diff --git a/flake.lock b/flake.lock index d51c314..80ca984 100644 --- a/flake.lock +++ b/flake.lock @@ -28,11 +28,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1716561646, - "narHash": "sha256-UIGtLO89RxKt7RF2iEgPikSdU53r6v/6WYB0RW3k89I=", + "lastModified": 1718371084, + "narHash": "sha256-abpBi61mg0g+lFFU0zY4C6oP6fBwPzbHPKBGw676xsA=", "owner": "ryantm", "repo": "agenix", - "rev": "c2fc0762bbe8feb06a2e59a364fa81b3a57671c9", + "rev": "3a56735779db467538fb2e577eda28a9daacaca6", "type": "github" }, "original": { @@ -148,6 +148,26 @@ "type": "github" } }, + "disko": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1718242063, + "narHash": "sha256-n3AWItJ4a94GT0cray/eUV7tt3mulQ52L+lWJN9d1E8=", + "owner": "nix-community", + "repo": "disko", + "rev": "832a9f2c81ff3485404bd63952eadc17bf7ccef2", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "disko", + "type": "github" + } + }, "dzgui-nix": { "inputs": { "nixpkgs": [ @@ -515,11 +535,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1718086528, - "narHash": "sha256-hoB7B7oPgypePz16cKWawPfhVvMSXj4G/qLsfFuhFjw=", + "lastModified": 1718208800, + "narHash": "sha256-US1tAChvPxT52RV8GksWZS415tTS7PV42KTc2PNDBmc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "47b604b07d1e8146d5398b42d3306fdebd343986", + "rev": "cc54fb41d13736e92229c21627ea4f22199fee6b", "type": "github" }, "original": { @@ -565,6 +585,7 @@ "agenix": "agenix", "demoji": "demoji", "dhist": "dhist", + "disko": "disko", "dzgui-nix": "dzgui-nix", "home-manager": "home-manager", "nix-index-database": "nix-index-database", diff --git a/flake.nix b/flake.nix index 8e17499..5a3d537 100644 --- a/flake.nix +++ b/flake.nix @@ -38,6 +38,9 @@ inputs.nixpkgs.follows = "nixpkgs"; }; + disko.url = "github:nix-community/disko"; + disko.inputs.nixpkgs.follows = "nixpkgs"; + # my stuff dhist = { url = "github:lelgenio/dhist"; @@ -96,6 +99,7 @@ inputs.agenix.nixosModules.default inputs.dzgui-nix.nixosModules.default inputs.home-manager.nixosModules.home-manager + inputs.disko.nixosModules.disko { home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; @@ -112,15 +116,18 @@ ++ lib.optional (desktop == "kde") ./system/kde.nix; in { + checks."${system}" = { + disko-format-i15 = pkgs.callPackage ./hosts/i15/partitions-test.nix { }; + }; nixosConfigurations = { i15 = lib.nixosSystem { inherit system specialArgs; - modules = [ ./hosts/i15.nix ] ++ common_modules; + modules = [ ./hosts/i15 ] ++ common_modules; }; monolith = lib.nixosSystem { inherit system specialArgs; modules = [ - ./hosts/monolith.nix + ./hosts/monolith ./system/monolith-gitlab-runner.nix ./system/monolith-forgejo-runner.nix ./system/nix-serve.nix @@ -130,7 +137,7 @@ rainbow = lib.nixosSystem { inherit system specialArgs; modules = [ - ./hosts/rainbow.nix + ./hosts/rainbow ./system/rainbow-gitlab-runner.nix ] ++ common_modules; }; diff --git a/hosts/i15/default.nix b/hosts/i15/default.nix new file mode 100644 index 0000000..ca7c217 --- /dev/null +++ b/hosts/i15/default.nix @@ -0,0 +1,38 @@ +{ + config, + lib, + pkgs, + modulesPath, + ... +}: +{ + networking.hostName = "i15"; # Define your hostname. + + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; + + boot.initrd.availableKernelModules = [ + "xhci_pci" + "ahci" + "usb_storage" + "sd_mod" + "rtsx_usb_sdmmc" + ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + disko.devices = (import ./partitions.nix { disks = [ "/dev/sda" ]; }); + boot.loader.efi.efiSysMountPoint = "/boot/efi"; + + swapDevices = [ + { + device = "/swap/swapfile"; + size = (1024 * 