From a8e8b7442c503c7ce803b1f3f7089ffac36aba7b Mon Sep 17 00:00:00 2001 From: Baitinq Date: Tue, 20 Sep 2022 02:18:09 +0200 Subject: Fully separate hosts from hardwares Now hosts/ and hardware/ live under different directories and their joined system configurations are permutated and exposed throught the host-hardware outputs --- README.md | 10 +- hardware/chromebook/default.nix | 4 + hardware/chromebook/disks.nix | 152 ++++++++++++++++++++++++++++ hardware/chromebook/hardware.nix | 54 ++++++++++ hardware/laptop/default.nix | 4 + hardware/laptop/disks.nix | 52 ++++++++++ hardware/laptop/hardware.nix | 58 +++++++++++ hardware/virtualbox/default.nix | 4 + hardware/virtualbox/disks.nix | 57 +++++++++++ hardware/virtualbox/hardware.nix | 33 ++++++ hosts/default.nix | 19 ++-- hosts/luna/hardware/chromebook/default.nix | 4 - hosts/luna/hardware/chromebook/disks.nix | 152 ---------------------------- hosts/luna/hardware/chromebook/hardware.nix | 54 ---------- hosts/phobos/hardware/laptop/default.nix | 4 - hosts/phobos/hardware/laptop/disks.nix | 52 ---------- hosts/phobos/hardware/laptop/hardware.nix | 58 ----------- hosts/vm/hardware/virtualbox/default.nix | 4 - hosts/vm/hardware/virtualbox/disks.nix | 57 ----------- hosts/vm/hardware/virtualbox/hardware.nix | 33 ------ 20 files changed, 436 insertions(+), 429 deletions(-) create mode 100644 hardware/chromebook/default.nix create mode 100644 hardware/chromebook/disks.nix create mode 100644 hardware/chromebook/hardware.nix create mode 100644 hardware/laptop/default.nix create mode 100644 hardware/laptop/disks.nix create mode 100644 hardware/laptop/hardware.nix create mode 100644 hardware/virtualbox/default.nix create mode 100644 hardware/virtualbox/disks.nix create mode 100644 hardware/virtualbox/hardware.nix delete mode 100644 hosts/luna/hardware/chromebook/default.nix delete mode 100644 hosts/luna/hardware/chromebook/disks.nix delete mode 100644 hosts/luna/hardware/chromebook/hardware.nix delete mode 100644 hosts/phobos/hardware/laptop/default.nix delete mode 100644 hosts/phobos/hardware/laptop/disks.nix delete mode 100644 hosts/phobos/hardware/laptop/hardware.nix delete mode 100644 hosts/vm/hardware/virtualbox/default.nix delete mode 100644 hosts/vm/hardware/virtualbox/disks.nix delete mode 100644 hosts/vm/hardware/virtualbox/hardware.nix diff --git a/README.md b/README.md index 23c16e8..3d6b3bc 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ My Personal NixOS Flake. ## Installing ``` -nixos-install --flake . #HOST +nixos-install --flake . #HOST-HARDWARE ``` ## Updating @@ -14,23 +14,23 @@ nixos-install --flake . #HOST ``` nix flake update -nixos-rebuild switch --flake . #HOST +nixos-rebuild switch --flake . #HOST-HARDWARE ``` # Non-Nixos ## Installing ``` -nix build .#homeManagerConfigurations.HOST.activationPackage +nix build .#homeManagerConfigurations.HOST-HARDWARE.activationPackage ./result/activate ``` ## Updating ``` -home-manager switch --flake .#HOST +home-manager switch --flake .#HOST-HARDWARE ``` # ISO ## Building ``` -nix build .#isoConfigurations.HOST.config.system.build.isoImage +nix build .#isoConfigurations.HOST-HARDWARE.config.system.build.isoImage ``` diff --git a/hardware/chromebook/default.nix b/hardware/chromebook/default.nix new file mode 100644 index 0000000..b0125ee --- /dev/null +++ b/hardware/chromebook/default.nix @@ -0,0 +1,4 @@ +{ ... }: +{ + imports = [ ./hardware.nix ]; +} diff --git a/hardware/chromebook/disks.nix b/hardware/chromebook/disks.nix new file mode 100644 index 0000000..ad0e014 --- /dev/null +++ b/hardware/chromebook/disks.nix @@ -0,0 +1,152 @@ +{ inputs, lib, config, pkgs, ... }: +let + MMC = "/dev/disk/by-id/mmc-AGND3R_0x48d44fdc"; + SD = "/dev/disk/by-id/usb-Generic_STORAGE_DEVICE_000000000208-0:0"; + + partitionsCreateScript = '' + parted -s "${MMC}" mklabel gpt + parted -s "${MMC}" mkpart "efi" fat32 1024KiB 64M + parted -s "${MMC}" set 1 esp on + parted -s -a optimal "${MMC}" mkpart "boot" 64M 264M + parted -s -a optimal "${MMC}" mkpart "nix" 264M 100% + + parted -s "${SD}" mklabel gpt + parted -s -a optimal "${SD}" mkpart "home_and_persist" 1024KiB 100% + + udevadm trigger --subsystem-match=block; udevadm settle + ''; + partitionsFormatScript = '' + mkfs.vfat "${MMC}"-part1 + cryptsetup -q luksFormat "${MMC}"-part2 --type luks1 + cryptsetup open --type luks "${MMC}"-part2 encrypted_boot + mkfs.ext4 /dev/mapper/encrypted_boot + cryptsetup close encrypted_boot + cryptsetup -q luksFormat "${MMC}"-part3 --type luks2 + cryptsetup open --type luks "${MMC}"-part3 encrypted_nix + mkfs.btrfs -f /dev/mapper/encrypted_nix + cryptsetup close encrypted_nix + + cryptsetup -q luksFormat "${SD}"-part1 --type luks2 + cryptsetup open --type luks "${SD}"-part1 encrypted_home_and_persist + pvcreate /dev/mapper/encrypted_home_and_persist + vgcreate encrypted_home_and_persist_pool /dev/mapper/encrypted_home_and_persist + lvcreate -L 4G -n persist encrypted_home_and_persist_pool + mkfs.btrfs -f /dev/mapper/encrypted_home_and_persist_pool-persist + lvcreate -l 100%FREE -n home encrypted_home_and_persist_pool + mkfs.btrfs -f /dev/mapper/encrypted_home_and_persist_pool-home + vgchange -a n encrypted_home_and_persist_pool + cryptsetup close encrypted_home_and_persist + ''; + partitionsMountScript = '' + mount -t tmpfs none /mnt + mkdir -p /mnt/{boot,nix,persist,home} + + cryptsetup open --type luks /dev/disk/by-partlabel/boot encrypted_boot + mount /dev/mapper/encrypted_boot /mnt/boot + mkdir -p /mnt/boot/efi + mount /dev/disk/by-partlabel/efi /mnt/boot/efi + cryptsetup open --type luks /dev/disk/by-partlabel/nix encrypted_nix + mount -o compress-force=zstd,noatime /dev/mapper/encrypted_nix /mnt/nix + cryptsetup open --type luks /dev/disk/by-partlabel/home_and_persist encrypted_home_and_persist + vgchange -ay encrypted_home_and_persist_pool + mount -o compress-force=zstd /dev/mapper/encrypted_home_and_persist_pool-home /mnt/home + mount -o compress-force=zstd,noatime /dev/mapper/encrypted_home_and_persist_pool-persist /mnt/persist + ''; +in +{ + config = { + + environment.persistence."/persist" = { + directories = [ + "/var/log" + "/var/lib" + ]; + files = [ + "/etc/machine-id" + "/etc/nix/id_rsa" + ]; + }; + + fileSystems."/" = { + device = "none"; + fsType = "tmpfs"; + }; + + boot.initrd.luks.devices."encrypted_boot" = { + device = "/dev/disk/by-partlabel/boot"; + preLVM = true; + }; + + fileSystems."/boot" = { + device = "/dev/mapper/encrypted_boot"; + fsType = "ext4"; + }; + + fileSystems."/boot/efi" = { + device = "/dev/disk/by-partlabel/efi"; + fsType = "vfat"; + }; + + boot.initrd.luks.devices."encrypted_nix".device = "/dev/disk/by-partlabel/nix"; + + fileSystems."/nix" = { + device = "/dev/mapper/encrypted_nix"; + fsType = "btrfs"; + neededForBoot = true; + options = [ "compress-force=zstd" "noatime" ]; + }; + + boot.initrd.luks.devices."encrypted_home_and_persist".device = "/dev/disk/by-partlabel/home_and_persist"; + + fileSystems."/persist" = { + device = "/dev/mapper/encrypted_home_and_persist_pool-persist"; + fsType = "btrfs"; + neededForBoot = true; + options = [ "compress-force=zstd" "noatime" ]; + }; + + fileSystems."