diff --git a/system/spike/boot-config.nix b/system/spike/boot-config.nix index b56e607..df9e045 100644 --- a/system/spike/boot-config.nix +++ b/system/spike/boot-config.nix @@ -1,24 +1,17 @@ -{ config, pkgs, ... }: +{ lib, ... }: { boot = { - kernelPackages = pkgs.linuxPackages_latest; kernelParams = [ "fbcon=rotate:1" ]; kernel.sysctl."vm.swappiness" = 5; tmp.cleanOnBoot = true; - - loader = { - systemd-boot.enable = true; - efi.canTouchEfiVariables = true; - }; - - initrd = { - luks.devices."${config.networking.hostName}" = { - name = config.networking.hostName; - device = "/dev/disk/by-uuid/eb0e5aaf-afa3-43e4-89b3-af4a3f7f0546"; - preLVM = true; - allowDiscards = true; - }; - }; }; + + swapDevices = lib.mkForce [{ + device = "/dev/disk/by-partuuid/ef7cb78c-a07d-45e2-a92a-0f041c42f07a"; + randomEncryption = { + enable = true; + allowDiscards = true; + }; + }]; } diff --git a/system/spike/default.nix b/system/spike/default.nix index 170ec85..1baa1a0 100644 --- a/system/spike/default.nix +++ b/system/spike/default.nix @@ -6,6 +6,7 @@ ./hardware-configuration.nix ../../sets/hacking.nix ../../sets/laptop.nix + ../../sets/secureBoot.nix ../../sets/sshd.nix ../../sets/buildMachines.nix ../../sets/workstation.nix @@ -13,7 +14,7 @@ ]; networking.hostName = "spike"; - system.stateVersion = "22.05"; + system.stateVersion = "23.11"; home-manager.users.artemis.xdg.configFile."rustybar/config.toml".text = '' [[tile]] @@ -40,9 +41,4 @@ scroll_button = "BTN_MIDDLE"; }; }; - - services.btrfs.autoScrub = { - enable = true; - fileSystems = [ "/" ]; - }; } diff --git a/system/spike/hardware-configuration.nix b/system/spike/hardware-configuration.nix index 41bdae2..e9f5116 100644 --- a/system/spike/hardware-configuration.nix +++ b/system/spike/hardware-configuration.nix @@ -7,35 +7,31 @@ imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; boot.initrd.availableKernelModules = - [ "ahci" "xhci_pci" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ]; - boot.initrd.kernelModules = [ "dm-snapshot" ]; + [ "ahci" "xhci_pci" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" "bcache" ]; + boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; fileSystems."/" = { - device = "/dev/disk/by-uuid/ee50d2d7-34ee-4fec-bee8-53ae5f464de2"; - fsType = "btrfs"; - options = [ "subvol=root" ]; - }; - - fileSystems."/home" = { - device = "/dev/disk/by-uuid/ee50d2d7-34ee-4fec-bee8-53ae5f464de2"; - fsType = "btrfs"; - options = [ "subvol=home" ]; - }; - - fileSystems."/nix" = { - device = "/dev/disk/by-uuid/ee50d2d7-34ee-4fec-bee8-53ae5f464de2"; - fsType = "btrfs"; - options = [ "subvol=nix" ]; + device = "/dev/disk/by-uuid/fc77e1d6-5315-4251-90f7-33f74996ffec"; + fsType = "bcachefs"; }; fileSystems."/boot" = { - device = "/dev/disk/by-uuid/B78C-8B71"; + device = "/dev/disk/by-uuid/307A-16D8"; fsType = "vfat"; }; - swapDevices = - [{ device = "/dev/disk/by-uuid/057964ef-4692-4189-98c6-32e7e05565e2"; }]; + swapDevices = [ ]; + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.eno1.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = + lib.mkDefault config.hardware.enableRedistributableFirmware; }