8) + (1024 * 2); # RAM size + 2 GB + } + ]; + + networking.useDHCP = lib.mkDefault true; + + powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/i15/partitions-test.nix b/hosts/i15/partitions-test.nix new file mode 100644 index 0000000..bb2c273 --- /dev/null +++ b/hosts/i15/partitions-test.nix @@ -0,0 +1,19 @@ +{ + config, + lib, + pkgs, + ... +}: +pkgs.makeDiskoTest { + name = "test-disko-i15"; + disko-config = ./partitions.nix; + enableOCR = true; + bootCommands = '' + machine.wait_for_text("[Pp]assphrase for") + machine.send_chars("secretsecret\n") + ''; + extraTestScript = '' + machine.succeed("cryptsetup isLuks /dev/vda2"); + machine.succeed("mountpoint /home"); + ''; +} diff --git a/hosts/i15/partitions.nix b/hosts/i15/partitions.nix new file mode 100644 index 0000000..7b69e0f --- /dev/null +++ b/hosts/i15/partitions.nix @@ -0,0 +1,73 @@ +{ + disks ? [ "/dev/sda" ], + ... +}: +let + btrfs_options = [ + "compress=zstd:3" + "noatime" + ]; +in +{ + disk.sda = { + type = "disk"; + device = builtins.elemAt disks 0; + content = { + type = "table"; + format = "gpt"; + partitions = [ + { + type = "partition"; + name = "NIX_BOOT"; + start = "1MiB"; + end = "300MiB"; + bootable = true; + content = { + type = "filesystem"; + extraArgs = [ + "-n" + "BOOT_I15" + ]; + format = "vfat"; + mountpoint = "/boot"; + # options = [ "defaults" ]; + }; + } + { + type = "partition"; + name = "CRYPT_I15"; + start = "300MiB"; + end = "100%"; + content = { + type = "luks"; + name = "main"; + keyFile = "/tmp/secret.key"; + content = { + type = "btrfs"; + extraArgs = [ + "--label" + "ROOT_I15" + ]; + subvolumes = + let + mountOptions = btrfs_options; + in + { + "/home" = { + inherit mountOptions; + }; + "/nixos" = { + inherit mountOptions; + mountpoint = "/"; + }; + "/swap" = { + inherit mountOptions; + }; + }; + }; + }; + } + ]; + }; + }; +} diff --git a/hosts/monolith.nix b/hosts/monolith/default.nix similarity index 73% rename from hosts/monolith.nix rename to hosts/monolith/default.nix index 262f19a..f375186 100644 --- a/hosts/monolith.nix +++ b/hosts/monolith/default.nix @@ -20,7 +20,10 @@ let ]; in { - imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ./partition.nix + ]; boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" @@ -42,9 +45,6 @@ in boot.kernelParams = [ "amdgpu.dcdebugmask=0x10" # amdgpu undervolting bug "video=DP-1:1920x1080@144" - # hibernation - "resume=LABEL=BTRFS_ROOT" # findmnt -o LABEL --noheadings /swap/ - "resume_offset=36709632" # btrfs inspect-internal map-swapfile -r /swap/swapfile ]; systemd.sleep.extraConfig = '' HibernateDelaySec=30s @@ -74,14 +74,14 @@ in }; }; - fileSystems."/" = { + fileSystems."/mnt/old" = { device = "/dev/disk/by-label/BTRFS_ROOT"; fsType = "btrfs"; - options = [ "subvol=nixos" ] ++ btrfs_options ++ btrfs_ssd; + options = [ "nofail" ] ++ btrfs_options ++ btrfs_ssd; }; # boot.initrd.luks.reusePassphrases = true; boot.initrd.luks.devices = { - "main" = { + "old" = { bypassWorkqueues = true; device = "/dev/disk/by-label/CRYPT_ROOT"; }; @@ -89,21 +89,21 @@ in bypassWorkqueues = true; device = "/dev/disk/by-label/CRYPT_DATA"; }; - "bigboy" = { - bypassWorkqueues = true; - device = "/dev/disk/by-label/CRYPT_BIGBOY"; - }; - }; - boot.loader.efi.efiSysMountPoint = "/boot/efi"; - fileSystems."/boot/efi" = { - device = "/dev/disk/by-label/NIXBOOT"; - fsType = "vfat"; - }; - fileSystems."/home" = { - device = "/dev/disk/by-label/BTRFS_ROOT"; - fsType = "btrfs"; - options = [ "subvol=home" ] ++ btrfs_options ++ btrfs_ssd; + # "bigboy" = { + # bypassWorkqueues = true; + # device = "/dev/disk/by-label/CRYPT_BIGBOY"; + # }; }; + # boot.loader.efi.efiSysMountPoint = "/boot/efi"; + # fileSystems."