diff --git a/flake.lock b/flake.lock index e132837..03c2398 100644 --- a/flake.lock +++ b/flake.lock @@ -142,26 +142,6 @@ "type": "github" } }, - "disko": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1677116397, - "narHash": "sha256-2OHwhv4k1SDEuNxhq+zluvrd5pbW8d4TP9NKW4B8iO8=", - "owner": "nix-community", - "repo": "disko", - "rev": "8fddb2fd721365fa77ff68b709539639d4dc65d7", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "disko", - "type": "github" - } - }, "dzgui": { "inputs": { "dzgui": "dzgui_2", @@ -485,11 +465,11 @@ }, "nur": { "locked": { - "lastModified": 1677192448, - "narHash": "sha256-bqHXpEDxPnDF4tdBld2fL13ZtWNGsv/EINENxS+T1UM=", + "lastModified": 1677153098, + "narHash": "sha256-C5NsaJKeNe+Aa1REK6Ae1ywiybkKbtX92FP6OYZA0Lc=", "owner": "nix-community", "repo": "NUR", - "rev": "81cee6fd1d178fca9ad861247cc9b15cd114f203", + "rev": "12e6af8be38edb8358041e0ff3796919917c0d7b", "type": "github" }, "original": { @@ -553,7 +533,6 @@ "alacritty-sixel": "alacritty-sixel", "demoji": "demoji", "dhist": "dhist", - "disko": "disko", "dzgui": "dzgui", "home-manager": "home-manager", "hyprland": "hyprland", diff --git a/flake.nix b/flake.nix index 0104c95..9fd02e9 100644 --- a/flake.nix +++ b/flake.nix @@ -51,9 +51,6 @@ dzgui.url = "github:lelgenio/dzgui-nix"; dzgui.inputs.nixpkgs.follows = "nixpkgs"; - disko.url = "github:nix-community/disko"; - disko.inputs.nixpkgs.follows = "nixpkgs"; - # my stuff dhist = { url = "github:lelgenio/dhist"; @@ -85,7 +82,6 @@ ./system/configuration.nix ./system/secrets.nix ./system/specialisation.nix - inputs.disko.nixosModules.disko # nur.nixosModules.nur inputs.agenix.nixosModules.default inputs.hyprland.nixosModules.default @@ -108,18 +104,15 @@ ++ lib.optional (desktop == "kde") ./system/kde.nix; in { - checks."${system}" = { - disko-format-i15 = pkgs.callPackage ./hosts/i15/partitions-test.nix { }; - }; nixosConfigurations = { i15 = lib.nixosSystem { inherit system specialArgs; - modules = [ ./hosts/i15 ] ++ common_modules; + modules = [ ./hosts/i15.nix ] ++ common_modules; }; monolith = lib.nixosSystem { inherit system specialArgs; modules = [ - ./hosts/monolith + ./hosts/monolith.nix ./system/monolith-gitlab-runner.nix ./system/nix-serve.nix ./system/steam.nix @@ -128,13 +121,13 @@ rainbow = lib.nixosSystem { inherit system specialArgs; modules = [ - ./hosts/rainbow + ./hosts/rainbow.nix ./system/rainbow-gitlab-runner.nix ] ++ common_modules; }; pixie = lib.nixosSystem { inherit system specialArgs; - modules = [ ./hosts/pixie ] ++ common_modules ++ [{ + modules = [ ./hosts/pixie.nix ] ++ common_modules ++ [{ packages.media-packages.enable = lib.mkOverride 0 false; programs.steam.enable = lib.mkOverride 0 false; services.flatpak.enable = lib.mkOverride 0 false; diff --git a/hosts/i15.nix b/hosts/i15.nix new file mode 100644 index 0000000..31a2f7f --- /dev/null +++ b/hosts/i15.nix @@ -0,0 +1,65 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: +let + btrfs_options = [ "compress=zstd:3" "noatime" ]; +in +{ + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; + + boot.initrd.availableKernelModules = + [ "xhci_pci" "ahci" "usb_storage" "sd_mod" "rtsx_usb_sdmmc" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + boot.initrd.luks.devices = { + "main" = { + bypassWorkqueues = true; + device = "/dev/disk/by-label/CRYPT_ROOT"; + }; + }; + + boot.loader.efi.efiSysMountPoint = "/boot/efi"; + fileSystems."