lelgenio/nixos-config
1
0
Fork 0
Code Issues 1 Pull requests Projects 2 Releases Packages Wiki Activity Actions

Compare commits

base: lelgenio:9ce5b5b04dc6ec8b4122520d1027c408e4fc0552
Branches Tags
lelgenio:main
lelgenio:caffeinated
lelgenio:gitlab-ci-ssh-nix-cache
lelgenio:try-fix-firefox
lelgenio:multiline-edit
lelgenio:gnome-the-second
lelgenio:gnome-pass-search-provider
lelgenio:refactor
lelgenio:sops
lelgenio:update-24.11
lelgenio:disko
lelgenio:release-24.05
lelgenio:niri
lelgenio:gnome
lelgenio:hyprland
..
compare: lelgenio:a7f6983abe67f5ec8be14bd661b6005392311814
Branches Tags
lelgenio:main
lelgenio:caffeinated
lelgenio:gitlab-ci-ssh-nix-cache
lelgenio:try-fix-firefox
lelgenio:multiline-edit
lelgenio:gnome-the-second
lelgenio:gnome-pass-search-provider
lelgenio:refactor
lelgenio:sops
lelgenio:update-24.11
lelgenio:disko
lelgenio:release-24.05
lelgenio:niri
lelgenio:gnome
lelgenio:hyprland

No commits in common. "9ce5b5b04dc6ec8b4122520d1027c408e4fc0552" and "a7f6983abe67f5ec8be14bd661b6005392311814" have entirely different histories.
9ce5b5b04d ... a7f6983abe

14 changed files with 113 additions and 288 deletions
Download patch file Download diff file Expand all files Collapse all files

33
flake.lock generated
View file

@ -28,11 +28,11 @@
"systems": "systems"
},
"locked": {
"lastModified": 1718371084,
"narHash": "sha256-abpBi61mg0g+lFFU0zY4C6oP6fBwPzbHPKBGw676xsA=",
"lastModified": 1716561646,
"narHash": "sha256-UIGtLO89RxKt7RF2iEgPikSdU53r6v/6WYB0RW3k89I=",
"owner": "ryantm",
"repo": "agenix",
"rev": "3a56735779db467538fb2e577eda28a9daacaca6",
"rev": "c2fc0762bbe8feb06a2e59a364fa81b3a57671c9",
"type": "github"
},
"original": {
@ -148,26 +148,6 @@
"type": "github"
}
},
"disko": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1718242063,
"narHash": "sha256-n3AWItJ4a94GT0cray/eUV7tt3mulQ52L+lWJN9d1E8=",
"owner": "nix-community",
"repo": "disko",
"rev": "832a9f2c81ff3485404bd63952eadc17bf7ccef2",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "disko",
"type": "github"
}
},
"dzgui-nix": {
"inputs": {
"nixpkgs": [
@ -535,11 +515,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1718208800,
"narHash": "sha256-US1tAChvPxT52RV8GksWZS415tTS7PV42KTc2PNDBmc=",
"lastModified": 1718086528,
"narHash": "sha256-hoB7B7oPgypePz16cKWawPfhVvMSXj4G/qLsfFuhFjw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "cc54fb41d13736e92229c21627ea4f22199fee6b",
"rev": "47b604b07d1e8146d5398b42d3306fdebd343986",
"type": "github"
},
"original": {
@ -585,7 +565,6 @@
"agenix": "agenix",
"demoji": "demoji",
"dhist": "dhist",
"disko": "disko",
"dzgui-nix": "dzgui-nix",
"home-manager": "home-manager",
"nix-index-database": "nix-index-database",

13
flake.nix
View file

@ -38,9 +38,6 @@
inputs.nixpkgs.follows = "nixpkgs";
};
disko.url = "github:nix-community/disko";
disko.inputs.nixpkgs.follows = "nixpkgs";
# my stuff
dhist = {
url = "github:lelgenio/dhist";
@ -99,7 +96,6 @@
inputs.agenix.nixosModules.default
inputs.dzgui-nix.nixosModules.default
inputs.home-manager.nixosModules.home-manager
inputs.disko.nixosModules.disko
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
@ -116,18 +112,15 @@
++ lib.optional (desktop == "kde") ./system/kde.nix;
in
{
checks."${system}" = {
disko-format-i15 = pkgs.callPackage ./hosts/i15/partitions-test.nix { };
};
nixosConfigurations = {
i15 = lib.nixosSystem {
inherit system specialArgs;
modules = [ ./hosts/i15 ] ++ common_modules;
modules = [ ./hosts/i15.nix ] ++ common_modules;
};
monolith = lib.nixosSystem {
inherit system specialArgs;
modules = [
./hosts/monolith
./hosts/monolith.nix
./system/monolith-gitlab-runner.nix
./system/monolith-forgejo-runner.nix
./system/nix-serve.nix
@ -137,7 +130,7 @@
rainbow = lib.nixosSystem {
inherit system specialArgs;
modules = [
./hosts/rainbow
./hosts/rainbow.nix
./system/rainbow-gitlab-runner.nix
] ++ common_modules;
};