/boot/efi" = { + # device = "/dev/disk/by-label/NIXBOOT"; + # fsType = "vfat"; + # }; + # fileSystems."/home" = { + # device = "/dev/disk/by-label/BTRFS_ROOT"; + # fsType = "btrfs"; + # options = [ "subvol=home" ] ++ btrfs_options ++ btrfs_ssd; + # }; fileSystems."/home/lelgenio/Games" = { device = "/dev/disk/by-label/BTRFS_DATA"; fsType = "btrfs"; @@ -136,11 +136,11 @@ in "nofail" ] ++ btrfs_options; }; - fileSystems."/home/lelgenio/.local/mount/bigboy" = { - device = "/dev/disk/by-label/BTRFS_BIGBOY"; - fsType = "btrfs"; - options = [ "nofail" ] ++ btrfs_options ++ btrfs_ssd; - }; + # fileSystems."/home/lelgenio/.local/mount/bigboy" = { + # device = "/dev/disk/by-label/BTRFS_BIGBOY"; + # fsType = "btrfs"; + # options = [ "nofail" ] ++ btrfs_options ++ btrfs_ssd; + # }; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's @@ -162,17 +162,17 @@ in ''; # swap - fileSystems."/swap" = { - device = "/dev/disk/by-label/BTRFS_ROOT"; - fsType = "btrfs"; - # Note these options effect the entire BTRFS filesystem and not just this volume, - # with the exception of `"subvol=swap"`, the other options are repeated in my other `fileSystem` mounts - options = [ "subvol=swap" ] ++ btrfs_options ++ btrfs_ssd; - }; - swapDevices = [ - { - device = "/swap/swapfile"; - size = (1024 * 16) + (1024 * 2); # RAM size + 2 GB - } - ]; + # fileSystems."/swap" = { + # device = "/dev/disk/by-label/BTRFS_ROOT"; + # fsType = "btrfs"; + # # Note these options effect the entire BTRFS filesystem and not just this volume, + # # with the exception of `"subvol=swap"`, the other options are repeated in my other `fileSystem` mounts + # options = [ "subvol=swap" ] ++ btrfs_options ++ btrfs_ssd; + # }; + # swapDevices = [ + # { + # device = "/swap/swapfile"; + # size = (1024 * 16) + (1024 * 2); # RAM size + 2 GB + # } + # ]; } diff --git a/hosts/monolith/partition.nix b/hosts/monolith/partition.nix new file mode 100644 index 0000000..d75d814 --- /dev/null +++ b/hosts/monolith/partition.nix @@ -0,0 +1,68 @@ +let + btrfs_options = [ + "compress=zstd:3" + "noatime" + "x-systemd.device-timeout=0" + ]; + btrfs_ssd = btrfs_options ++ [ + "ssd" + "discard=async" + ]; +in +{ + disko.devices = { + disk = { + bigboy_disk = { + type = "disk"; + device = "/dev/nvme0n1"; + content = { + type = "gpt"; + partitions = { + ESP = { + size = "2G"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = [ "defaults" ]; + }; + }; + luks = { + size = "100%"; + content = { + type = "luks"; + name = "bigboy"; + # disable settings.keyFile if you want to use interactive password entry + passwordFile = "/tmp/secret.key"; # Interactive + # settings = { + # allowDiscards = true; + # keyFile = "/tmp/secret.key"; + # }; + # additionalKeyFiles = [ "/tmp/additionalSecret.key" ]; + content = { + type = "btrfs"; + extraArgs = [ "-f" ]; + subvolumes = { + "/@nixos" = { + mountpoint = "/"; + mountOptions = btrfs_ssd; + }; + "/@home" = { + mountpoint = "/home"; + mountOptions = btrfs_ssd; + }; + "/@swap" = { + mountpoint = "/.swapvol"; + swap.swapfile.size = "32G"; + }; + }; + }; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/hosts/pixie.nix b/hosts/pixie/default.nix similarity index 100% rename from hosts/pixie.nix rename to hosts/pixie/default.nix diff --git a/hosts/rainbow.nix b/hosts/rainbow/default.nix similarity index 100% rename from hosts/rainbow.nix rename to hosts/rainbow/default.nix diff --git a/install/i15.sh b/install/i15.sh deleted file mode 100644 index 72a5ac6..0000000 --- a/install/i15.sh +++ /dev/null @@ -1,63 +0,0 @@ -#!