From 90038f172cd3e746ecba7b405adf87109ccb4565 Mon Sep 17 00:00:00 2001 From: Artemis Tosini Date: Sat, 15 Aug 2020 03:06:11 +0000 Subject: [PATCH] Start unifying starlight and rainbowdash config --- configuration.nix | 12 +++--- system/.gitignore | 1 + system/rainbowdash/boot-config.nix | 34 ++++++++++++++++ system/rainbowdash/default.nix | 20 ++++++++++ system/rainbowdash/hardware-configuration.nix | 40 +++++++++++++++++++ system/rainbowdash/secure-boot.nix | 13 ++++++ .../starlight/boot-config.nix | 2 +- .../starlight/hardware-configuration.nix | 0 8 files changed, 114 insertions(+), 8 deletions(-) create mode 100644 system/.gitignore create mode 100644 system/rainbowdash/boot-config.nix create mode 100644 system/rainbowdash/default.nix create mode 100644 system/rainbowdash/hardware-configuration.nix create mode 100644 system/rainbowdash/secure-boot.nix rename boot-config.nix => system/starlight/boot-config.nix (95%) rename hardware-configuration.nix => system/starlight/hardware-configuration.nix (100%) diff --git a/configuration.nix b/configuration.nix index 6f9c490..43d0358 100644 --- a/configuration.nix +++ b/configuration.nix @@ -8,11 +8,9 @@ imports = [ ./private - ./hardware-configuration.nix - ./boot-config.nix + ./system/current ./packages.nix ./fonts.nix - ./ssh.nix ]; nix = { @@ -42,10 +40,11 @@ environment = { variables = { - MOZ_USE_XINPUT2 = "1"; EDITOR = "nvim"; - TERMINAL = "kitty"; + TERMINAL = "alacritty"; + MOZ_USE_XINPUT2 = "1"; _JAVA_AWT_WM_NONREPARENTING = "1"; + GTK_THEME = "Adwaita-dark"; }; enableDebugInfo = true; shellAliases = { @@ -116,7 +115,7 @@ enable = true; extraPortals = with pkgs; [ xdg-desktop-portal-gtk - (callPackage ./externals/packages/xdg-desktop-portal-wlr.nix {}) + xdg-desktop-portal-wlr ]; }; @@ -136,7 +135,6 @@ }; networking = { - hostName = "starlight"; firewall.enable = false; networkmanager = { enable = true; diff --git a/system/.gitignore b/system/.gitignore new file mode 100644 index 0000000..5b9023a --- /dev/null +++ b/system/.gitignore @@ -0,0 +1 @@ +current diff --git a/system/rainbowdash/boot-config.nix b/system/rainbowdash/boot-config.nix new file mode 100644 index 0000000..d6d4bca --- /dev/null +++ b/system/rainbowdash/boot-config.nix @@ -0,0 +1,34 @@ +{ config, pkgs, ... }: + +{ + boot = { + kernelPackages = pkgs.linuxPackages_latest; + kernel.sysctl."vm.swappiness" = 5; + cleanTmpDir = true; + blacklistedKernelModules = [ "psmouse" ]; + + initrd = { + luks.devices."${config.networking.hostName}" = { + name = config.networking.hostName; + device = "/dev/disk/by-uuid/e8a47693-e6d9-4d66-ac8a-13633e606f3d"; + preLVM = true; + allowDiscards = true; + }; + }; + }; + + services.udev.packages = [ + pkgs.android-udev-rules + pkgs.openocd + (pkgs.callPackage ../../externals/rules/adafruit.nix { }) + (pkgs.callPackage ../../externals/rules/fpga.nix { }) + (pkgs.callPackage ../../externals/rules/limesuite.nix { }) + (pkgs.callPackage ../../externals/rules/uhk.nix { }) + ]; + + fileSystems = { + "/home".options = ["noatime"]; + "/boot".options = ["noatime"]; + "/".options = ["noatime"]; + }; +} diff --git a/system/rainbowdash/default.nix b/system/rainbowdash/default.nix new file mode 100644 index 0000000..e452beb --- /dev/null +++ b/system/rainbowdash/default.nix @@ -0,0 +1,20 @@ +{ config, pkgs, ... }: + +{ + imports = [ ./boot-config.nix ./secure-boot.nix ./hardware-configuration.nix ]; + + networking.hostName = "rainbowdash"; + + hardware = { + cpu.intel.updateMicrocode = true; + opengl.extraPackages = with pkgs; [ + intel-media-driver + vaapiIntel + ]; + }; + services = { + tlp.enable = true; + upower.enable = true; + throttled.enable = true; + }; +} diff --git a/system/rainbowdash/hardware-configuration.nix b/system/rainbowdash/hardware-configuration.nix new file mode 100644 index 0000000..3faeccf --- /dev/null +++ b/system/rainbowdash/hardware-configuration.nix @@ -0,0 +1,40 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "sdhci_pci" ]; + boot.initrd.kernelModules = [ "dm-snapshot" ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/mapper/rainbowdash-root"; + fsType = "btrfs"; + options = [ "subvol=root" ]; + }; + + fileSystems."/home" = + { device = "/dev/mapper/rainbowdash-root"; + fsType = "btrfs"; + options = [ "subvol=home" ]; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/642D-02DF"; + fsType = "vfat"; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/289be8e5-6547-41d4-a6ba-309141f9fccd"; } + ]; + + powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; + # High-DPI console + console.font = lib.mkDefault "${pkgs.terminus_font}/share/consolefonts/ter-u28n.psf.gz"; +} diff --git a/system/rainbowdash/secure-boot.nix b/system/rainbowdash/secure-boot.nix new file mode 100644 index 0000000..e668974 --- /dev/null +++ b/system/rainbowdash/secure-boot.nix @@ -0,0 +1,13 @@ +{ config, pkgs, ... }: + +{ + imports = [ ../../externals/systemd-boot-secure ]; + boot = { + loader.systemd-boot-secure = { + enable = true; + signed = true; + signing-key = "/root/secure-boot/db.key"; + signing-certificate = "/root/secure-boot/db.crt"; + }; + }; +} diff --git a/boot-config.nix b/system/starlight/boot-config.nix similarity index 95% rename from boot-config.nix rename to system/starlight/boot-config.nix index 9e939a9..efcc9c4 100644 --- a/boot-config.nix +++ b/system/starlight/boot-config.nix @@ -1,7 +1,7 @@ { config, pkgs, ... }: { - imports = [ ./externals/systemd-boot-secure ]; + imports = [ ../../externals/systemd-boot-secure ]; boot = { kernelPackages = pkgs.linuxPackages_latest; kernel.sysctl."vm.swappiness" = 5; diff --git a/hardware-configuration.nix b/system/starlight/hardware-configuration.nix similarity index 100% rename from hardware-configuration.nix rename to system/starlight/hardware-configuration.nix