cnst/cnix
1
0
Fork 0
Code Issues Pull Requests Activity

new cnix system and lanzaboote default

Browse Source
This commit is contained in:
cnst
2024-12-31 17:39:34 +01:00
parent 484b0747ea
commit 1ba9ce1ce6
3 changed files with 40 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

78
hosts/cnix/hardware-configuration.nix
View File

@@ -1,72 +1,66 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{ {
config, imports =
lib, [ (modulesPath + "/installer/scan/not-detected.nix")
modulesPath, ];
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot = {
initrd = {
availableKernelModules = ["nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"];
kernelModules = [];
luks.devices."enc".device = "/dev/disk/by-uuid/1bda09f1-5b2c-4040-ab71-cee54a6df910";
};
kernelModules = ["amdgpu"];
extraModulePackages = [];
supportedFilesystems = ["btrfs"];
};
fileSystems = { boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
"/" = { boot.initrd.kernelModules = [ ];
device = "/dev/disk/by-uuid/529700f1-0da2-4e1e-91bc-617c267df1dd"; boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/90eafb57-0f89-4c2a-b417-4e0f2fba5f47";
fsType = "btrfs"; fsType = "btrfs";
options = ["subvol=root" "compress=zstd"]; options = [ "subvol=root" ];
}; };
"/home" = { boot.initrd.luks.devices."enc".device = "/dev/disk/by-uuid/36144799-13f2-4166-9bfe-b29c3df435ab";
device = "/dev/disk/by-uuid/529700f1-0da2-4e1e-91bc-617c267df1dd";
fileSystems."/home" =
{ device = "/dev/disk/by-uuid/90eafb57-0f89-4c2a-b417-4e0f2fba5f47";
fsType = "btrfs"; fsType = "btrfs";
options = ["subvol=home" "compress=zstd"]; options = [ "subvol=home" ];
}; };
"/nix" = { fileSystems."/nix" =
device = "/dev/disk/by-uuid/529700f1-0da2-4e1e-91bc-617c267df1dd"; { device = "/dev/disk/by-uuid/90eafb57-0f89-4c2a-b417-4e0f2fba5f47";
fsType = "btrfs"; fsType = "btrfs";
options = ["subvol=nix" "compress=zstd" "noatime"]; options = [ "subvol=nix" ];
}; };
"/persist" = { fileSystems."/persist" =
device = "/dev/disk/by-uuid/529700f1-0da2-4e1e-91bc-617c267df1dd"; { device = "/dev/disk/by-uuid/90eafb57-0f89-4c2a-b417-4e0f2fba5f47";
fsType = "btrfs"; fsType = "btrfs";
options = ["subvol=persist" "compress=zstd"]; options = [ "subvol=persist" ];
}; };
"/var/log" = { fileSystems."/var/log" =
device = "/dev/disk/by-uuid/529700f1-0da2-4e1e-91bc-617c267df1dd"; { device = "/dev/disk/by-uuid/90eafb57-0f89-4c2a-b417-4e0f2fba5f47";
fsType = "btrfs"; fsType = "btrfs";
options = ["subvol=log" "compress=zstd"]; options = [ "subvol=log" ];
neededForBoot = true; neededForBoot = true;
}; };
"/boot" = { fileSystems."/boot" =
device = "/dev/disk/by-uuid/12CE-A600"; { device = "/dev/disk/by-uuid/1D4A-3121";
fsType = "vfat"; fsType = "vfat";
options = ["fmask=0022" "dmask=0022" "umask=0077"]; options = [ "fmask=0022" "dmask=0022" ];
}; };
};
swapDevices = []; swapDevices = [{ device = "/dev/disk/by-uuid/91e16a5f-6a1c-4c7d-aa61-5823068fdaf0";}];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction # still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp6s0.useDHCP = lib.mkDefault true; # networking.interfaces.eno1.useDHCP = lib.mkDefault true;
# networking.interfaces.enp7s0.useDHCP = lib.mkDefault true; # networking.interfaces.wlp11s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp5s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;

6
hosts/cnix/modules.nix
View File

@@ -136,9 +136,9 @@
}; };
services = { services = {
agenix = { agenix = {
enable = true; enable = false;
cnix = { cnix = {
enable = true; enable = false;
}; };
}; };
blueman = { blueman = {
@@ -196,7 +196,7 @@
scx = { scx = {
enable = true; enable = true;
scheduler = "scx_lavd"; scheduler = "scx_lavd";
flags = "--performance --no-core-compaction"; flags = "--performance";
}; };
udisks = { udisks = {
enable = true; enable = true;

2
modules/nixos/boot/loader/default.nix
View File

@@ -47,7 +47,7 @@ in {
boot = { boot = {
lanzaboote = { lanzaboote = {
enable = true; enable = true;
pkiBundle = "/etc/secureboot"; pkiBundle = "/var/lib/sbctl";
}; };
# We let Lanzaboote install systemd-boot # We let Lanzaboote install systemd-boot