/bin/sh - -set -xe - -settle() { - udevadm trigger --subsystem-match=block - udevadm settle -} - -lsblk -echo 'Enter the name of the device to WIPE and install (something like "sda"):' -read DRIVE_ID - -echo 'Enter a passphrase to encrypt the disk:' -read -s DRIVE_PASSPHRASE - -echo "Creating partition table..." -parted -s "/dev/${DRIVE_ID}" -- mklabel gpt - -echo "Creating EFI system partition..." -parted -s "/dev/${DRIVE_ID}" -- mkpart ESP 1MiB 1GiB -parted -s "/dev/${DRIVE_ID}" -- set 1 boot on -mkfs.fat -F32 "/dev/${DRIVE_ID}1" -n NIX_BOOT - -echo "Creating encrypted root partition..." -parted -s "/dev/${DRIVE_ID}" -- mkpart luks 1GiB 100% -echo "$DRIVE_PASSPHRASE" | cryptsetup --batch-mode luksFormat --label CRYPT_ROOT "/dev/${DRIVE_ID}2" -settle -echo "$DRIVE_PASSPHRASE" | cryptsetup luksOpen /dev/disk/by-label/CRYPT_ROOT "crypt_root" - -echo "Creating btrfs partition..." -mkfs.btrfs --quiet --label NIX_ROOT /dev/mapper/"crypt_root" -MNTPOINT=$(mktemp -d) -mount /dev/mapper/"crypt_root" "$MNTPOINT" - -echo "Creating subvolumes..." -btrfs subvolume create "$MNTPOINT"/@nixos -btrfs subvolume create "$MNTPOINT"/@home -btrfs subvolume create "$MNTPOINT"/@swap - -echo "Closing btrfs partition..." -umount -Rl "$MNTPOINT" -rm -rf "$MNTPOINT" - -echo "Mounting root btrfs submodule to '$MNTPOINT' ..." -MNTPOINT=$(mktemp -d) -mount /dev/disk/by-label/NIX_ROOT "$MNTPOINT" -o subvol=@nixos,noatime,compress=zstd - -echo "Creating and mounting EFI system partition mountpoint..." -mkdir -p "$MNTPOINT/boot" -mount /dev/disk/by-label/NIX_BOOT "$MNTPOINT/boot" - -echo "Creating home partition mountpoint..." -mkdir -p "$MNTPOINT/home" -mount /dev/disk/by-label/NIX_ROOT "$MNTPOINT/home" -o subvol=@home,noatime,compress=zstd - -echo "Swapfile" -mkdir -p "$MNTPOINT/swap" -mount /dev/disk/by-label/NIX_ROOT "$MNTPOINT/swap" -o subvol=@swap,noatime - -# echo "Installing system..." -nixos-generate-config --root "$MNTPOINT" -# nixos-install --root "$MNTPOINT" diff --git a/overlays/default.nix b/overlays/default.nix index e83ed4c..d9f41ae 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -6,6 +6,7 @@ rec { new-packages patches lib_extended + disko ]; scripts = (import ../scripts); @@ -69,4 +70,13 @@ rec { }; } ); + + disko = final: prev: { + makeDiskoTest = + let + makeTest = import (prev.path + "/nixos/tests/make-test-python.nix"); + eval-config = import (prev.path + "/nixos/lib/eval-config.nix"); + in + (prev.callPackage "${inputs.disko}/tests/lib.nix" { inherit makeTest eval-config; }).makeDiskoTest; + }; } diff --git a/scripts/auto_connect_gamepad b/scripts/auto_connect_gamepad index 9753966..6ff45b7 100755 --- a/scripts/auto_connect_gamepad +++ b/scripts/auto_connect_gamepad @@ -22,5 +22,6 @@ while true; do sleep 10s continue fi + sleep 1s try_to_connect_to_all_controllers done diff --git a/system/users.nix b/system/users.nix index ead5528..4528a6a 100644 --- a/system/users.nix +++ b/system/users.nix @@ -19,6 +19,7 @@ "bluetooth" "corectrl" "vboxusers" + "input" ]; shell = pkgs.fish; openssh.authorizedKeys.keys = [ diff --git a/user/chat.nix b/user/chat.nix index f0987ed..a68055f 100644 --- a/user/chat.nix +++ b/user/chat.nix @@ -9,14 +9,14 @@ wayland.windowManager.sway = { extraConfig = '' exec thunderbird - exec webcord + exec vesktop exec telegram-desktop ''; }; home.packages = with pkgs; [ tdesktop - webcord + vesktop thunderbird element-desktop-wayland ];