/home" = { + device = "/dev/mapper/encrypted_home_and_persist_pool-home"; + fsType = "btrfs"; + options = [ "compress-force=zstd" ]; + }; + + services.btrfs.autoScrub.enable = true; + + swapDevices = [ ]; + + zramSwap.enable = true; + + + environment.systemPackages = [ + config.disks-create + config.disks-format + config.disks-mount + ]; + }; + + options.disks-create = with lib; mkOption rec { + type = types.package; + default = with pkgs; symlinkJoin { + name = "disks-create"; + paths = [ (writeScriptBin default.name partitionsCreateScript) parted ]; + }; + }; + + options.disks-format = with lib; mkOption rec { + type = types.package; + default = with pkgs; symlinkJoin { + name = "disks-format"; + paths = [ (writeScriptBin default.name partitionsFormatScript) cryptsetup lvm2 dosfstools e2fsprogs btrfs-progs ]; + }; + }; + + options.disks-mount = with lib; mkOption rec { + type = types.package; + default = with pkgs; symlinkJoin { + name = "disks-mount"; + paths = [ (writeScriptBin default.name partitionsMountScript) cryptsetup lvm2 ]; + }; + }; + +} diff --git a/hardware/chromebook/hardware.nix b/hardware/chromebook/hardware.nix new file mode 100644 index 0000000..85b7227 --- /dev/null +++ b/hardware/chromebook/hardware.nix @@ -0,0 +1,54 @@ +{ config, lib, inputs, pkgs, modulesPath, ... }: +let + powerMode = "schedutil"; +in +{ + imports = [ + ./disks.nix + ]; + + boot = { + initrd = { + availableKernelModules = [ "xhci_pci" "usb_storage" "sd_mod" "sdhci_acpi" "aesni_intel" "cryptd" ]; + kernelModules = [ "i915" ]; + }; + kernelPackages = pkgs.linuxPackages_latest; + kernelModules = [ "kvm_intel" ]; + extraModulePackages = [ ]; + kernelParams = [ "net.ifnames=0" "biosdevname=0" "iomem=relaxed" "mitigations=off" ]; + }; + + powerManagement.cpuFreqGovernor = powerMode; + + services = { + xserver = { + videoDrivers = [ "intel" ]; + + # Enable touchpad support (enabled default in most desktopManager). + synaptics = { + enable = true; + palmDetect = true; + twoFingerScroll = true; + minSpeed = "1.0"; + maxSpeed = "1.12"; + accelFactor = "0.01"; + }; + }; + fstrim.enable = true; + tlp.enable = true; + }; + + hardware = { + opengl = { + enable = true; + driSupport = true; + extraPackages = with pkgs; [ + intel-media-driver # LIBVA_DRIVER_NAME=iHD + vaapiIntel # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium) + vaapiVdpau + libvdpau-va-gl + ]; + }; + }; + +} diff --git a/hardware/laptop/default.nix b/hardware/laptop/default.nix new file mode 100644 index 0000000..b0125ee --- /dev/null +++ b/hardware/laptop/default.nix @@ -0,0 +1,4 @@ +{ ... }: +{ + imports = [ ./hardware.nix ]; +} diff --git a/hardware/laptop/disks.nix b/hardware/laptop/disks.nix new file mode 100644 index 0000000..07618df --- /dev/null +++ b/hardware/laptop/disks.nix @@ -0,0 +1,52 @@ +{ config, lib, inputs, pkgs, modulesPath, isIso, ... }: +{ + + environment.persistence."/persist" = { + directories = [ + "/var/log" + "/var/lib" + ]; + files = [ + "/etc/machine-id" + "/etc/nix/id_rsa" + ]; + }; + + fileSystems."/" = { + device = "none"; + fsType = "tmpfs"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/0A8B-3968"; + fsType = "vfat"; + }; + + boot.initrd.luks.devices."encrypted_root".device = "/dev/disk/by-uuid/6db0e43d-f73f-4cf0-81f6-9391f9d03ca0"; + + fileSystems."/persist" = { + device = "/dev/mapper/encrypted_root"; + fsType = "btrfs"; + neededForBoot = true; + options = [ "subvol=persist" "compress-force=zstd" "noatime" ]; + }; + + fileSystems."/nix" = { + device = "/dev/mapper/encrypted_root"; + fsType = "btrfs"; + options = [ "subvol=nix" "compress-force=zstd" "noatime" ]; + }; + + fileSystems."