diff --git a/flake.lock b/flake.lock index 80ca984..d51c314 100644 --- a/flake.lock +++ b/flake.lock @@ -28,11 +28,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1718371084, - "narHash": "sha256-abpBi61mg0g+lFFU0zY4C6oP6fBwPzbHPKBGw676xsA=", + "lastModified": 1716561646, + "narHash": "sha256-UIGtLO89RxKt7RF2iEgPikSdU53r6v/6WYB0RW3k89I=", "owner": "ryantm", "repo": "agenix", - "rev": "3a56735779db467538fb2e577eda28a9daacaca6", + "rev": "c2fc0762bbe8feb06a2e59a364fa81b3a57671c9", "type": "github" }, "original": { @@ -148,26 +148,6 @@ "type": "github" } }, - "disko": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1718242063, - "narHash": "sha256-n3AWItJ4a94GT0cray/eUV7tt3mulQ52L+lWJN9d1E8=", - "owner": "nix-community", - "repo": "disko", - "rev": "832a9f2c81ff3485404bd63952eadc17bf7ccef2", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "disko", - "type": "github" - } - }, "dzgui-nix": { "inputs": { "nixpkgs": [ @@ -535,11 +515,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1718208800, - "narHash": "sha256-US1tAChvPxT52RV8GksWZS415tTS7PV42KTc2PNDBmc=", + "lastModified": 1718086528, + "narHash": "sha256-hoB7B7oPgypePz16cKWawPfhVvMSXj4G/qLsfFuhFjw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "cc54fb41d13736e92229c21627ea4f22199fee6b", + "rev": "47b604b07d1e8146d5398b42d3306fdebd343986", "type": "github" }, "original": { @@ -585,7 +565,6 @@ "agenix": "agenix", "demoji": "demoji", "dhist": "dhist", - "disko": "disko", "dzgui-nix": "dzgui-nix", "home-manager": "home-manager", "nix-index-database": "nix-index-database", diff --git a/flake.nix b/flake.nix index 5a3d537..8e17499 100644 --- a/flake.nix +++ b/flake.nix @@ -38,9 +38,6 @@ inputs.nixpkgs.follows = "nixpkgs"; }; - disko.url = "github:nix-community/disko"; - disko.inputs.nixpkgs.follows = "nixpkgs"; - # my stuff dhist = { url = "github:lelgenio/dhist"; @@ -99,7 +96,6 @@ inputs.agenix.nixosModules.default inputs.dzgui-nix.nixosModules.default inputs.home-manager.nixosModules.home-manager - inputs.disko.nixosModules.disko { home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; @@ -116,18 +112,15 @@ ++ lib.optional (desktop == "kde") ./system/kde.nix; in { - checks."${system}" = { - disko-format-i15 = pkgs.callPackage ./hosts/i15/partitions-test.nix { }; - }; nixosConfigurations = { i15 = lib.nixosSystem { inherit system specialArgs; - modules = [ ./hosts/i15 ] ++ common_modules; + modules = [ ./hosts/i15.nix ] ++ common_modules; }; monolith = lib.nixosSystem { inherit system specialArgs; modules = [ - ./hosts/monolith + ./hosts/monolith.nix ./system/monolith-gitlab-runner.nix ./system/monolith-forgejo-runner.nix ./system/nix-serve.nix @@ -137,7 +130,7 @@ rainbow = lib.nixosSystem { inherit system specialArgs; modules = [ - ./hosts/rainbow + ./hosts/rainbow.nix ./system/rainbow-gitlab-runner.nix ] ++ common_modules; }; diff --git a/hosts/i15/default.nix b/hosts/i15/default.nix deleted file mode 100644 index ca7c217..0000000 --- a/hosts/i15/default.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ - config, - lib, - pkgs, - modulesPath, - ... -}: -{ - networking.hostName = "i15"; # Define your hostname. - - imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - - boot.initrd.availableKernelModules = [ - "xhci_pci" - "ahci" - "usb_storage" - "sd_mod" - "rtsx_usb_sdmmc" - ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - disko.devices = (import ./partitions.nix { disks = [ "/dev/sda" ]; }); - boot.loader.efi.efiSysMountPoint = "/boot/efi"; - - swapDevices = [ - { - device = "/swap/swapfile"; - size = (1024 * 8) + (1024 * 2); # RAM size + 2 GB - } - ]; - - networking.useDHCP = lib.mkDefault true; - - powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/hosts/i15/partitions-test.nix b/hosts/i15/partitions-test.nix deleted file mode 100644 index bb2c273..0000000 --- a/hosts/i15/partitions-test.