From 85a817ee02191903481d737a2ff292017b74f0ce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Leonardo=20Eug=C3=AAnio?= Date: Fri, 24 Feb 2023 11:59:17 -0300 Subject: [PATCH] Add disko --- flake.lock | 27 +++++++- flake.nix | 15 +++-- hosts/i15.nix | 65 ------------------- hosts/i15/default.nix | 25 +++++++ hosts/i15/partitions-test.nix | 14 ++++ .../{partition/i15.nix => i15/partitions.nix} | 28 +++++--- hosts/{monolith.nix => monolith/default.nix} | 0 hosts/{pixie.nix => pixie/default.nix} | 0 hosts/{rainbow.nix => rainbow/default.nix} | 0 overlays/default.nix | 9 +++ 10 files changed, 101 insertions(+), 82 deletions(-) delete mode 100644 hosts/i15.nix create mode 100644 hosts/i15/default.nix create mode 100644 hosts/i15/partitions-test.nix rename hosts/{partition/i15.nix => i15/partitions.nix} (50%) rename hosts/{monolith.nix => monolith/default.nix} (100%) rename hosts/{pixie.nix => pixie/default.nix} (100%) rename hosts/{rainbow.nix => rainbow/default.nix} (100%) diff --git a/flake.lock b/flake.lock index 03c2398..e132837 100644 --- a/flake.lock +++ b/flake.lock @@ -142,6 +142,26 @@ "type": "github" } }, + "disko": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1677116397, + "narHash": "sha256-2OHwhv4k1SDEuNxhq+zluvrd5pbW8d4TP9NKW4B8iO8=", + "owner": "nix-community", + "repo": "disko", + "rev": "8fddb2fd721365fa77ff68b709539639d4dc65d7", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "disko", + "type": "github" + } + }, "dzgui": { "inputs": { "dzgui": "dzgui_2", @@ -465,11 +485,11 @@ }, "nur": { "locked": { - "lastModified": 1677153098, - "narHash": "sha256-C5NsaJKeNe+Aa1REK6Ae1ywiybkKbtX92FP6OYZA0Lc=", + "lastModified": 1677192448, + "narHash": "sha256-bqHXpEDxPnDF4tdBld2fL13ZtWNGsv/EINENxS+T1UM=", "owner": "nix-community", "repo": "NUR", - "rev": "12e6af8be38edb8358041e0ff3796919917c0d7b", + "rev": "81cee6fd1d178fca9ad861247cc9b15cd114f203", "type": "github" }, "original": { @@ -533,6 +553,7 @@ "alacritty-sixel": "alacritty-sixel", "demoji": "demoji", "dhist": "dhist", + "disko": "disko", "dzgui": "dzgui", "home-manager": "home-manager", "hyprland": "hyprland", diff --git a/flake.nix b/flake.nix index 62bc3bd..0104c95 100644 --- a/flake.nix +++ b/flake.nix @@ -51,8 +51,8 @@ dzgui.url = "github:lelgenio/dzgui-nix"; dzgui.inputs.nixpkgs.follows = "nixpkgs"; - inputs.disko.url = "github:nix-community/disko"; - inputs.disko.inputs.nixpkgs.follows = "nixpkgs"; + disko.url = "github:nix-community/disko"; + disko.inputs.nixpkgs.follows = "nixpkgs"; # my stuff dhist = { @@ -108,15 +108,18 @@ ++ lib.optional (desktop == "kde") ./system/kde.nix; in { + checks."${system}" = { + disko-format-i15 = pkgs.callPackage ./hosts/i15/partitions-test.nix { }; + }; nixosConfigurations = { i15 = lib.nixosSystem { inherit system specialArgs; - modules = [ ./hosts/i15.nix ] ++ common_modules; + modules = [ ./hosts/i15 ] ++ common_modules; }; monolith = lib.nixosSystem { inherit system specialArgs; modules = [ - ./hosts/monolith.nix + ./hosts/monolith ./system/monolith-gitlab-runner.nix ./system/nix-serve.nix ./system/steam.nix @@ -125,13 +128,13 @@ rainbow = lib.nixosSystem { inherit system specialArgs; modules = [ - ./hosts/rainbow.nix + ./hosts/rainbow ./system/rainbow-gitlab-runner.nix ] ++ common_modules; }; pixie = lib.nixosSystem { inherit system specialArgs; - modules = [ ./hosts/pixie.nix ] ++ common_modules ++ [{ + modules = [ ./hosts/pixie ] ++ common_modules ++ [{ packages.media-packages.enable = lib.mkOverride 0 false; programs.steam.enable = lib.mkOverride 0 false; services.flatpak.enable = lib.mkOverride 0 false; diff --git a/hosts/i15.nix b/hosts/i15.nix deleted file mode 100644 index 31a2f7f..0000000 --- a/hosts/i15.nix +++ /dev/null @@ -1,65 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: -let - btrfs_options = [ "compress=zstd:3" "noatime" ]; -in -{ - imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - - boot.initrd.availableKernelModules = - [ "xhci_pci" "ahci" "usb_storage" "sd_mod" "rtsx_usb_sdmmc" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - boot.initrd.luks.devices = { - "main" = { - bypassWorkqueues = true; - device = "/dev/disk/by-label/CRYPT_ROOT"; - }; - }; - - boot.loader.efi.efiSysMountPoint = "/boot/efi"; - fileSystems."/boot/efi" = { - device = "/dev/disk/by-label/NIX_BOOT"; - fsType = "vfat"; - }; - - fileSystems."/" = { - device = "/dev/disk/by-label/NIX_ROOT"; - fsType = "btrfs"; - options = [ "subvol=@nixos" ] ++ btrfs_options; - }; - - fileSystems."