/home" = { + device = "/dev/mapper/encrypted_root"; + fsType = "btrfs"; + options = [ "subvol=home" "compress-force=zstd" ]; + }; + + swapDevices = [ ]; + + services.btrfs.autoScrub.enable = true; + + zramSwap.enable = true; + +} diff --git a/hardware/laptop/hardware.nix b/hardware/laptop/hardware.nix new file mode 100644 index 0000000..cbec828 --- /dev/null +++ b/hardware/laptop/hardware.nix @@ -0,0 +1,58 @@ +{ config, lib, inputs, pkgs, modulesPath, ... }: +let + powerMode = "performance"; +in +{ + imports = [ + ./disks.nix + ]; + + boot = { + initrd = { + availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "sd_mod" "sdhci_pci" ]; + kernelModules = [ ]; + }; + kernelPackages = pkgs.linuxPackages_zen; + kernelModules = [ "kvm_intel" ]; + extraModulePackages = [ ]; + kernelParams = [ "net.ifnames=0" "biosdevname=0" "iomem=relaxed" "mitigations=off" ]; + }; + + powerManagement.cpuFreqGovernor = powerMode; + + services = { + xserver = { + videoDrivers = [ "nvidia" ]; + + # Enable touchpad support (enabled default in most desktopManager). + synaptics = { + enable = true; + palmDetect = true; + twoFingerScroll = true; + minSpeed = "1.0"; + maxSpeed = "1.12"; + accelFactor = "0.01"; + }; + }; + }; + + hardware = { + opengl = { + enable = true; + driSupport = true; + }; + + nvidia = { + prime = { + sync.enable = true; + + # Bus ID of the NVIDIA GPU. You can find it using lspci, either under 3D or VGA + nvidiaBusId = "PCI:1:0:0"; + + # Bus ID of the Intel GPU. You can find it using lspci, either under 3D or VGA + intelBusId = "PCI:0:2:0"; + }; + }; + }; + +} diff --git a/hardware/virtualbox/default.nix b/hardware/virtualbox/default.nix new file mode 100644 index 0000000..b0125ee --- /dev/null +++ b/hardware/virtualbox/default.nix @@ -0,0 +1,4 @@ +{ ... }: +{ + imports = [ ./hardware.nix ]; +} diff --git a/hardware/virtualbox/disks.nix b/hardware/virtualbox/disks.nix new file mode 100644 index 0000000..6ba15ec --- /dev/null +++ b/hardware/virtualbox/disks.nix @@ -0,0 +1,57 @@ +{ config, lib, inputs, pkgs, modulesPath, ... }: +{ + + environment.persistence."/persist" = { + directories = [ + "/var/log" + "/var/lib" + ]; + files = [ + "/etc/machine-id" + "/etc/nix/id_rsa" + ]; + }; + + fileSystems."/" = { + device = "none"; + fsType = "tmpfs"; + }; + + boot.initrd.luks.devices."encrypted_boot".device = "/dev/disk/by-partlabel/boot"; + + fileSystems."/boot" = { + device = "/dev/mapper/encrypted_boot"; + fsType = "vfat"; + }; + + fileSystems."/boot/efi" = { + device = "/dev/disk/by-partlabel/efi"; + fsType = "vfat"; + }; + + boot.initrd.luks.devices."encrypted_root".device = "/dev/disk/by-partlabel/root"; + + fileSystems."/nix" = { + device = "/dev/mapper/encrypted_root"; + fsType = "btrfs"; + options = [ "subvol=nix" "compress-force=zstd" "noatime" ]; + }; + + fileSystems."/persist" = { + device = "/dev/mapper/encrypted_root"; + fsType = "btrfs"; + neededForBoot = true; + options = [ "subvol=persist" "compress-force=zstd" "noatime" ]; + }; + + fileSystems."/home" = { + device = "/dev/mapper/encrypted_root"; + fsType = "btrfs"; + options = [ "subvol=home" "compress-force=zstd" ]; + }; + + swapDevices = [ ]; + + zramSwap.enable = true; + +} diff --git a/hardware/virtualbox/hardware.nix b/hardware/virtualbox/hardware.nix new file mode 100644 index 0000000..470f733 --- /dev/null +++ b/hardware/virtualbox/hardware.nix @@ -0,0 +1,33 @@ +{ config, lib, inputs, pkgs, modulesPath, ... }: +{ + imports = [ + ./disks.nix + ]; + + boot = { + initrd = { + availableKernelModules = + [ "ata_piix" "ohci_pci" "sd_mod" "sr_mod" ]; + kernelModules = [ ]; + }; + kernelPackages = pkgs.linuxPackages_latest; + kernelModules = [ ]; + extraModulePackages = [ ]; + kernelParams = [ "net.ifnames=0" "biosdevname=0" "mitigations=off" ]; + }; + + services.xserver = { + # Enable touchpad support (enabled default in most desktopManager). + libinput.enable = true; + }; + + hardware = { + opengl = { + enable = true; + driSupport = true; + }; + }; + + virtualisation.virtualbox.guest.enable = true; + +} diff --git a/hosts/default.nix b/hosts/default.nix index a43f2bd..2a1f526 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -2,11 +2,16 @@ let secrets = import ../secrets; - #TODO: Better implementation of hardare (not having to declare here but just in command) hosts = [ - { host = "phobos"; hardware = "laptop"; system = "x86_64-linux"; timezone = secrets.main_timezone; location = secrets.main_location; } - { host = "luna"; hardware = "chromebook"; system = "x86_64-linux"; timezone = secrets.main_timezone; location = secrets.main_location; } - { host = "vm"; hardware = "virtualbox"; system = "x86_64-linux"; timezone = secrets.main_timezone; location = secrets.main_location; } + { host = "phobos"; system = "x86_64-linux"; timezone = secrets.main_timezone; location = secrets.main_location; } + { host = "luna"; system = "x86_64-linux"; timezone = secrets.main_timezone; location = secrets.main_location; } + { host = "vm"; system = "x86_64-linux"; timezone = secrets.main_timezone; location = secrets.main_location; } + ]; + + hardwares = [ + { hardware = "laptop"; } + { hardware = "chromebook"; } + { hardware = "virtualbox"; } ]; mkHost = { host, hardware, system, timezone, location }: extraModules: isNixOS: isIso: isHardware: @@ -26,7 +31,7 @@ let extraArgs = { inherit pkgs inputs isIso isHardware user secrets timezone location; hostname = host; }; #TODO: FIXME extraSpecialModules = if isIso then extraModules ++ [ "${nixpkgs}/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix" ] else extraModules; - megaSpecialModules = if isHardware then extraSpecialModules ++ [ ./${ host}/hardware/${hardware} ] else extraSpecialModules; + megaSpecialModules = if isHardware then extraSpecialModules ++ [ ../hardware/${hardware} ] else extraSpecialModules; in if isNixOS then @@ -61,10 +66,12 @@ let ./${ host }/home.nix ]; }; + + permutatedHosts = lib.concatMap (hardware: map (host: host // hardware) hosts) hardwares; in /* We have a list of sets. Map each element of the list applying the mkHost function to its elements and returning a set in the listToAttrs format builtins.listToAttrs on the result */ -builtins.listToAttrs (map ({ host, hardware, system, timezone, location }: { name = host; value = mkHost { inherit host hardware system timezone location; } extraModules isNixOS isIso isHardware; }) hosts) +builtins.listToAttrs (map ({ host, hardware, system, timezone, location }: { name = host + "-" + hardware; value = mkHost { inherit host hardware system timezone location; } extraModules isNixOS isIso isHardware; }) permutatedHosts) diff --git a/hosts/luna/hardware/chromebook/default.nix b/hosts/luna/hardware/chromebook/default.nix deleted file mode 100644 index b0125ee..0000000 --- a/hosts/luna/hardware/chromebook/default.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ ... }: -{ - imports = [ ./hardware.nix ]; -} diff --git a/hosts/luna/hardware/chromebook/disks.nix b/hosts/luna/hardware/chromebook/disks.nix deleted file mode 100644 index ad0e014..0000000 --- a/hosts/luna/hardware/chromebook/disks.nix +++ /dev/null @@ -1,152 +0,0 @@ -{ inputs, lib, config, pkgs, ... }: -let - MMC = "/dev/disk/by-id/mmc-AGND3R_0x48d44fdc"; - SD = "/dev/disk/by-id/usb-Generic_STORAGE_DEVICE_000000000208-0:0"; - - partitionsCreateScript = '' - parted -s "${MMC}" mklabel gpt - parted -s "${MMC}" mkpart "efi" fat32 1024KiB 64M - parted -s "${MMC}" set 1 esp on - parted -s -a optimal "${MMC}" mkpart "boot" 64M 264M - parted -s -a optimal "${MMC}" mkpart "nix" 264M 100% - - parted -s "${SD}" mklabel gpt - parted -s -a optimal "${SD}" mkpart "home_and_persist" 1024KiB 100% - - udevadm trigger --subsystem-match=block; udevadm settle - ''; - partitionsFormatScript = '' - mkfs.vfat "${MMC}"-part1 - cryptsetup -q luksFormat "${MMC}"-part2 --type luks1 - cryptsetup open --type luks "${MMC}"-part2 encrypted_boot - mkfs.ext4 /dev/mapper/encrypted_boot - cryptsetup close encrypted_boot - cryptsetup -q luksFormat "${MMC}"-part3 --type luks2 - cryptsetup open --type luks "${MMC}"-part3 encrypted_nix - mkfs.btrfs -f /dev/mapper/encrypted_nix - cryptsetup close encrypted_nix - - cryptsetup -q luksFormat "${SD}"-part1 --type luks2 - cryptsetup open --type luks "${SD}"-part1 encrypted_home_and_persist - pvcreate /dev/mapper/encrypted_home_and_persist - vgcreate encrypted_home_and_persist_pool /dev/mapper/encrypted_home_and_persist - lvcreate -L 4G -n persist encrypted_home_and_persist_pool - mkfs.btrfs -f /dev/mapper/encrypted_home_and_persist_pool-persist - lvcreate -l 100%FREE -n home encrypted_home_and_persist_pool - mkfs.btrfs -f /dev/mapper/encrypted_home_and_persist_pool-home - vgchange -a n encrypted_home_and_persist_pool - cryptsetup close encrypted_home_and_persist - ''; - partitionsMountScript = '' - mount -t tmpfs none /mnt - mkdir -p /mnt/{boot,nix,persist,home} - - cryptsetup open --type luks /dev/disk/by-partlabel/boot encrypted_boot - mount /dev/mapper/encrypted_boot /mnt/boot - mkdir -p /mnt/boot/efi - mount /dev/disk/by-partlabel/efi /mnt/boot/efi - cryptsetup open --type luks /dev/disk/by-partlabel/nix encrypted_nix - mount -o compress-force=zstd,noatime /dev/mapper/encrypted_nix /mnt/nix - cryptsetup open --type luks /dev/disk/by-partlabel/home_and_persist encrypted_home_and_persist - vgchange -ay encrypted_home_and_persist_pool - mount -o compress-force=zstd /dev/mapper/encrypted_home_and_persist_pool-home /mnt/home - mount -o compress-force=zstd,noatime /dev/mapper/encrypted_home_and_persist_pool-persist /mnt/persist - ''; -in -{ - config = { - - environment.persistence."/persist" = { - directories = [ - "/var/log" - "/var/lib" - ]; - files = [ - "/etc/machine-id" - "/etc/nix/id_rsa" - ]; - }; - - fileSystems."/" = { - device = "none"; - fsType = "tmpfs"; - }; - - boot.initrd.luks.devices."encrypted_boot" = { - device = "/dev/disk/by-partlabel/boot"; - preLVM = true; - }; - - fileSystems."/boot" = { - device = "/dev/mapper/encrypted_boot"; - fsType = "ext4"; - }; - - fileSystems."/boot/efi" = { - device = "/dev/disk/by-partlabel/efi"; - fsType = "vfat"; - }; - - boot.initrd.luks.devices."encrypted_nix".device = "/dev/disk/by-partlabel/nix"; - - fileSystems."/nix" = { - device = "/dev/mapper/encrypted_nix"; - fsType = "btrfs"; - neededForBoot = true; - options = [ "compress-force=zstd" "noatime" ]; - }; - - boot.initrd.luks.devices."encrypted_home_and_persist".device = "/dev/disk/by-partlabel/home_and_persist"; - - fileSystems."/persist" = { - device = "/dev/mapper/encrypted_home_and_persist_pool-persist"; - fsType = "btrfs"; - neededForBoot = true; - options = [ "compress-force=zstd" "noatime" ]; - }; - - fileSystems."/home" = { - device = "/dev/mapper/encrypted_home_and_persist_pool-home"; - fsType = "btrfs"; - options = [ "compress-force=zstd" ]; - }; - - services.btrfs.autoScrub.enable = true; - - swapDevices = [ ]; - - zramSwap.enable = true; - - - environment.systemPackages = [ - config.disks-create - config.disks-format - config.disks-mount - ]; - }; - - options.disks-create = with lib; mkOption rec { - type = types.package; - default = with pkgs; symlinkJoin { - name = "disks-create"; - paths = [ (writeScriptBin default.name partitionsCreateScript) parted ]; - }; - }; - - options.disks-format = with lib; mkOption rec { - type = types.package; - default = with pkgs; symlinkJoin { - name = "disks-format"; - paths = [ (writeScriptBin default.name partitionsFormatScript) cryptsetup lvm2 dosfstools e2fsprogs btrfs-progs ]; - }; - }; - - options.disks-mount = with lib; mkOption rec { - type = types.package; - default = with pkgs; symlinkJoin { - name = "disks-mount"; - paths = [ (writeScriptBin default.name partitionsMountScript) cryptsetup lvm2 ]; - }; - }; - -} diff --git a/hosts/luna/hardware/chromebook/hardware.nix b/hosts/luna/hardware/chromebook/hardware.nix deleted file mode 100644 index 85b7227..0000000 --- a/hosts/luna/hardware/chromebook/hardware.nix +++ /dev/null @@ -1,54 +0,0 @@ -{ config, lib, inputs, pkgs, modulesPath, ... }: -let - powerMode = "schedutil"; -in -{ - imports = [ - ./disks.nix - ]; - - boot = { - initrd = { - availableKernelModules = [ "xhci_pci" "usb_storage" "sd_mod" "sdhci_acpi" "aesni_intel" "cryptd" ]; - kernelModules = [ "i915" ]; - }; - kernelPackages = pkgs.linuxPackages_latest; - kernelModules = [ "kvm_intel" ]; - extraModulePackages = [ ]; - kernelParams = [ "net.ifnames=0" "biosdevname=0" "iomem=relaxed" "mitigations=off" ]; - }; - - powerManagement.cpuFreqGovernor = powerMode; - - services = { - xserver = { - videoDrivers = [ "intel" ]; - - # Enable touchpad support (enabled default in most desktopManager). - synaptics = { - enable = true; - palmDetect = true; - twoFingerScroll = true; - minSpeed = "1.0"; - maxSpeed = "1.12"; - accelFactor = "0.01"; - }; - }; - fstrim.enable = true; - tlp.enable = true; - }; - - hardware = { - opengl = { - enable = true; - driSupport = true; - extraPackages = with pkgs; [ - intel-media-driver # LIBVA_DRIVER_NAME=iHD - vaapiIntel # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium) - vaapiVdpau - libvdpau-va-gl - ]; - }; - }; - -} diff --git a/hosts/phobos/hardware/laptop/default.nix b/hosts/phobos/hardware/laptop/default.nix deleted file mode 100644 index b0125ee..0000000 --- a/hosts/phobos/hardware/laptop/default.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ ... }: -{ - imports = [ ./hardware.nix ]; -} diff --git a/hosts/phobos/hardware/laptop/disks.nix b/hosts/phobos/hardware/laptop/disks.nix deleted file mode 100644 index 07618df..0000000 --- a/hosts/phobos/hardware/laptop/disks.nix +++ /dev/null @@ -1,52 +0,0 @@ -{ config, lib, inputs, pkgs, modulesPath, isIso, ... }: -{ - - environment.persistence."/persist" = { - directories = [ - "/var/log" - "/var/lib" - ]; - files = [ - "/etc/machine-id" - "/etc/nix/id_rsa" - ]; - }; - - fileSystems."/" = { - device = "none"; - fsType = "tmpfs"; - }; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/0A8B-3968"; - fsType = "vfat"; - }; - - boot.initrd.luks.devices."encrypted_root".device = "/dev/disk/by-uuid/6db0e43d-f73f-4cf0-81f6-9391f9d03ca0"; - - fileSystems."/persist" = { - device = "/dev/mapper/encrypted_root"; - fsType = "btrfs"; - neededForBoot = true; - options = [ "subvol=persist" "compress-force=zstd" "noatime" ]; - }; - - fileSystems."/nix" = { - device = "/dev/mapper/encrypted_root"; - fsType = "btrfs"; - options = [ "subvol=nix" "compress-force=zstd" "noatime" ]; - }; - - fileSystems."