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -pkgs.makeDiskoTest { - name = "test-disko-i15"; - disko-config = ./partitions.nix; - enableOCR = true; - bootCommands = '' - machine.wait_for_text("[Pp]assphrase for") - machine.send_chars("secretsecret\n") - ''; - extraTestScript = '' - machine.succeed("cryptsetup isLuks /dev/vda2"); - machine.succeed("mountpoint /home"); - ''; -} diff --git a/hosts/i15/partitions.nix b/hosts/i15/partitions.nix deleted file mode 100644 index 7b69e0f..0000000 --- a/hosts/i15/partitions.nix +++ /dev/null @@ -1,73 +0,0 @@ -{ - disks ? [ "/dev/sda" ], - ... -}: -let - btrfs_options = [ - "compress=zstd:3" - "noatime" - ]; -in -{ - disk.sda = { - type = "disk"; - device = builtins.elemAt disks 0; - content = { - type = "table"; - format = "gpt"; - partitions = [ - { - type = "partition"; - name = "NIX_BOOT"; - start = "1MiB"; - end = "300MiB"; - bootable = true; - content = { - type = "filesystem"; - extraArgs = [ - "-n" - "BOOT_I15" - ]; - format = "vfat"; - mountpoint = "/boot"; - # options = [ "defaults" ]; - }; - } - { - type = "partition"; - name = "CRYPT_I15"; - start = "300MiB"; - end = "100%"; - content = { - type = "luks"; - name = "main"; - keyFile = "/tmp/secret.key"; - content = { - type = "btrfs"; - extraArgs = [ - "--label" - "ROOT_I15" - ]; - subvolumes = - let - mountOptions = btrfs_options; - in - { - "/home" = { - inherit mountOptions; - }; - "/nixos" = { - inherit mountOptions; - mountpoint = "/"; - }; - "/swap" = { - inherit mountOptions; - }; - }; - }; - }; - } - ]; - }; - }; -} diff --git a/hosts/monolith/default.nix b/hosts/monolith.nix similarity index 73% rename from hosts/monolith/default.nix rename to hosts/monolith.nix index f375186..262f19a 100644 --- a/hosts/monolith/default.nix +++ b/hosts/monolith.nix @@ -20,10 +20,7 @@ let ]; in { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ./partition.nix - ]; + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" @@ -45,6 +42,9 @@ in boot.kernelParams = [ "amdgpu.dcdebugmask=0x10" # amdgpu undervolting bug "video=DP-1:1920x1080@144" + # hibernation + "resume=LABEL=BTRFS_ROOT" # findmnt -o LABEL --noheadings /swap/ + "resume_offset=36709632" # btrfs inspect-internal map-swapfile -r /swap/swapfile ]; systemd.sleep.extraConfig = '' HibernateDelaySec=30s @@ -74,14 +74,14 @@ in }; }; - fileSystems."/mnt/old" = { + fileSystems."/" = { device = "/dev/disk/by-label/BTRFS_ROOT"; fsType = "btrfs"; - options = [ "nofail" ] ++ btrfs_options ++ btrfs_ssd; + options = [ "subvol=nixos" ] ++ btrfs_options ++ btrfs_ssd; }; # boot.initrd.luks.reusePassphrases = true; boot.initrd.luks.devices = { - "old" = { + "main" = { bypassWorkqueues = true; device = "/dev/disk/by-label/CRYPT_ROOT"; }; @@ -89,21 +89,21 @@ in bypassWorkqueues = true; device = "/dev/disk/by-label/CRYPT_DATA"; }; - # "bigboy" = { - # bypassWorkqueues = true; - # device = "/dev/disk/by-label/CRYPT_BIGBOY"; - # }; + "bigboy" = { + bypassWorkqueues = true; + device = "/dev/disk/by-label/CRYPT_BIGBOY"; + }; + }; + boot.loader.efi.efiSysMountPoint = "/boot/efi"; + fileSystems."/boot/efi" = { + device = "/dev/disk/by-label/NIXBOOT"; + fsType = "vfat"; + }; + fileSystems."