38
hosts/i15/default.nix
View file

@ -1,38 +0,0 @@
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
networking.hostName = "i15"; # Define your hostname.
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [
"xhci_pci"
"ahci"
"usb_storage"
"sd_mod"
"rtsx_usb_sdmmc"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
disko.devices = (import ./partitions.nix { disks = [ "/dev/sda" ]; });
boot.loader.efi.efiSysMountPoint = "/boot/efi";
swapDevices = [
{
device = "/swap/swapfile";
size = (1024 * 8) + (1024 * 2); # RAM size + 2 GB
}
];
networking.useDHCP = lib.mkDefault true;
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

19
hosts/i15/partitions-test.nix
View file

@ -1,19 +0,0 @@
{
config,
lib,
pkgs,
...
}:
pkgs.makeDiskoTest {
name = "test-disko-i15";
disko-config = ./partitions.nix;
enableOCR = true;
bootCommands = ''
machine.wait_for_text("[Pp]assphrase for")
machine.send_chars("secretsecret\n")
'';
extraTestScript = ''
machine.succeed("cryptsetup isLuks /dev/vda2");
machine.succeed("mountpoint /home");
'';
}

73
hosts/i15/partitions.nix
View file

@ -1,73 +0,0 @@
{
disks ? [ "/dev/sda" ],
...
}:
let
btrfs_options = [
"compress=zstd:3"
"noatime"
];
in
{
disk.sda = {
type = "disk";
device = builtins.elemAt disks 0;
content = {
type = "table";
format = "gpt";
partitions = [
{
type = "partition";
name = "NIX_BOOT";
start = "1MiB";
end = "300MiB";
bootable = true;
content = {
type = "filesystem";
extraArgs = [
"-n"
"BOOT_I15"
];
format = "vfat";
mountpoint = "/boot";
# options = [ "defaults" ];
};
}
{
type = "partition";
name = "CRYPT_I15";
start = "300MiB";
end = "100%";
content = {
type = "luks";
name = "main";
keyFile = "/tmp/secret.key";
content = {
type = "btrfs";
extraArgs = [
"--label"
"ROOT_I15"
];
subvolumes =
let
mountOptions = btrfs_options;
in
{
"/home" = {
inherit mountOptions;
};
"/nixos" = {
inherit mountOptions;
mountpoint = "/";
};
"/swap" = {
inherit mountOptions;
};
};
};
};
}
];
};
};
}