/home" = { - device = "/dev/mapper/encrypted_root"; - fsType = "btrfs"; - options = [ "subvol=home" "compress-force=zstd" ]; - }; - - swapDevices = [ ]; - - services.btrfs.autoScrub.enable = true; - - zramSwap.enable = true; - -} diff --git a/hosts/phobos/hardware/laptop/hardware.nix b/hosts/phobos/hardware/laptop/hardware.nix deleted file mode 100644 index cbec828..0000000 --- a/hosts/phobos/hardware/laptop/hardware.nix +++ /dev/null @@ -1,58 +0,0 @@ -{ config, lib, inputs, pkgs, modulesPath, ... }: -let - powerMode = "performance"; -in -{ - imports = [ - ./disks.nix - ]; - - boot = { - initrd = { - availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "sd_mod" "sdhci_pci" ]; - kernelModules = [ ]; - }; - kernelPackages = pkgs.linuxPackages_zen; - kernelModules = [ "kvm_intel" ]; - extraModulePackages = [ ]; - kernelParams = [ "net.ifnames=0" "biosdevname=0" "iomem=relaxed" "mitigations=off" ]; - }; - - powerManagement.cpuFreqGovernor = powerMode; - - services = { - xserver = { - videoDrivers = [ "nvidia" ]; - - # Enable touchpad support (enabled default in most desktopManager). - synaptics = { - enable = true; - palmDetect = true; - twoFingerScroll = true; - minSpeed = "1.0"; - maxSpeed = "1.12"; - accelFactor = "0.01"; - }; - }; - }; - - hardware = { - opengl = { - enable = true; - driSupport = true; - }; - - nvidia = { - prime = { - sync.enable = true; - - # Bus ID of the NVIDIA GPU. You can find it using lspci, either under 3D or VGA - nvidiaBusId = "PCI:1:0:0"; - - # Bus ID of the Intel GPU. You can find it using lspci, either under 3D or VGA - intelBusId = "PCI:0:2:0"; - }; - }; - }; - -} diff --git a/hosts/vm/hardware/virtualbox/default.nix b/hosts/vm/hardware/virtualbox/default.nix deleted file mode 100644 index b0125ee..0000000 --- a/hosts/vm/hardware/virtualbox/default.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ ... }: -{ - imports = [ ./hardware.nix ]; -} diff --git a/hosts/vm/hardware/virtualbox/disks.nix b/hosts/vm/hardware/virtualbox/disks.nix deleted file mode 100644 index 6ba15ec..0000000 --- a/hosts/vm/hardware/virtualbox/disks.nix +++ /dev/null @@ -1,57 +0,0 @@ -{ config, lib, inputs, pkgs, modulesPath, ... }: -{ - - environment.persistence."/persist" = { - directories = [ - "/var/log" - "/var/lib" - ]; - files = [ - "/etc/machine-id" - "/etc/nix/id_rsa" - ]; - }; - - fileSystems."/" = { - device = "none"; - fsType = "tmpfs"; - }; - - boot.initrd.luks.devices."encrypted_boot".device = "/dev/disk/by-partlabel/boot"; - - fileSystems."/boot" = { - device = "/dev/mapper/encrypted_boot"; - fsType = "vfat"; - }; - - fileSystems."/boot/efi" = { - device = "/dev/disk/by-partlabel/efi"; - fsType = "vfat"; - }; - - boot.initrd.luks.devices."encrypted_root".device = "/dev/disk/by-partlabel/root"; - - fileSystems."/nix" = { - device = "/dev/mapper/encrypted_root"; - fsType = "btrfs"; - options = [ "subvol=nix" "compress-force=zstd" "noatime" ]; - }; - - fileSystems."/persist" = { - device = "/dev/mapper/encrypted_root"; - fsType = "btrfs"; - neededForBoot = true; - options = [ "subvol=persist" "compress-force=zstd" "noatime" ]; - }; - - fileSystems."/home" = { - device = "/dev/mapper/encrypted_root"; - fsType = "btrfs"; - options = [ "subvol=home" "compress-force=zstd" ]; - }; - - swapDevices = [ ]; - - zramSwap.enable = true; - -} diff --git a/hosts/vm/hardware/virtualbox/hardware.nix b/hosts/vm/hardware/virtualbox/hardware.nix deleted file mode 100644 index 470f733..0000000 --- a/hosts/vm/hardware/virtualbox/hardware.nix +++ /dev/null @@ -1,33 +0,0 @@ -{ config, lib, inputs, pkgs, modulesPath, ... }: -{ - imports = [ - ./disks.nix - ]; - - boot = { - initrd = { - availableKernelModules = - [ "ata_piix" "ohci_pci" "sd_mod" "sr_mod" ]; - kernelModules = [ ]; - }; - kernelPackages = pkgs.linuxPackages_latest; - kernelModules = [ ]; - extraModulePackages = [ ]; - kernelParams = [ "net.ifnames=0" "biosdevname=0" "mitigations=off" ]; - }; - - services.xserver = { - # Enable touchpad support (enabled default in most desktopManager). - libinput.enable = true; - }; - - hardware = { - opengl = { - enable = true; - driSupport = true; - }; - }; - - virtualisation.virtualbox.guest.enable = true; - -} -- cgit 1.4.1