diff --git a/common/programs/bash.nix b/common/programs/bash.nix index d00cee6..3c0a28f 100644 --- a/common/programs/bash.nix +++ b/common/programs/bash.nix @@ -259,7 +259,7 @@ function nixre(){ if [ "$1" == "boot" ] then - nix build ~/work/config#nixosConfigurations.c2vi-main.config.system.build.toplevel --impure ''${@:2} + nix build github:c2vi/nixos#nixosConfigurations.c2vi-main.config.system.build.toplevel --impure ''${@:2} sudo ./result/bin/switch-to-configuration boot rm ./result else diff --git a/flake.nix b/flake.nix index e13e857..8e8f1f2 100644 --- a/flake.nix +++ b/flake.nix @@ -43,6 +43,17 @@ specialArgs = { inherit inputs confDir workDir secretsDir persistentDir self; }; modules = [ ./hosts/main.nix + ./hardware/my-hp-laptop.nix + ]; + }; + + "c2vi-hpm" = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + + specialArgs = { inherit inputs confDir workDir secretsDir persistentDir self; }; + modules = [ + ./hosts/main.nix + ./hardware/hpm-laptop.nix ]; }; diff --git a/hardware/hpm-laptop.nix b/hardware/hpm-laptop.nix index e183e14..77023d4 100755 --- a/hardware/hpm-laptop.nix +++ b/hardware/hpm-laptop.nix @@ -23,6 +23,13 @@ fsType = "vfat"; }; + fileSystems."/tmp" = { + fsType = "tmpfs"; + device = "tmpfs"; + options = [ "nosuid" "nodev" "relatime" "size=14G" ]; + }; + + swapDevices = [ { device = "/dev/disk/by-uuid/418bf0d8-e548-45d5-802a-53de72707ebc"; } ]; diff --git a/hardware/my-hp-laptop.nix b/hardware/my-hp-laptop.nix index a802ca2..6b488ba 100644 --- a/hardware/my-hp-laptop.nix +++ b/hardware/my-hp-laptop.nix @@ -4,36 +4,70 @@ { config, lib, pkgs, modulesPath, ... }: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "uas" "sd_mod" "sdhci_pci" ]; - boot.initrd.kernelModules = [ "dm-snapshot" ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; + # Setup keyfile + boot.initrd.secrets = { + "/crypto_keyfile.bin" = null; + }; - fileSystems."/" = - { device = "/dev/disk/by-uuid/356c7b23-71ab-4a01-b700-adbb672bec3e"; - fsType = "btrfs"; - }; + fileSystems."/home/me/work" = { + #label = "work"; + device = "/dev/disk/by-uuid/fd3c6393-b6fd-4065-baf9-5690eb6ebbed"; + fsType = "btrfs"; + neededForBoot = false; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/2588-2509"; + # Use the GRUB 2 boot loader. + boot.loader.grub = { + enable = true; + version = 2; + device = "nodev"; + efiSupport = true; + extraConfig = '' + set timeout=1 + ''; + }; + + boot.loader.efi.canTouchEfiVariables = true; + + boot.initrd.luks.devices = { + root = { + #name = "root"; + device = "/dev/disk/by-uuid/142d2d21-2998-4eb7-9853-ab6554ba061f"; + preLVM = true; + allowDiscards = true; + }; + }; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "uas" "sd_mod" "sdhci_pci" ]; + boot.initrd.kernelModules = [ "dm-snapshot" ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/356c7b23-71ab-4a01-b700-adbb672bec3e"; + fsType = "btrfs"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/2588-2509"; fsType = "vfat"; - }; + }; - swapDevices = [ ]; + swapDevices = [ ]; - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; - # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true; + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/hosts/main.nix b/hosts/main.nix index f737ae2..0a2f02f 100644 --- a/hosts/main.nix +++ b/hosts/main.nix @@ -17,62 +17,20 @@ imports = [ ../mods/battery_monitor.nix ../mods/my-nixpkgs-overlay.nix - ../hardware/my-hp-laptop.nix inputs.home-manager.nixosModules.home-manager + ../users/me/home.nix ]; #home-manager.users.me = import ../users/me/home.nix; - # Setup keyfile - boot.initrd.secrets = { - "/crypto_keyfile.bin" = null; - }; - - fileSystems."/home/me/work" = { - #label = "work"; - device = "/dev/disk/by-uuid/fd3c6393-b6fd-4065-baf9-5690eb6ebbed"; - fsType = "btrfs"; - neededForBoot = false; - }; - - - # Use the GRUB 2 boot loader. - boot.loader.grub = { - enable = true; - version = 2; - device = "nodev"; - efiSupport = true; - extraConfig = '' - set timeout=1 - ''; - }; - boot.loader.efi.canTouchEfiVariables = true; - - boot.initrd.luks.devices = { - root = { - #name = "root"; - device = "/dev/disk/by-uuid/142d2d21-2998-4eb7-9853-ab6554ba061f"; - preLVM = true; - allowDiscards = true; - }; - }; - - ############################# MISC ############################# # misc - nixpkgs.config.permittedInsecurePackages = [ - "electron-24.8.6" - ]; - - fileSystems."/tmp" = { - fsType = "tmpfs"; - device = "tmpfs"; - options = [ "nosuid" "nodev" "relatime" "size=14G" ]; - }; - + nixpkgs.config.permittedInsecurePackages = [ + "electron-24.8.6" + ]; security.polkit.enable = true; networking.firewall.enable = true;