78
hosts/monolith/default.nix → hosts/monolith.nix
View file

@ -20,10 +20,7 @@ let
];
in
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
./partition.nix
];
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [
"nvme"
"xhci_pci"
@ -45,6 +42,9 @@ in
boot.kernelParams = [
"amdgpu.dcdebugmask=0x10" # amdgpu undervolting bug
"video=DP-1:1920x1080@144"
# hibernation
"resume=LABEL=BTRFS_ROOT" # findmnt -o LABEL --noheadings /swap/
"resume_offset=36709632" # btrfs inspect-internal map-swapfile -r /swap/swapfile
];
systemd.sleep.extraConfig = ''
HibernateDelaySec=30s
@ -74,14 +74,14 @@ in
};
};
fileSystems."/mnt/old" = {
fileSystems."/" = {
device = "/dev/disk/by-label/BTRFS_ROOT";
fsType = "btrfs";
options = [ "nofail" ] ++ btrfs_options ++ btrfs_ssd;
options = [ "subvol=nixos" ] ++ btrfs_options ++ btrfs_ssd;
};
# boot.initrd.luks.reusePassphrases = true;
boot.initrd.luks.devices = {
"old" = {
"main" = {
bypassWorkqueues = true;
device = "/dev/disk/by-label/CRYPT_ROOT";
};
@ -89,21 +89,21 @@ in
bypassWorkqueues = true;
device = "/dev/disk/by-label/CRYPT_DATA";
};
# "bigboy" = {
# bypassWorkqueues = true;
# device = "/dev/disk/by-label/CRYPT_BIGBOY";
# };
"bigboy" = {
bypassWorkqueues = true;
device = "/dev/disk/by-label/CRYPT_BIGBOY";
};
};
boot.loader.efi.efiSysMountPoint = "/boot/efi";
fileSystems."/boot/efi" = {
device = "/dev/disk/by-label/NIXBOOT";
fsType = "vfat";
};
fileSystems."/home" = {
device = "/dev/disk/by-label/BTRFS_ROOT";
fsType = "btrfs";
options = [ "subvol=home" ] ++ btrfs_options ++ btrfs_ssd;
};
# boot.loader.efi.efiSysMountPoint = "/boot/efi";
# fileSystems."/boot/efi" = {
# device = "/dev/disk/by-label/NIXBOOT";
# fsType = "vfat";
# };
# fileSystems."/home" = {
# device = "/dev/disk/by-label/BTRFS_ROOT";
# fsType = "btrfs";
# options = [ "subvol=home" ] ++ btrfs_options ++ btrfs_ssd;
# };
fileSystems."/home/lelgenio/Games" = {
device = "/dev/disk/by-label/BTRFS_DATA";
fsType = "btrfs";
@ -136,11 +136,11 @@ in
"nofail"
] ++ btrfs_options;
};
# fileSystems."/home/lelgenio/.local/mount/bigboy" = {
# device = "/dev/disk/by-label/BTRFS_BIGBOY";
# fsType = "btrfs";
# options = [ "nofail" ] ++ btrfs_options ++ btrfs_ssd;
# };
fileSystems."/home/lelgenio/.local/mount/bigboy" = {
device = "/dev/disk/by-label/BTRFS_BIGBOY";
fsType = "btrfs";
options = [ "nofail" ] ++ btrfs_options ++ btrfs_ssd;
};
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
@ -162,17 +162,17 @@ in
'';
# swap
# fileSystems."/swap" = {
# device = "/dev/disk/by-label/BTRFS_ROOT";
# fsType = "btrfs";
# # Note these options effect the entire BTRFS filesystem and not just this volume,
# # with the exception of `"subvol=swap"`, the other options are repeated in my other `fileSystem` mounts
# options = [ "subvol=swap" ] ++ btrfs_options ++ btrfs_ssd;
# };
# swapDevices = [
# {
# device = "/swap/swapfile";
# size = (1024 * 16) + (1024 * 2); # RAM size + 2 GB
# }
# ];
fileSystems."/swap" = {
device = "/dev/disk/by-label/BTRFS_ROOT";
fsType = "btrfs";
# Note these options effect the entire BTRFS filesystem and not just this volume,
# with the exception of `"subvol=swap"`, the other options are repeated in my other `fileSystem` mounts
options = [ "subvol=swap" ] ++ btrfs_options ++ btrfs_ssd;
};
swapDevices = [
{
device = "/swap/swapfile";
size = (1024 * 16) + (1024 * 2); # RAM size + 2 GB
}
];
}

68
hosts/monolith/partition.nix
View file

@ -1,68 +0,0 @@
let
btrfs_options = [
"compress=zstd:3"
"noatime"
"x-systemd.device-timeout=0"
];
btrfs_ssd = btrfs_options ++ [
"ssd"
"discard=async"
];
in
{
disko.devices = {
disk = {
bigboy_disk = {
type = "disk";
device = "/dev/nvme0n1";
content = {
type = "gpt";
partitions = {
ESP = {
size = "2G";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "defaults" ];
};
};
luks = {
size = "100%";
content = {
type = "luks";
name = "bigboy";
# disable settings.keyFile if you want to use interactive password entry
passwordFile = "/tmp/secret.key"; # Interactive
# settings = {
# allowDiscards = true;
# keyFile = "/tmp/secret.key";
# };
# additionalKeyFiles = [ "/tmp/additionalSecret.key" ];
content = {
type = "btrfs";
extraArgs = [ "-f" ];
subvolumes = {
"/@nixos" = {
mountpoint = "/";
mountOptions = btrfs_ssd;
};
"/@home" = {
mountpoint = "/home";
mountOptions = btrfs_ssd;
};
"/@swap" = {
mountpoint = "/.swapvol";
swap.swapfile.size = "32G";
};
};
};
};
};
};
};
};
};
};
}