/home" = { + device = "/dev/disk/by-label/BTRFS_ROOT"; + fsType = "btrfs"; + options = [ "subvol=home" ] ++ btrfs_options ++ btrfs_ssd; }; - # boot.loader.efi.efiSysMountPoint = "/boot/efi"; - # fileSystems."/boot/efi" = { - # device = "/dev/disk/by-label/NIXBOOT"; - # fsType = "vfat"; - # }; - # fileSystems."/home" = { - # device = "/dev/disk/by-label/BTRFS_ROOT"; - # fsType = "btrfs"; - # options = [ "subvol=home" ] ++ btrfs_options ++ btrfs_ssd; - # }; fileSystems."/home/lelgenio/Games" = { device = "/dev/disk/by-label/BTRFS_DATA"; fsType = "btrfs"; @@ -136,11 +136,11 @@ in "nofail" ] ++ btrfs_options; }; - # fileSystems."/home/lelgenio/.local/mount/bigboy" = { - # device = "/dev/disk/by-label/BTRFS_BIGBOY"; - # fsType = "btrfs"; - # options = [ "nofail" ] ++ btrfs_options ++ btrfs_ssd; - # }; + fileSystems."/home/lelgenio/.local/mount/bigboy" = { + device = "/dev/disk/by-label/BTRFS_BIGBOY"; + fsType = "btrfs"; + options = [ "nofail" ] ++ btrfs_options ++ btrfs_ssd; + }; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's @@ -162,17 +162,17 @@ in ''; # swap - # fileSystems."/swap" = { - # device = "/dev/disk/by-label/BTRFS_ROOT"; - # fsType = "btrfs"; - # # Note these options effect the entire BTRFS filesystem and not just this volume, - # # with the exception of `"subvol=swap"`, the other options are repeated in my other `fileSystem` mounts - # options = [ "subvol=swap" ] ++ btrfs_options ++ btrfs_ssd; - # }; - # swapDevices = [ - # { - # device = "/swap/swapfile"; - # size = (1024 * 16) + (1024 * 2); # RAM size + 2 GB - # } - # ]; + fileSystems."/swap" = { + device = "/dev/disk/by-label/BTRFS_ROOT"; + fsType = "btrfs"; + # Note these options effect the entire BTRFS filesystem and not just this volume, + # with the exception of `"subvol=swap"`, the other options are repeated in my other `fileSystem` mounts + options = [ "subvol=swap" ] ++ btrfs_options ++ btrfs_ssd; + }; + swapDevices = [ + { + device = "/swap/swapfile"; + size = (1024 * 16) + (1024 * 2); # RAM size + 2 GB + } + ]; } diff --git a/hosts/monolith/partition.nix b/hosts/monolith/partition.nix deleted file mode 100644 index d75d814..0000000 --- a/hosts/monolith/partition.nix +++ /dev/null @@ -1,68 +0,0 @@ -let - btrfs_options = [ - "compress=zstd:3" - "noatime" - "x-systemd.device-timeout=0" - ]; - btrfs_ssd = btrfs_options ++ [ - "ssd" - "discard=async" - ]; -in -{ - disko.devices = { - disk = { - bigboy_disk = { - type = "disk"; - device = "/dev/nvme0n1"; - content = { - type = "gpt"; - partitions = { - ESP = { - size = "2G"; - type = "EF00"; - content = { - type = "filesystem"; - format = "vfat"; - mountpoint = "/boot"; - mountOptions = [ "defaults" ]; - }; - }; - luks = { - size = "100%"; - content = { - type = "luks"; - name = "bigboy"; - # disable settings.keyFile if you want to use interactive password entry - passwordFile = "/tmp/secret.key"; # Interactive - # settings = { - # allowDiscards = true; - # keyFile = "/tmp/secret.key"; - # }; - # additionalKeyFiles = [ "/tmp/additionalSecret.key" ]; - content = { - type = "btrfs"; - extraArgs = [ "-f" ]; - subvolumes = { - "/@nixos" = { - mountpoint = "/"; - mountOptions = btrfs_ssd; - }; - "/@home" = { - mountpoint = "/home"; - mountOptions = btrfs_ssd; - }; - "/@swap" = { - mountpoint = "/.swapvol"; - swap.swapfile.size = "32G"; - }; - }; - }; - }; - }; - }; - }; - }; - }; - }; -} diff --git a/hosts/pixie/default.nix b/hosts/pixie.nix similarity index 100% rename from hosts/pixie/default.nix rename to hosts/pixie.nix diff --git a/hosts/rainbow/default.nix b/hosts/rainbow.nix similarity index 100% rename from hosts/rainbow/default.nix rename to hosts/rainbow.nix diff --git a/install/i15.sh b/install/i15.sh new file mode 100644 index 0000000..72a5ac6 --- /dev/null +++ b/install/i15.sh @@ -0,0 +1,63 @@ +#!