massive refactoring
This commit is contained in:
yaroslav
@@ -0,0 +1,49 @@
|
||||
{...}:
|
||||
{
|
||||
boot.initrd.clevis = {
|
||||
enable = true;
|
||||
devices."luks-zroot".secretFile = ../../secrets/Ratchet/main.jwe;
|
||||
devices."luks-swap".secretFile = ../../secrets/Ratchet/main.jwe;
|
||||
};
|
||||
|
||||
boot.initrd.luks.devices = {
|
||||
luks-zroot.device = "/dev/nvme0n1p2";
|
||||
luks-swap.device = "/dev/nvme0n1p3";
|
||||
};
|
||||
|
||||
boot.zfs.requestEncryptionCredentials = [ ];
|
||||
|
||||
swapDevices = [ { device = "/dev/mapper/luks-swap"; } ];
|
||||
boot.kernel.sysctl."vm.swappiness" = 0;
|
||||
|
||||
fileSystems = {
|
||||
"/" = {
|
||||
device = "none";
|
||||
fsType = "tmpfs";
|
||||
options = ["defaults" "size=1G" "mode=755"];
|
||||
};
|
||||
"/nix" = {
|
||||
device = "ratchet-zroot/system/nix";
|
||||
fsType = "zfs";
|
||||
};
|
||||
"/home" = {
|
||||
device = "ratchet-zroot/system/home";
|
||||
fsType = "zfs";
|
||||
};
|
||||
"/boot" = {
|
||||
device = "/dev/nvme0n1p1";
|
||||
fsType = "vfat";
|
||||
options = [ "fmask=0022" "dmask=0022" ];
|
||||
};
|
||||
"/home/yaroslav/tmp" = {
|
||||
device = "none";
|
||||
fsType = "tmpfs";
|
||||
};
|
||||
"/Volumes/Trash" = {
|
||||
device = "aphelion:/Volumes/Trash";
|
||||
options = ["x-mount.mkdir" "user" "rw" "noauto" ];
|
||||
fsType = "nfs";
|
||||
};
|
||||
};
|
||||
|
||||
}
|
||||
@@ -5,19 +5,5 @@
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig.Type = "simple";
|
||||
};
|
||||
|
||||
# Install the driver
|
||||
services.fprintd.enable = true;
|
||||
# If simply enabling fprintd is not enough, try enabling fprintd.tod...
|
||||
#services.fprintd.tod.enable = true;
|
||||
# ...and use one of the next four drivers
|
||||
#services.fprintd.tod.driver = pkgs.libfprint-2-tod1-goodix; # Goodix driver module
|
||||
# services.fprintd.tod.driver = pkgs.libfprint-2-tod1-elan; # Elan(04f3:0c4b) driver
|
||||
# services.fprintd.tod.driver = pkgs.libfprint-2-tod1-vfs0090; # (Marked as broken as of 2025/04/23!) driver for 2016 ThinkPads
|
||||
# services.fprintd.tod.driver = pkgs.libfprint-2-tod1-goodix-550a; # Goodix 550a driver (from Lenovo)
|
||||
|
||||
# however for focaltech 2808:a658, use fprintd with overidden package (without tod)
|
||||
# services.fprintd.package = pkgs.fprintd.override {
|
||||
# libfprint = pkgs.libfprint-focaltech-2808-a658;
|
||||
# };
|
||||
}
|
||||
|
||||
@@ -1,6 +1,3 @@
|
||||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
@@ -14,55 +11,8 @@
|
||||
boot.extraModulePackages = [ ];
|
||||
boot.extraModprobeConfig = "options kvm_amd nested=1";
|
||||
|
||||
boot.initrd.clevis = {
|
||||
enable = true;
|
||||
devices."luks-zroot".secretFile = ../../secrets/Ratchet/main.jwe;
|
||||
devices."luks-swap".secretFile = ../../secrets/Ratchet/main.jwe;
|
||||
};
|
||||
|
||||
boot.initrd.luks.devices = {
|
||||
luks-zroot.device = "/dev/nvme0n1p2";
|
||||
luks-swap.device = "/dev/nvme0n1p3";
|
||||
};
|
||||
fileSystems."/" =
|
||||
{ device = "none";
|
||||
fsType = "tmpfs";
|
||||
options = ["defaults" "size=1G" "mode=755"];
|
||||
};
|
||||
fileSystems."/nix" =
|
||||
{ device = "ratchet-zroot/system/nix";
|
||||
fsType = "zfs";
|
||||
};
|
||||
|