0
hosts/pixie/default.nix → hosts/pixie.nix
View file

0
hosts/rainbow/default.nix → hosts/rainbow.nix
View file

63
install/i15.sh Normal file
View file

@ -0,0 +1,63 @@
#!/bin/sh
set -xe
settle() {
udevadm trigger --subsystem-match=block
udevadm settle
}
lsblk
echo 'Enter the name of the device to WIPE and install (something like "sda"):'
read DRIVE_ID
echo 'Enter a passphrase to encrypt the disk:'
read -s DRIVE_PASSPHRASE
echo "Creating partition table..."
parted -s "/dev/${DRIVE_ID}" -- mklabel gpt
echo "Creating EFI system partition..."
parted -s "/dev/${DRIVE_ID}" -- mkpart ESP 1MiB 1GiB
parted -s "/dev/${DRIVE_ID}" -- set 1 boot on
mkfs.fat -F32 "/dev/${DRIVE_ID}1" -n NIX_BOOT
echo "Creating encrypted root partition..."
parted -s "/dev/${DRIVE_ID}" -- mkpart luks 1GiB 100%
echo "$DRIVE_PASSPHRASE" | cryptsetup --batch-mode luksFormat --label CRYPT_ROOT "/dev/${DRIVE_ID}2"
settle
echo "$DRIVE_PASSPHRASE" | cryptsetup luksOpen /dev/disk/by-label/CRYPT_ROOT "crypt_root"
echo "Creating btrfs partition..."
mkfs.btrfs --quiet --label NIX_ROOT /dev/mapper/"crypt_root"
MNTPOINT=$(mktemp -d)
mount /dev/mapper/"crypt_root" "$MNTPOINT"
echo "Creating subvolumes..."
btrfs subvolume create "$MNTPOINT"/@nixos
btrfs subvolume create "$MNTPOINT"/@home
btrfs subvolume create "$MNTPOINT"/@swap
echo "Closing btrfs partition..."
umount -Rl "$MNTPOINT"
rm -rf "$MNTPOINT"
echo "Mounting root btrfs submodule to '$MNTPOINT' ..."
MNTPOINT=$(mktemp -d)
mount /dev/disk/by-label/NIX_ROOT "$MNTPOINT" -o subvol=@nixos,noatime,compress=zstd
echo "Creating and mounting EFI system partition mountpoint..."
mkdir -p "$MNTPOINT/boot"
mount /dev/disk/by-label/NIX_BOOT "$MNTPOINT/boot"
echo "Creating home partition mountpoint..."
mkdir -p "$MNTPOINT/home"
mount /dev/disk/by-label/NIX_ROOT "$MNTPOINT/home" -o subvol=@home,noatime,compress=zstd
echo "Swapfile"
mkdir -p "$MNTPOINT/swap"
mount /dev/disk/by-label/NIX_ROOT "$MNTPOINT/swap" -o subvol=@swap,noatime
# echo "Installing system..."
nixos-generate-config --root "$MNTPOINT"
# nixos-install --root "$MNTPOINT"

10
overlays/default.nix
View file

@ -6,7 +6,6 @@ rec {
new-packages
patches
lib_extended
disko
];
scripts = (import ../scripts);
@ -70,13 +69,4 @@ rec {
};
}
);
disko = final: prev: {
makeDiskoTest =
let
makeTest = import (prev.path + "/nixos/tests/make-test-python.nix");
eval-config = import (prev.path + "/nixos/lib/eval-config.nix");
in
(prev.callPackage "${inputs.disko}/tests/lib.nix" { inherit makeTest eval-config; }).makeDiskoTest;
};
}

1
scripts/auto_connect_gamepad
View file

@ -22,6 +22,5 @@ while true; do
sleep 10s
continue
fi
sleep 1s
try_to_connect_to_all_controllers
done

1
system/users.nix
View file

@ -19,7 +19,6 @@
"bluetooth"
"corectrl"
"vboxusers"
"input"
];
shell = pkgs.fish;
openssh.authorizedKeys.keys = [

4
user/chat.nix
View file

@ -9,14 +9,14 @@
wayland.windowManager.sway = {
extraConfig = ''
exec thunderbird
exec vesktop
exec webcord
exec telegram-desktop
'';
};
home.packages = with pkgs; [
tdesktop
vesktop
webcord
thunderbird
element-desktop-wayland
];