/bin/sh + +set -xe + +settle() { + udevadm trigger --subsystem-match=block + udevadm settle +} + +lsblk +echo 'Enter the name of the device to WIPE and install (something like "sda"):' +read DRIVE_ID + +echo 'Enter a passphrase to encrypt the disk:' +read -s DRIVE_PASSPHRASE + +echo "Creating partition table..." +parted -s "/dev/${DRIVE_ID}" -- mklabel gpt + +echo "Creating EFI system partition..." +parted -s "/dev/${DRIVE_ID}" -- mkpart ESP 1MiB 1GiB +parted -s "/dev/${DRIVE_ID}" -- set 1 boot on +mkfs.fat -F32 "/dev/${DRIVE_ID}1" -n NIX_BOOT + +echo "Creating encrypted root partition..." +parted -s "/dev/${DRIVE_ID}" -- mkpart luks 1GiB 100% +echo "$DRIVE_PASSPHRASE" | cryptsetup --batch-mode luksFormat --label CRYPT_ROOT "/dev/${DRIVE_ID}2" +settle +echo "$DRIVE_PASSPHRASE" | cryptsetup luksOpen /dev/disk/by-label/CRYPT_ROOT "crypt_root" + +echo "Creating btrfs partition..." +mkfs.btrfs --quiet --label NIX_ROOT /dev/mapper/"crypt_root" +MNTPOINT=$(mktemp -d) +mount /dev/mapper/"crypt_root" "$MNTPOINT" + +echo "Creating subvolumes..." +btrfs subvolume create "$MNTPOINT"/@nixos +btrfs subvolume create "$MNTPOINT"/@home +btrfs subvolume create "$MNTPOINT"/@swap + +echo "Closing btrfs partition..." +umount -Rl "$MNTPOINT" +rm -rf "$MNTPOINT" + +echo "Mounting root btrfs submodule to '$MNTPOINT' ..." +MNTPOINT=$(mktemp -d) +mount /dev/disk/by-label/NIX_ROOT "$MNTPOINT" -o subvol=@nixos,noatime,compress=zstd + +echo "Creating and mounting EFI system partition mountpoint..." +mkdir -p "$MNTPOINT/boot" +mount /dev/disk/by-label/NIX_BOOT "$MNTPOINT/boot" + +echo "Creating home partition mountpoint..." +mkdir -p "$MNTPOINT/home" +mount /dev/disk/by-label/NIX_ROOT "$MNTPOINT/home" -o subvol=@home,noatime,compress=zstd + +echo "Swapfile" +mkdir -p "$MNTPOINT/swap" +mount /dev/disk/by-label/NIX_ROOT "$MNTPOINT/swap" -o subvol=@swap,noatime + +# echo "Installing system..." +nixos-generate-config --root "$MNTPOINT" +# nixos-install --root "$MNTPOINT" diff --git a/overlays/default.nix b/overlays/default.nix index d9f41ae..e83ed4c 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -6,7 +6,6 @@ rec { new-packages patches lib_extended - disko ]; scripts = (import ../scripts); @@ -70,13 +69,4 @@ rec { }; } ); - - disko = final: prev: { - makeDiskoTest = - let - makeTest = import (prev.path + "/nixos/tests/make-test-python.nix"); - eval-config = import (prev.path + "/nixos/lib/eval-config.nix"); - in - (prev.callPackage "${inputs.disko}/tests/lib.nix" { inherit makeTest eval-config; }).makeDiskoTest; - }; } diff --git a/scripts/auto_connect_gamepad b/scripts/auto_connect_gamepad index 6ff45b7..9753966 100755 --- a/scripts/auto_connect_gamepad +++ b/scripts/auto_connect_gamepad @@ -22,6 +22,5 @@ while true; do sleep 10s continue fi - sleep 1s try_to_connect_to_all_controllers done diff --git a/system/users.nix b/system/users.nix index 4528a6a..ead5528 100644 --- a/system/users.nix +++ b/system/users.nix @@ -19,7 +19,6 @@ "bluetooth" "corectrl" "vboxusers" - "input" ]; shell = pkgs.fish; openssh.authorizedKeys.keys = [ diff --git a/user/chat.nix b/user/chat.nix index a68055f..f0987ed 100644 --- a/user/chat.nix +++ b/user/chat.nix @@ -9,14 +9,14 @@ wayland.windowManager.sway = { extraConfig = '' exec thunderbird - exec vesktop + exec webcord exec telegram-desktop ''; }; home.packages = with pkgs; [ tdesktop - vesktop + webcord thunderbird element-desktop-wayland ];