrfs";
options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@swap,discard=async" ];
};
fileSystems."/opt" =
{ device = "/dev/mapper/crypted";
fsType = "btrfs";
options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@opt,discard=async" ];
};
fileSystems."/mnt/snapshots/root" =
{ device = "/dev/mapper/crypted";
fsType = "btrfs";
options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvolid=5,discard=async" ];
};
fileSystems."/sdcard" = fileSystems."/sdcard" =
{ device = "/dev/disk/by-label/sdcard"; { device = "/dev/disk/by-label/sdcard";
fsType = "ext4"; fsType = "ext4";
options = [ "nofail,noauto,x-systemd.automount" ]; options = [ "nofail,noauto,users,x-systemd.automount" ];
}; };
fileSystems."/mnt/Pluto" = fileSystems."/mnt/Pluto" =
@ -118,14 +137,13 @@
options = [ "nofail,noauto,users,x-systemd.automount,x-systemd.device-timeout=10,soft,timeo=14,x-systemd.idle-timeout=1min,sec=sys,exec,nfsvers=4.2" ]; options = [ "nofail,noauto,users,x-systemd.automount,x-systemd.device-timeout=10,soft,timeo=14,x-systemd.idle-timeout=1min,sec=sys,exec,nfsvers=4.2" ];
}; };
swapDevices = [
{ device = "/dev/disk/by-label/NIXSWAP"; } swapDevices = [ { device = "/swap/swapfile"; } ];
];
networking = { networking = {
useDHCP = false; # Deprecated useDHCP = false; # Deprecated
hostName = "nix-steamdeck"; hostName = "steamdeck";
wireless.iwd.enable = true; wireless.iwd.enable = true;
networkmanager = { networkmanager = {
enable = true; enable = true;
@ -154,4 +172,8 @@
}; };
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
#powerManagement.powertop.enable = true;
powerManagement = {
scsiLinkPolicy = "med_power_with_dipm";
};
} }

173
hosts/steamdeck/hardware-configuration_luks.nix
View File

@ -1,173 +0,0 @@
#
# Hardware settings for Teclast F5 10" Laptop
# NixOS @ sda2
#
# flake.nix
# └─ ./hosts
# └─ ./laptop
# └─ hardware-configuration.nix *
#
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot = {
initrd = {
availableKernelModules = [ "nvme" "xhci_pci" "usb_storage" "usbhid" "sd_mod" "sdhci_pci" ];
kernelModules = [ ];
systemd.enable = true;
luks = {
devices."crypted" = {
device = "/dev/disk/by-partlabel/disk-nvme0n1-luks";
allowDiscards = true;
};
};
};
kernelModules = [ "kvm-amd" ];
kernelParams = [ "luks.options=fido2-device=auto" ];
tmp.useTmpfs = false;
tmp.cleanOnBoot = true;
};
zramSwap.enable = true;
services.btrfs.autoScrub = {
enable = true;
interval = "monthly";
fileSystems = [
"/"
];
};
services.btrbk = {
instances = {
hf = {
onCalendar = "hourly";
settings = {
incremental = "yes";
snapshot_create = "ondemand";
snapshot_dir = "@snapshots";
timestamp_format = "long";
snapshot_preserve = "2m 2w 5d 5h";
snapshot_preserve_min = "latest";
volume = {
"/mnt/snapshots/root" = {
snapshot_create = "always";
subvolume = {
"@home" = {};
};
};
};
};
};
};
};
fileSystems."/" =
{ device = "/dev/mapper/crypted";
fsType = "btrfs";
options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@,discard=async" ];
};
fileSystems."/home" =
{ device = "/dev/mapper/crypted";
fsType = "btrfs";
options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@home,discard=async" ];
};
fileSystems."/srv" =
{ device = "/dev/mapper/crypted";
fsType = "btrfs";
options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@srv,discard=async" ];
};
fileSystems."/opt" =
{ device = "/dev/mapper/crypted";
fsType = "btrfs";
options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@opt,discard=async" ];
};
fileSystems."/nix" =
{ device = "/dev/mapper/crypted";
fsType = "btrfs";
options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvol=@nix,discard=async" ];
};
fileSystems."/mnt/snapshots/root" =
{ device = "/dev/mapper/crypted";
fsType = "btrfs";
options = [ "compress=zstd,space_cache=v2,ssd,noatime,subvolid=5,discard=async" ];
};
fileSystems."/boot" =
{ device = "/dev/disk/by-label/NIXBOOT";
fsType = "vfat";
};
fileSystems."/sdcard" =
{ device = "/dev/disk/by-label/sdcard";
fsType = "ext4";
options = [ "nofail,noauto,users,x-systemd.automount" ];
};
fileSystems."/mnt/Pluto" =
{ device = "jupiter:/Pluto";
fsType = "nfs";
options = [ "nofail,noauto,users,x-systemd.automount,x-systemd.device-timeout=10,soft,timeo=14,x-systemd.idle-timeout=1min,sec=sys,exec,nfsvers=4.2" ];
};
fileSystems."/mnt/Mars" =
{ device = "jupiter:/Mars";
fsType = "nfs";
options = [ "nofail,noauto,users,x-systemd.automount,x-systemd.device-timeout=10,soft,timeo=14,x-systemd.idle-timeout=1min,sec=sys,exec,nfsvers=4.2" ];
};
swapDevices = [ { device = "/swap/swapfile"; } ];
networking = {
useDHCP = false; # Deprecated
hostName = "nix-steamdeck";
wireless.iwd.enable = true;
networkmanager = {
enable = true;
wifi = {
backend = "iwd";
powersave = true;
};
};
# interfaces = {
# wlan0 = {
# useDHCP = true; # For versatility sake, manually edit IP on nm-applet.
# #ipv4.addresses = [ {
# # address = "192.168.0.51";
# # prefixLength = 24;
# #} ];
# };
# };
#defaultGateway = "192.168.0.1";
#nameservers = [ "192.168.0.4" ];
firewall = {
checkReversePath = "loose";
# enable = false;
# #allowedUDPPorts = [ 53 67 ];
# #allowedTCPPorts = [ 53 80 443 9443 ];
};
};
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
#powerManagement.powertop.enable = true;
powerManagement = {
scsiLinkPolicy = "med_power_with_dipm";
};
}