/boot/efi" = { + device = "/dev/disk/by-label/NIX_BOOT"; + fsType = "vfat"; + }; + + fileSystems."/" = { + device = "/dev/disk/by-label/NIX_ROOT"; + fsType = "btrfs"; + options = [ "subvol=@nixos" ] ++ btrfs_options; + }; + + fileSystems."/home" = { + device = "/dev/disk/by-label/NIX_ROOT"; + fsType = "btrfs"; + options = [ "subvol=@home" ] ++ btrfs_options; + }; + + fileSystems."/swap" = { + device = "/dev/disk/by-label/NIX_ROOT"; + fsType = "btrfs"; + options = [ "subvol=@swap" ] ++ btrfs_options; + }; + + swapDevices = [{ + device = "/swap/swapfile"; + size = (1024 * 8) + (1024 * 2); # RAM size + 2 GB + }]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp2s0.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp1s0.useDHCP = lib.mkDefault true; + + powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand"; + hardware.cpu.intel.updateMicrocode = + lib.mkDefault config.hardware.enableRedistributableFirmware; + networking.hostName = "i15"; # Define your hostname. +} diff --git a/hosts/i15/default.nix b/hosts/i15/default.nix deleted file mode 100644 index 6518e66..0000000 --- a/hosts/i15/default.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ config, lib, pkgs, modulesPath, ... }: { - networking.hostName = "i15"; # Define your hostname. - - imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - - boot.initrd.availableKernelModules = - [ "xhci_pci" "ahci" "usb_storage" "sd_mod" "rtsx_usb_sdmmc" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - disko.devices = (import ./partitions.nix { disks = [ "/dev/sda" ]; }); - boot.loader.efi.efiSysMountPoint = "/boot/efi"; - - swapDevices = [{ - device = "/swap/swapfile"; - size = (1024 * 8) + (1024 * 2); # RAM size + 2 GB - }]; - - networking.useDHCP = lib.mkDefault true; - - powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand"; - hardware.cpu.intel.updateMicrocode = - lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/hosts/i15/partitions-test.nix b/hosts/i15/partitions-test.nix deleted file mode 100644 index 89f06b7..0000000 --- a/hosts/i15/partitions-test.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ config, lib, pkgs, ... }: -pkgs.makeDiskoTest { - name = "test-disko-i15"; - disko-config = ./partitions.nix; - enableOCR = true; - bootCommands = '' - machine.wait_for_text("[Pp]assphrase for") - machine.send_chars("secretsecret\n") - ''; - extraTestScript = '' - machine.succeed("cryptsetup isLuks /dev/vda2"); - machine.succeed("mountpoint /home"); - ''; -} diff --git a/hosts/i15/partitions.nix b/hosts/i15/partitions.nix deleted file mode 100644 index ed7ff7e..0000000 --- a/hosts/i15/partitions.nix +++ /dev/null @@ -1,53 +0,0 @@ -{ disks ? [ "/dev/sda" ], ... }: -let - btrfs_options = [ "compress=zstd:3" "noatime" ]; -in -{ - disk.sda = { - type = "disk"; - device = builtins.elemAt disks 0; - content = { - type = "table"; - format = "gpt"; - partitions = [ - { - type = "partition"; - name = "NIX_BOOT"; - start = "1MiB"; - end = "300MiB"; - bootable = true; - content = { - type = "filesystem"; - extraArgs = [ "-n" "BOOT_I15" ]; - format = "vfat"; - mountpoint = "/boot"; - # options = [ "defaults" ]; - }; - } - { - type = "partition"; - name = "CRYPT_I15"; - start = "300MiB"; - end = "100%"; - content = { - type = "luks"; - name = "main"; - keyFile = "/tmp/secret.key"; - content = { - type = "btrfs"; - extraArgs = [ "--label" "ROOT_I15" ]; - subvolumes = let mountOptions = btrfs_options; in { - "/home" = { inherit mountOptions; }; - "/nixos" = { - inherit mountOptions; - mountpoint = "/"; - }; - "/swap" = { inherit mountOptions; }; - }; - }; - }; - } - ]; - }; - }; -} diff --git a/hosts/monolith/default.nix b/hosts/monolith.nix similarity index 100% rename from hosts/monolith/default.nix rename to hosts/monolith.nix diff --git a/hosts/pixie/default.nix b/hosts/pixie.nix similarity index 100% rename from hosts/pixie/default.nix rename to hosts/pixie.nix diff --git a/hosts/rainbow/default.nix b/hosts/rainbow.nix similarity index 100% rename from hosts/rainbow/default.nix rename to hosts/rainbow.nix diff --git a/install/i15.sh b/install/i15.sh new file mode 100644 index 0000000..72a5ac6 --- /dev/null +++ b/install/i15.sh @@ -0,0 +1,63 @@ +#!/bin/sh + +set -xe + +settle() { + udevadm trigger --subsystem-match=block + udevadm settle +} + +lsblk +echo 'Enter the name of the device to WIPE and install (something like "sda"):' +read DRIVE_ID + +echo 'Enter a passphrase to encrypt the disk:' +read -s DRIVE_PASSPHRASE + +echo "Creating partition table..." +parted -s "/dev/${DRIVE_ID}" -- mklabel gpt + +echo "Creating EFI system partition..." +parted -s "/dev/${DRIVE_ID}" -- mkpart ESP 1MiB 1GiB +parted -s "/dev/${DRIVE_ID}" -- set 1 boot on +mkfs.fat -F32 "/dev/${DRIVE_ID}1" -n NIX_BOOT + +echo "Creating encrypted root partition..." +parted -s "/dev/${DRIVE_ID}" -- mkpart luks 1GiB 100% +echo "$DRIVE_PASSPHRASE" | cryptsetup --batch-mode luksFormat --label CRYPT_ROOT "/dev/${DRIVE_ID}2" +settle +echo "$DRIVE_PASSPHRASE" | cryptsetup luksOpen /dev/disk/by-label/CRYPT_ROOT "crypt_root" + +echo "Creating btrfs partition..." +mkfs.btrfs --quiet --label NIX_ROOT /dev/mapper/"crypt_root" +MNTPOINT=$(mktemp -d) +mount /dev/mapper/"crypt_root" "$MNTPOINT" + +echo "Creating subvolumes..." +btrfs subvolume create "$MNTPOINT"/@nixos +btrfs subvolume create "$MNTPOINT"/@home +btrfs subvolume create "$MNTPOINT"/@swap + +echo "Closing btrfs partition..." +umount -Rl "$MNTPOINT" +rm -rf "$MNTPOINT" + +echo "Mounting root btrfs submodule to '$MNTPOINT' ..." +MNTPOINT=$(mktemp -d) +mount /dev/disk/by-label/NIX_ROOT "$MNTPOINT" -o subvol=@nixos,noatime,compress=zstd + +echo "Creating and mounting EFI system partition mountpoint..." +mkdir -p "$MNTPOINT/boot" +mount /dev/disk/by-label/NIX_BOOT "$MNTPOINT/boot" + +echo "Creating home partition mountpoint..." +mkdir -p "$MNTPOINT/home" +mount /dev/disk/by-label/NIX_ROOT "$MNTPOINT/home" -o subvol=@home,noatime,compress=zstd + +echo "Swapfile" +mkdir -p "$MNTPOINT/swap" +mount /dev/disk/by-label/NIX_ROOT "$MNTPOINT/swap" -o subvol=@swap,noatime + +# echo "Installing system..." +nixos-generate-config --root "$MNTPOINT" +# nixos-install --root "$MNTPOINT" diff --git a/overlays/default.nix b/overlays/default.nix index 7117a37..995079d 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -79,14 +79,5 @@ variables = (final: prev: { uservars = import ../user/variables.nix; - - makeDiskoTest = - let - makeTest = import (prev.path + "/nixos/tests/make-test-python.nix"); - eval-config = import (prev.path + "/nixos/lib/eval-config.nix"); - in - (prev.callPackage "${inputs.disko}/tests/lib.nix" { - inherit makeTest eval-config; - }).makeDiskoTest; }); }