/home" = { - device = "/dev/disk/by-label/NIX_ROOT"; - fsType = "btrfs"; - options = [ "subvol=@home" ] ++ btrfs_options; - }; - - fileSystems."/swap" = { - device = "/dev/disk/by-label/NIX_ROOT"; - fsType = "btrfs"; - options = [ "subvol=@swap" ] ++ btrfs_options; - }; - - swapDevices = [{ - device = "/swap/swapfile"; - size = (1024 * 8) + (1024 * 2); # RAM size + 2 GB - }]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp2s0.useDHCP = lib.mkDefault true; - # networking.interfaces.wlp1s0.useDHCP = lib.mkDefault true; - - powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand"; - hardware.cpu.intel.updateMicrocode = - lib.mkDefault config.hardware.enableRedistributableFirmware; - networking.hostName = "i15"; # Define your hostname. -} diff --git a/hosts/i15/default.nix b/hosts/i15/default.nix new file mode 100644 index 0000000..6518e66 --- /dev/null +++ b/hosts/i15/default.nix @@ -0,0 +1,25 @@ +{ config, lib, pkgs, modulesPath, ... }: { + networking.hostName = "i15"; # Define your hostname. + + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; + + boot.initrd.availableKernelModules = + [ "xhci_pci" "ahci" "usb_storage" "sd_mod" "rtsx_usb_sdmmc" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + disko.devices = (import ./partitions.nix { disks = [ "/dev/sda" ]; }); + boot.loader.efi.efiSysMountPoint = "/boot/efi"; + + swapDevices = [{ + device = "/swap/swapfile"; + size = (1024 * 8) + (1024 * 2); # RAM size + 2 GB + }]; + + networking.useDHCP = lib.mkDefault true; + + powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand"; + hardware.cpu.intel.updateMicrocode = + lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/i15/partitions-test.nix b/hosts/i15/partitions-test.nix new file mode 100644 index 0000000..89f06b7 --- /dev/null +++ b/hosts/i15/partitions-test.nix @@ -0,0 +1,14 @@ +{ config, lib, pkgs, ... }: +pkgs.makeDiskoTest { + name = "test-disko-i15"; + disko-config = ./partitions.nix; + enableOCR = true; + bootCommands = '' + machine.wait_for_text("[Pp]assphrase for") + machine.send_chars("secretsecret\n") + ''; + extraTestScript = '' + machine.succeed("cryptsetup isLuks /dev/vda2"); + machine.succeed("mountpoint /home"); + ''; +} diff --git a/hosts/partition/i15.nix b/hosts/i15/partitions.nix similarity index 50% rename from hosts/partition/i15.nix rename to hosts/i15/partitions.nix index f97dad3..ed7ff7e 100644 --- a/hosts/partition/i15.nix +++ b/hosts/i15/partitions.nix @@ -1,4 +1,8 @@ -{ disks ? [ "/dev/sda" ], ... }: { +{ disks ? [ "/dev/sda" ], ... }: +let + btrfs_options = [ "compress=zstd:3" "noatime" ]; +in +{ disk.sda = { type = "disk"; device = builtins.elemAt disks 0; @@ -10,28 +14,36 @@ type = "partition"; name = "NIX_BOOT"; start = "1MiB"; - end = "1GiB"; + end = "300MiB"; bootable = true; content = { type = "filesystem"; + extraArgs = [ "-n" "BOOT_I15" ]; format = "vfat"; mountpoint = "/boot"; - options = [ "defaults" ]; + # options = [ "defaults" ]; }; } { type = "partition"; - name = "NIX_CRYPT_ROOT"; - start = "1GiB"; + name = "CRYPT_I15"; + start = "300MiB"; end = "100%"; content = { type = "luks"; name = "main"; + keyFile = "/tmp/secret.key"; content = { type = "btrfs"; - name = "BTRFS_ROOT"; - mountpoint = "/"; - subvolumes = [ "/home" "/nixos" "/swap" ]; + extraArgs = [ "--label" "ROOT_I15" ]; + subvolumes = let mountOptions = btrfs_options; in { + "/home" = { inherit mountOptions; }; + "/nixos" = { + inherit mountOptions; + mountpoint = "/"; + }; + "/swap" = { inherit mountOptions; }; + }; }; }; } diff --git a/hosts/monolith.nix b/hosts/monolith/default.nix similarity index 100% rename from hosts/monolith.nix rename to hosts/monolith/default.nix diff --git a/hosts/pixie.nix b/hosts/pixie/default.nix similarity index 100% rename from hosts/pixie.nix rename to hosts/pixie/default.nix diff --git a/hosts/rainbow.nix b/hosts/rainbow/default.nix similarity index 100% rename from hosts/rainbow.nix rename to hosts/rainbow/default.nix diff --git a/overlays/default.nix b/overlays/default.nix index 995079d..7117a37 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -79,5 +79,14 @@ variables = (final: prev: { uservars = import ../user/variables.nix; + + makeDiskoTest = + let + makeTest = import (prev.path + "/nixos/tests/make-test-python.nix"); + eval-config = import (prev.path + "/nixos/lib/eval-config.nix"); + in + (prev.callPackage "${inputs.disko}/tests/lib.nix" { + inherit makeTest eval-config; + }).makeDiskoTest; }); }