||||
fileSystems."/home" =
|
||||
{ device = "ratchet-zroot/system/home";
|
||||
fsType = "zfs";
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/nvme0n1p1";
|
||||
fsType = "vfat";
|
||||
options = [ "fmask=0022" "dmask=0022" ];
|
||||
};
|
||||
fileSystems."/home/yaroslav/tmp" =
|
||||
{
|
||||
device = "none";
|
||||
fsType = "tmpfs";
|
||||
};
|
||||
fileSystems."/Volumes/Trash" =
|
||||
{
|
||||
device = "aphelion:/Volumes/Trash";
|
||||
options = ["x-mount.mkdir" "user" "rw" "noauto" ];
|
||||
fsType = "nfs";
|
||||
};
|
||||
boot.zfs.requestEncryptionCredentials = [
|
||||
|
||||
];
|
||||
|
||||
|
||||
services.nfs.server.enable = true;
|
||||
swapDevices = [ { device = "/dev/mapper/luks-swap"; } ];
|
||||
boot.kernel.sysctl."vm.swappiness" = 0;
|
||||
|
||||
boot.zfs.allowHibernation = true;
|
||||
boot.zfs.forceImportRoot = false;
|
||||
boot.supportedFilesystems = [ "zfs" ];
|
||||
@@ -83,16 +33,13 @@
|
||||
};
|
||||
};
|
||||
|
||||
# chaotic.mesa-git.enable = true;
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
# networking.useDHCP = lib.mkDefault true;
|
||||
networking.hostName = "Ratchet";
|
||||
# networking.interfaces.wlp1s0.useDHCP = lib.mkDefault true;
|
||||
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
|
||||
@@ -0,0 +1,15 @@
|
||||
{ inputs, config, pkgs, ...}:
|
||||
{
|
||||
|
||||
virtualisation.waydroid.enable = true;
|
||||
hardware.opentabletdriver.enable = true;
|
||||
# Required by OpenTabletDriver
|
||||
hardware.uinput.enable = true;
|
||||
boot.kernelModules = [ "uinput" ];
|
||||
# millenium steam
|
||||
nixpkgs.overlays = [ inputs.millennium.overlays.default ];
|
||||
services.flatpak.enable = true;
|
||||
programs.throne.enable = true;
|
||||
programs.throne.tunMode.enable = true;
|
||||
|
||||
}
|
||||
@@ -1,37 +0,0 @@
|
||||
{ inputs, config, pkgs, ...}:
|
||||
{
|
||||
nix.buildMachines = [ {
|
||||
hostName = "Aphelion";
|
||||
system = "x86_64-linux";
|
||||
protocol = "ssh-ng";
|
||||
# if the builder supports building for multiple architectures,
|
||||
# replace the previous line by, e.g.
|
||||
# systems = ["x86_64-linux" "aarch64-linux"];
|
||||
maxJobs = 16;
|
||||
speedFactor = 2;
|
||||
supportedFeatures = [ "nixos-test" "benchmark" "big-parallel" "kvm" ];
|
||||
mandatoryFeatures = [ ];
|
||||
}] ;
|
||||
# nix.distributedBuilds = true;
|
||||
# optional, useful when the builder has a faster internet connection than yours
|
||||
# nix.extraOptions = ''
|
||||
# builders-use-substitutes = true
|
||||
# '';
|
||||
# nix.settings.trusted-public-keys = [
|
||||
# "Aphelion:8l9lrL3kszDTXkpA/R4ZFhSifiBoogiOIt1srgLb6Vw="
|
||||
# ];
|
||||
# nix.settings.extra-substituters = [
|
||||
# "ssh-ng://nixremote@Aphelion"
|
||||
# ];
|
||||
virtualisation.waydroid.enable = true;
|
||||
hardware.opentabletdriver.enable = true;
|
||||
# Required by OpenTabletDriver
|
||||
hardware.uinput.enable = true;
|
||||
boot.kernelModules = [ "uinput" ];
|
||||
# millenium steam
|
||||
nixpkgs.overlays = [ inputs.millennium.overlays.default ];
|
||||
services.flatpak.enable = true;
|
||||
programs.throne.enable = true;
|
||||
programs.throne.tunMode.enable = true;
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user