desktop config
This commit is contained in:
parent
51f0016f39
commit
2a8ece32ad
SSH key fingerprint:
SHA256:bB1qbbqmDXZNT0KKD5c2Dfjg53JGhj7B3CFcLIzSqq8
25
hosts/desktop/default.nix
Normal file
25
hosts/desktop/default.nix
Normal file
|
|
@ -0,0 +1,25 @@
|
|||
{lib, config, modulesPath, ...}: {
|
||||
imports = [
|
||||
./disks.nix
|
||||
../../options.nix
|
||||
(modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
has_battery = true;
|
||||
desktop_scale = 1.3;
|
||||
|
||||
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
}
|
||||
82
hosts/desktop/disks.nix
Normal file
82
hosts/desktop/disks.nix
Normal file
|
|
@ -0,0 +1,82 @@
|
|||
{
|
||||
disko.devices = {
|
||||
disk = {
|
||||
root = {
|
||||
type = "disk";
|
||||
device = "/dev/disk/by-id/ata-Verbatim_Vi550_S3_493535014831840";
|
||||
content = {
|
||||
type = "gpt";
|
||||
partitions = {
|
||||
ESP = {
|
||||
label = "boot";
|
||||
name = "ESP";
|
||||
type = "EF00";
|
||||
size = "512M";
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "vfat";
|
||||
mountpoint = "/boot";
|
||||
mountOptions = [ "umask=0077" ];
|
||||
};
|
||||
};
|
||||
|
||||
luks = {
|
||||
size = "100%";
|
||||
label = "luks";
|
||||
content = {
|
||||
type = "luks";
|
||||
name = "cryptroot";
|
||||
extraOpenArgs = [
|
||||
"--allow-discards"
|
||||
"--perf-no_read_workqueue"
|
||||
"--perf-no_write_workqueue"
|
||||
];
|
||||
# https://0pointer.net/blog/unlocking-luks2-volumes-with-tpm2-fido2-pkcs11-security-hardware-on-systemd-248.html
|
||||
settings = {crypttabExtraOpts = ["tpm2-device=auto" "token-timeout=10"];};
|
||||
content = {
|
||||
type = "btrfs";
|
||||
extraArgs = ["-L" "nixos" "-f"];
|
||||
subvolumes = {
|
||||
"@root" = {
|
||||
mountpoint = "/";
|
||||
mountOptions = ["subvol=@root" "compress=zstd" "noatime"];
|
||||
};
|
||||
"@home" = {
|
||||
mountpoint = "/home";
|
||||
mountOptions = ["subvol=@home" "compress=zstd" "noatime"];
|
||||
};
|
||||
"@games" = {
|
||||
mountpoint = "/var/games";
|
||||
mountOptions = ["subvol=@games" "compress=zstd" "noatime"];
|
||||
};
|
||||
"@nix" = {
|
||||
mountpoint = "/nix";
|
||||
mountOptions = ["subvol=@nix" "compress=zstd" "noatime"];
|
||||
};
|
||||
"@persist" = {
|
||||
mountpoint = "/persist";
|
||||
mountOptions = ["subvol=@persist" "compress=zstd" "noatime"];
|
||||
};
|
||||
"@log" = {
|
||||
mountpoint = "/var/log";
|
||||
mountOptions = ["subvol=@log" "compress=zstd" "noatime"];
|
||||
};
|
||||
"@snapshots" = {
|
||||
};
|
||||
"@swap" = {
|
||||
mountpoint = "/swap";
|
||||
swap.swapfile.size = "32G";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
fileSystems."/persist".neededForBoot = true;
|
||||
fileSystems."/var/log".neededForBoot = true;
|
||||
}
|
||||
Loading…
Reference in a new issue